This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[PATCH, rs6000] Pass --secure-plt to the linker
- From: Szabolcs Nagy <szabolcs dot nagy at arm dot com>
- To: "gcc-patches at gcc dot gnu dot org" <gcc-patches at gcc dot gnu dot org>
- Cc: David Edelsohn <dje dot gcc at gmail dot com>, gregor dot richards at uwaterloo dot ca, Rich Felker <dalias at libc dot org>
- Date: Thu, 15 Oct 2015 18:50:50 +0100
- Subject: [PATCH, rs6000] Pass --secure-plt to the linker
- Authentication-results: sourceware.org; auth=none
A powerpc toolchain built with (or without) --enable-secureplt
currently creates a binary that uses bss plt if
(1) any of the linked PIC objects have bss plt relocs
(2) or all the linked objects are non-PIC or have no relocs,
because this is the binutils linker behaviour.
This patch passes --secure-plt to the linker which makes the linker
warn in case (1) and produce a binary with secure plt in case (2).
Without passing --secure-plt, case (2) can happen to the main executable.
Currently glibc avoids this because there is always PIC code linked
in (elf/elf-init.oS through libc_nonshared.a), but e.g. with musl libc
the linker heuristic fails to produce secure plt in the main executable.
Shared objects have PIC code linked in from the compiler start code,
but with -nostartfiles one can create a shared object that is not secure
(has writable, executable section).
Visible changes:
* linking non-secureplt code with secureplt gcc will emit warnings
at link time (e.g. linking a main executable with non-secureplt
glibc).
* if binutils is old (<2.18 i think) then --secure-plt is unrecognised
(causing a link error).
If these are undesirable then the flag can be made conditional
on musl libc. The patch is split out from the musl support patch:
https://gcc.gnu.org/ml/gcc-patches/2015-04/msg01640.html
gcc/ChangeLog:
2015-10-15 Gregor Richards <gregor.richards@uwaterloo.ca>
Szabolcs Nagy <szabolcs.nagy@arm.com>
* config/rs6000/secureplt.h (LINK_SECURE_PLT_DEFAULT_SPEC): Define.
* config/rs6000/sysv4.h (LINK_SECURE_PLT_DEFAULT_SPEC): Define.
(LINK_SPEC): Add %(link_secure_plt_default).
(SUBTARGET_EXTRA_SPECS): Add "link_secure_plt_default".
diff --git a/gcc/config/rs6000/secureplt.h b/gcc/config/rs6000/secureplt.h
index b463463..77edf2a 100644
--- a/gcc/config/rs6000/secureplt.h
+++ b/gcc/config/rs6000/secureplt.h
@@ -18,3 +18,4 @@ along with GCC; see the file COPYING3. If not see
<http://www.gnu.org/licenses/>. */
#define CC1_SECURE_PLT_DEFAULT_SPEC "-msecure-plt"
+#define LINK_SECURE_PLT_DEFAULT_SPEC "--secure-plt"
diff --git a/gcc/config/rs6000/sysv4.h b/gcc/config/rs6000/sysv4.h
index 7b2f9bd..c77bf5c 100644
--- a/gcc/config/rs6000/sysv4.h
+++ b/gcc/config/rs6000/sysv4.h
@@ -537,6 +537,9 @@ ENDIAN_SELECT(" -mbig", " -mlittle", DEFAULT_ASM_ENDIAN)
#ifndef CC1_SECURE_PLT_DEFAULT_SPEC
#define CC1_SECURE_PLT_DEFAULT_SPEC ""
#endif
+#ifndef LINK_SECURE_PLT_DEFAULT_SPEC
+#define LINK_SECURE_PLT_DEFAULT_SPEC ""
+#endif
/* Pass -G xxx to the compiler. */
#undef CC1_SPEC
@@ -574,6 +577,7 @@ ENDIAN_SELECT(" -mbig", " -mlittle", DEFAULT_ASM_ENDIAN)
%{R*} \
%(link_shlib) \
%{!T*: %(link_start) } \
+%{!static: %(link_secure_plt_default)} \
%(link_os)"
/* Shared libraries are not default. */
@@ -889,6 +893,7 @@ ncrtn.o%s"
{ "link_os_openbsd", LINK_OS_OPENBSD_SPEC }, \
{ "link_os_default", LINK_OS_DEFAULT_SPEC }, \
{ "cc1_secure_plt_default", CC1_SECURE_PLT_DEFAULT_SPEC }, \
+ { "link_secure_plt_default", LINK_SECURE_PLT_DEFAULT_SPEC }, \
{ "cpp_os_ads", CPP_OS_ADS_SPEC }, \
{ "cpp_os_yellowknife", CPP_OS_YELLOWKNIFE_SPEC }, \
{ "cpp_os_mvme", CPP_OS_MVME_SPEC }, \