Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch
diff options
context:
space:
mode:
Diffstat (limited to '15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch')
-rw-r--r--15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch65
1 files changed, 65 insertions, 0 deletions
diff --git a/15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch b/15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch
new file mode 100644
index 0000000..b13215d
--- /dev/null
+++ b/15.0.0/gentoo/24_all_DEF_GENTOO_SCP-fstack-clash-protection.patch
@@ -0,0 +1,65 @@
+We add -fstack-clash-protection if requested
+
+--- a/gcc/common.opt
++++ b/gcc/common.opt
+@@ -2698,7 +2698,7 @@ Common Alias(fstack-check=, specific, no
+ Insert stack checking code into the program. Same as -fstack-check=specific.
+
+ fstack-clash-protection
+-Common Var(flag_stack_clash_protection) Optimization
++Common Var(flag_stack_clash_protection) Optimization Init(-1)
+ Insert code to probe each page of stack space as it is allocated to protect
+ from stack-clash style attacks.
+
+--- a/gcc/defaults.h
++++ b/gcc/defaults.h
+@@ -1425,6 +1425,15 @@ see the files COPYING3 and COPYING.RUNTI
+ #define STACK_CHECK_MAX_VAR_SIZE (STACK_CHECK_MAX_FRAME_SIZE / 100)
+ #endif
+
++/* Default value for flag_clash_protector when flag_clash_protector is
++ initialized to -1. */
++#ifdef DEF_GENTOO_SCP
++#define DEFAULT_FLAG_SCP 1
++#endif
++#ifndef DEFAULT_FLAG_SCP
++#define DEFAULT_FLAG_SCP 0
++#endif
++
+ /* By default, the C++ compiler will use function addresses in the
+ vtable entries. Setting this nonzero tells the compiler to use
+ function descriptors instead. The value of this macro says how
+--- a/gcc/toplev.cc
++++ b/gcc/toplev.cc
+@@ -1610,6 +1610,10 @@ process_options (void)
+
+ /* -fstack-clash-protection is not currently supported on targets
+ where the stack grows up. */
++ if (flag_stack_clash_protection == -1)
++ {
++ flag_stack_clash_protection = DEFAULT_FLAG_SCP;
++ }
+ if (flag_stack_clash_protection && !STACK_GROWS_DOWNWARD)
+ {
+ warning_at (UNKNOWN_LOCATION, 0,
+
+--- a/libgcc/Makefile.in
++++ b/libgcc/Makefile.in
+@@ -246,7 +246,7 @@ endif
+ LIBGCC2_DEBUG_CFLAGS = -g
+ LIBGCC2_CFLAGS = -O2 $(LIBGCC2_INCLUDES) $(GCC_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
+ $(LIBGCC2_DEBUG_CFLAGS) -DIN_LIBGCC2 \
+- -fbuilding-libgcc -fno-stack-protector \
++ -fbuilding-libgcc -fno-stack-protector -fno-stack-clash-protection \
+ $(INHIBIT_LIBC_CFLAGS)
+
+ # Additional options to use when compiling libgcc2.a.
+@@ -302,7 +302,7 @@ INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CF
+ $(NO_PIE_CFLAGS) -finhibit-size-directive -fno-inline -fno-exceptions \
+ -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
+ -fbuilding-libgcc -fno-stack-protector $(FORCE_EXPLICIT_EH_REGISTRY) \
+- $(INHIBIT_LIBC_CFLAGS) $(USE_TM_CLONE_REGISTRY)
++ -fno-stack-clash-protection $(INHIBIT_LIBC_CFLAGS) $(USE_TM_CLONE_REGISTRY)
+
+ # Extra flags to use when compiling crt{begin,end}.o.
+ CRTSTUFF_T_CFLAGS =