This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
- From: Marcus Meissner <meissner at suse dot de>
- To: Magnus Granberg <zorry at gentoo dot org>, gcc-patches at gcc dot gnu dot org
- Date: Fri, 9 Jan 2015 11:45:49 +0100
- Subject: Re: [PATCH][1-3] New configure options that make the compiler use -fPIE and -pie as default option
- Authentication-results: sourceware.org; auth=none
- References: <4827012 dot p4mTkPPu1h at laptop1 dot gw dot ume dot nu> <yddlhr8lhh0 dot fsf at lokon dot CeBiTec dot Uni-Bielefeld dot DE> <2546517 dot 6r217PbQ20 at laptop1 dot gw dot ume dot nu>
Hi,
can this be added for GCC 5?
It would be interesting for SUSE too.
Ciao, Marcus
On Mon, Nov 10, 2014 at 09:26:39PM +0100, Magnus Granberg wrote:
> fredag 01 augusti 2014 10.52.27 skrev Rainer Orth:
> > Hi Magnus,
> >
> > a couple of comments, mostly nits.
> >
> > > 2014-07-31 Magnus Granberg <zorry@gentoo.org>
> > >
> > > /gcc
> > > * config/gnu-user.h: Define PIE_DRIVER_SELF_SPECS for PIE
> > > as default and GNU_DRIVER_SELF_SPECS.
> > > * config/i386/gnu-user-common.h: Define DRIVER_SELF_SPECS
> > > * configure.ac: Add new option that enable PIE as default.
> > > * configure, config.in: Rebuild.
> > > * Makefile.in: Disable PIE when building the compiler.
> > > * doc/install.texi: Add the new configure option default PIE.
> > > * doc/invoke.texi: Add note for the new configure option default PIE.
> >
> > Many of those entries are mis-formatted. See other examples and the GNU
> > Coding Standards for details. E.g. the first would be
> >
> > * config/gnu-user.h (PIE_DRIVER_SELF_SPECS): Define.
> >
> > In general, you need to mention which macro, variable, manual section
> > you change. Emacs' add-change-log-entry does the basics for you.
> > Besides, you only state what changed, not why.
> >
> > Apart from that, I don't think defining PIE_DRIVER_SELF_SPECS in
> > gnu-user.h is a good idea. This way, every other target supporting the
> > option would have to duplicate that stuff.
> >
> > * testsuite/gcc/default-pie.c: New test for new configure option
> > --enale-default-pie
> >
> > gcc/testsuite has its own ChangeLog file. Typo for --enale-...
> >
> > * testsuite/gcc.dg/other/anon5.C: Add skip test as it fail to link
> > on effective_target default_pie.
> >
> > should be
> >
> > * g++.dg/other/anon5.C: Skip if default_pie.
> >
> > No explanations in ChangeLog entries; they belong into the code.
> > Besides, you had the first dir component wrong. Again, Emacs does this
> > for you.
> >
> > * testsuite/lib/target-supports.exp (check_profiling_available):
> > We can't use profiling on effective target default_pie.
> > (check_effective_target_pie): Add check_effective_target_default_pie.
> >
> > Wrong: should be
> >
> > * lib/target-supports.exp (check_effective_target_default_pie):
> > New proc.
> >
> > The new default_pic effective-target keyword needs to be documented in
> > doc/sourcebuild.texi.
> >
> > --- a/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:07:16.741479728
> +0100
> > +++ b/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:05:07.801479218
> > +0100 @@ -0,0 +1,12 @@
> > +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
> > +/* { dg-require-effective-target default_pie } */
> >
> > Why restrict to Linux, GNU? default_pie should be enough once other
> > targets add this.
> >
> > --- a/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2012-03-14
> > 17:33:37.000000000 +0100 +++
> > b/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2014-07-29
> > 00:55:17.421086416 +0200 @@ -2,6 +2,9 @@
> > /* Skipped on MIPS GNU/Linux target because __PIC__ can be
> > defined for executables as well as shared libraries. */
> > /* { dg-skip-if "" { *-*-darwin* hppa*64*-*-* mips*-*-linux* *-*-mingw* } {
> > "*" } { "" } } */ +/* Skipped on default_pie targets because __PIC__ is
> > + defined for executables. */
> > +/* { dg-skip-if "" { default_pie } { "*" } { "" } } */
> >
> > Emit those default args, they're unnecessary. Also in g++.dg/other/anon5.C.
> >
> > --- a/gcc/testsuite/g++.dg/other/anon5.C 2012-11-10 15:34:42.000000000 +0100
> > +++ b/gcc/testsuite/g++.dg/other/anon5.C 2013-11-09 14:49:52.281390127
> > +0100 @@ -1,5 +1,6 @@
> > // PR c++/34094
> > // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } }
> > +// { dg-skip-if "" { default_pie } { "*" } { "" } }
> >
> > The first arg to dg-skip-if should explain why you're skipping the test.
> >
> > --- a/gcc/testsuite/lib/target-supports.exp 2013-10-01 11:18:30.000000000
> > +0200 +++ b/gcc/testsuite/lib/target-supports.exp 2013-10-25
> > 22:01:46.743388469 +0200 @@ -474,6 +474,11 @@ proc
> > check_profiling_available { test_wh
> > }
> > }
> >
> > + # Profiling don't work with default -fPIE -pie.
> >
> > Grammar: "doesn't work".
> >
> > +# Return 1 if -pie, -fPIE are default enable, 0 otherwise.
> > +
> > +proc check_effective_target_default_pie { } {
> >
> > Hard to understand, perhaps
> >
> > # Return 1 if -pie -fPIE are enabled by default, 0 otherwise.
> >
> > --- a/gcc/doc/invoke.texi 2013-10-03 19:13:50.000000000 +0200
> > +++ b/gcc/doc/invoke.texi 2013-11-17 21:30:02.784220111 +0100
> > @@ -10535,6 +10535,12 @@ For predictable results, you must also s
> > used for compilation (@option{-fpie}, @option{-fPIE},
> > or model suboptions) when you specify this linker option.
> >
> > +NOTE: With configure --enable-default-pie this option is enabled by default
> >
> > With the @option{--enable-default-pie} configure option, ...
> >
> > +for C, C++, ObjC, ObjC++, if none of @option{-fno-PIE}, @option{-fno-pie},
> > +@option{-fPIC}, @option{-fpic}, @option{-fno-PIC}, @option{-fno-pic},
> > +@option{-nostdlib}, @option{-nostartfiles}, @option{-shared},
> > +@option{-nodefaultlibs}, nor @option{static} are found.
> >
> > @option{-static}.
> >
> > Rainer
> Thanks Rainer for the nits and comments.
> Have updated the patches and Changelogs.
> But i still use PIE_DRIVER_SELF_SPECS, do you have a ide where move it so
> i don't need to duplicate that stuff or how to do it?
>
> Magnus G
>
> 2014-11-10 Magnus Granberg <zorry@gentoo.org>
>
> /gcc
> * config/gnu-user.h (PIE_DRIVER_SELF_SPECS) and
> (GNU_DRIVER_SELF_SPECS): Define.
> * config/i386/gnu-user-common.h (DRIVER_SELF_SPECS): Define
> * configure.ac: Add new option.
> * configure, config.in: Rebuild.
> * Makefile.in (ALL_CFLAGS) and (ALL_CXXFLAGS): Disable PIE.
> * doc/install.texi: New configure option.
> * doc/invoke.texi: Add note to PIE.
> * doc/sourcebuild.texi: New effective target.
> gcc/testsuite
> * gcc/default-pie.c: New test
> * gcc.dg/tree-ssa/ssa-store-ccp-3.c: Skip if default_pie
> * g++.dg/other/anon5.C: Skip if default_pie
> * lib/target-supports.exp (check_effective_target_default_pie):
> New proc.
> /libgcc
> * Makefile.in (CRTSTUFF_CFLAGS): Disable PIE.
> --- a/gcc/doc/install.texi 2013-10-01 19:29:40.000000000 +0200
> +++ b/gcc/doc/install.texi 2013-11-17 16:13:20.474144921 +0100
> @@ -1455,6 +1455,10 @@ do a @samp{make -C gcc gnatlib_and_tools
> Specify that the run-time libraries for stack smashing protection
> should not be built.
>
> +@item --enable-default-pie
> +Turn on @option{-fPIE} and @option{-pie} by default if supported.
> +Currently supported targets are i?86-*-linux* and x86-64-*-linux*.
> +
> @item --disable-libquadmath
> Specify that the GCC quad-precision math library should not be built.
> On some systems, the library is required to be linkable when building
> --- a/gcc/doc/invoke.texi 2013-10-03 19:13:50.000000000 +0200
> +++ b/gcc/doc/invoke.texi 2013-11-17 21:30:02.784220111 +0100
> @@ -10535,6 +10535,13 @@ For predictable results, you must also s
> used for compilation (@option{-fpie}, @option{-fPIE},
> or model suboptions) when you specify this linker option.
>
> +@emph{Note}: With the @option{--enable-default-pie} configure option, this
> +options is enabled by default for C, C++, ObjC, ObjC++, if none of
> +@option{-fno-PIE}, @option{-fno-pie}, @option{-fPIC}, @option{-fpic},
> +@option{-fno-PIC}, @option{-fno-pic}, @option{-nostdlib},
> +@option{-nostartfiles}, @option{-shared}, @option{-nodefaultlibs},
> +nor @option{-static} are found.
> +
> @item -rdynamic
> @opindex rdynamic
> Pass the flag @option{-export-dynamic} to the ELF linker, on targets
> @@ -22476,6 +22476,13 @@ used during linking.
> @code{__pie__} and @code{__PIE__}. The macros have the value 1
> for @option{-fpie} and 2 for @option{-fPIE}.
>
> +@emph{Note}: With the @option{--enable-default-pie} configure option, this
> +options is enabled by default for C, C++, ObjC, ObjC++, if none of
> +@option{-fno-PIE}, @option{-fno-pie}, @option{-fPIC}, @option{-fpic},
> +@option{-fno-PIC}, @option{-fno-pic}, @option{-nostdlib},
> +@option{-nostartfiles}, @option{-shared}, @option{-nodefaultlibs},
> +nor @option{-static} are found.
> +
> @item -fno-jump-tables
> @opindex fno-jump-tables
> Do not use jump tables for switch statements even where it would be
> --- a/gcc/doc/sourcebuild.texi 2014-08-20 17:56:45.000000000 +0200
> +++ b/gcc/doc/sourcebuild.texi 2014-11-09 23:43:06.254817553 +0100
> @@ -1881,6 +1881,9 @@ Target supports @option{-mpe-aligned-com
> @item pie
> Target supports @option{-pie}, @option{-fpie} and @option{-fPIE}.
>
> +@item default_pie
> +Target enable @option{-pie}, and @option{-fPIE} as default.
> +
> @item section_anchors
> Target supports section anchors.
>
> --- a/gcc/config/gnu-user.h 2013-08-20 10:31:40.000000000 +0200
> +++ b/gcc/config/gnu-user.h 2013-10-23 22:01:42.337238981 +0200
> @@ -126,3 +126,17 @@ see the files COPYING3 and COPYING.RUNTI
> LD_STATIC_OPTION " --whole-archive -ltsan --no-whole-archive " \
> LD_DYNAMIC_OPTION "}}%{!static-libtsan:-ltsan}"
> #endif
> +
> +/* We use this to make the compiler use -fPIE as default and link
> + with -pie. */
> +#ifdef ENABLE_DEFAULT_PIE
> +#define PIE_DRIVER_SELF_SPECS \
> +"%{pie|fpic|fPIC|fpie|fPIE|fno-pic|fno-PIC|fno-pie|fno-PIE| \
> + shared|static|nostdlib|nodefaultlibs|nostartfiles:;:-fPIE -pie}"
> +#else
> +#define PIE_DRIVER_SELF_SPECS ""
> +#endif
> +
> +#ifndef GNU_DRIVER_SELF_SPECS
> +#define GNU_DRIVER_SELF_SPECS PIE_DRIVER_SELF_SPECS
> +#endif
> --- a/gcc/config/i386/gnu-user-common.h 2013-01-10 21:38:27.000000000 +0100
> +++ b/gcc/config/i386/gnu-user-common.h 2013-10-23 17:37:45.432767049 +0200
> @@ -70,3 +70,8 @@ along with GCC; see the file COPYING3.
>
> /* Static stack checking is supported by means of probes. */
> #define STACK_CHECK_STATIC_BUILTIN 1
> +
> +/* Use GNU_DRIVER_SELF_SPECS. */
> +#ifndef DRIVER_SELF_SPECS
> +#define DRIVER_SELF_SPECS GNU_DRIVER_SELF_SPECS
> +#endif
> --- a/gcc/configure.ac 2014-04-28 16:01:40.000000000 +0200
> +++ b/gcc/configure.ac 2014-05-08 02:42:30.900883247 +0200
> @@ -5671,6 +5671,36 @@ if test x"${LINKER_HASH_STYLE}" != x; th
> [The linker hash style])
> fi
>
> +# Check whether --enable-default-pie was given and target have the support.
> +AC_ARG_ENABLE(default-pie,
> +[AS_HELP_STRING([--enable-default-pie],
> + [enable Position Independent Executable as default])],
> +enable_default_pie=$enableval,
> +enable_default_pie=no)
> +if test x$enable_default_pie = xyes; then
> + AC_MSG_CHECKING(if $target supports default PIE)
> + enable_default_pie=no
> + case $target in
> + i?86*-*-linux* | x86_64*-*-linux*)
> + saved_LDFLAGS="$LDFLAGS"
> + saved_CFLAGS="$CFLAGS"
> + CFLAGS="$CFLAGS -fPIE"
> + LDFLAGS="$LDFLAGS -fPIE -pie"
> + AC_TRY_LINK(,,[enable_default_pie=yes],)
> + LDFLAGS="$saved_LDFLAGS"
> + CFLAGS="$saved_CFLAGS"
> + ;;
> + *)
> + ;;
> + esac
> + AC_MSG_RESULT($enable_default_pie)
> +fi
> +if test x$enable_default_pie == xyes ; then
> + AC_DEFINE(ENABLE_DEFAULT_PIE, 1,
> + [Define if your target supports default PIE and it is enabled.])
> +fi
> +AC_SUBST([enable_default_pie])
> +
> # Configure the subdirectories
> # AC_CONFIG_SUBDIRS($subdirs)
>
> --- a/gcc/Makefile.in 2013-10-02 21:52:27.000000000 +0200
> +++ b/gcc/Makefile.in 2013-10-24 17:46:22.055357122 +0200
> @@ -968,14 +968,23 @@ CONTEXT_H = context.h
> # cross compiler which does not use the native headers and libraries.
> INTERNAL_CFLAGS = -DIN_GCC $(PICFLAG) @CROSS@
>
> +# We don't want to compile the compiler with -fPIE, it make PCH fail.
> +enable_default_pie = @enable_default_pie@
> +ifeq ($(enable_default_pie),yes)
> +NOPIE_CFLAGS = -fno-PIE
> +else
> +NOPIE_CFLAGS=
> +endif
> +
> # This is the variable actually used when we compile. If you change this,
> # you probably want to update BUILD_CFLAGS in configure.ac
> -ALL_CFLAGS = $(T_CFLAGS) $(CFLAGS-$@) \
> +ALL_CFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) \
> $(CFLAGS) $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(WARN_CFLAGS) @DEFS@
>
> # The C++ version.
> -ALL_CXXFLAGS = $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) $(INTERNAL_CFLAGS) \
> - $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) $(WARN_CXXFLAGS) @DEFS@
> +ALL_CXXFLAGS = $(NOPIE_CFLAGS) $(T_CFLAGS) $(CFLAGS-$@) $(CXXFLAGS) \
> + $(INTERNAL_CFLAGS) $(COVERAGE_FLAGS) $(NOEXCEPTION_FLAGS) \
> + $(WARN_CXXFLAGS) @DEFS@
>
> # Likewise. Put INCLUDES at the beginning: this way, if some autoconf macro
> # puts -I options in CPPFLAGS, our include files in the srcdir will always
> @@ -1831,6 +1831,7 @@ libgcc.mvars: config.status Makefile spe
> echo GCC_CFLAGS = '$(GCC_CFLAGS)' >> tmp-libgcc.mvars
> echo INHIBIT_LIBC_CFLAGS = '$(INHIBIT_LIBC_CFLAGS)' >> tmp-libgcc.mvars
> echo TARGET_SYSTEM_ROOT = '$(TARGET_SYSTEM_ROOT)' >> tmp-libgcc.mvars
> + echo enable_default_pie = '$(enable_default_pie)' >> tmp-libgcc.mvars
>
> mv tmp-libgcc.mvars libgcc.mvars
>
> @@ -3536,6 +3536,9 @@ site.exp: ./config.status Makefile
> @if test "@enable_lto@" = "yes" ; then \
> echo "set ENABLE_LTO 1" >> ./site.tmp; \
> fi
> + @if test "@enable_default_pie@" = "yes" ; then \
> + echo "set ENABLE_DEFAULT_PIE 1" >> ./site.tmp; \
> + fi
> # If newlib has been configured, we need to pass -B to gcc so it can find
> # newlib's crt0.o if it exists. This will cause a "path prefix not used"
> # message if it doesn't, but the testsuite is supposed to ignore the message -
> --- a/libgcc/Makefile.in 2014-10-30 18:28:30.000000000 +0100
> +++ b/libgcc/Makefile.in 2014-11-08 20:37:04.462496763 +0100
> @@ -281,11 +281,19 @@ override CFLAGS := $(filter-out -fprofil
> INTERNAL_CFLAGS = $(CFLAGS) $(LIBGCC2_CFLAGS) $(HOST_LIBGCC2_CFLAGS) \
> $(INCLUDES) @set_have_cc_tls@ @set_use_emutls@
>
> +#Don't use -fPIE when compiling crtbegin/end.
> +ifeq ($(enable_default_pie),yes)
> +NOPIE_CFLAGS = -fno-PIE
> +else
> +NOPIE_CFLAGS=
> +endif
> +
> # Options to use when compiling crtbegin/end.
> CRTSTUFF_CFLAGS = -O2 $(GCC_CFLAGS) $(INCLUDES) $(MULTILIB_CFLAGS) -g0 \
> -finhibit-size-directive -fno-inline -fno-exceptions \
> -fno-zero-initialized-in-bss -fno-toplevel-reorder -fno-tree-vectorize \
> -fbuilding-libgcc -fno-stack-protector $(FORCE_EXPLICIT_EH_REGISTRY) \
> + $(NOPIE_CFLAGS) \
> $(INHIBIT_LIBC_CFLAGS)
>
> # Extra flags to use when compiling crt{begin,end}.o.
> --- a/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:07:16.741479728 +0100
> +++ b/gcc/testsuite/gcc.dg/default-pie.c 2013-11-09 21:05:07.801479218 +0100
> @@ -0,0 +1,11 @@
> +/* { dg-require-effective-target default_pie } */
> +/* { dg-options "-O2" } */
> +int foo (void);
> +
> +int
> +main (void)
> +{
> + return foo ();
> +}
> +
> +/* { dg-final { scan-assembler "foo@PLT" } } */
> --- a/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2012-03-14 17:33:37.000000000 +0100
> +++ b/gcc/testsuite/gcc.dg/tree-ssa/ssa-store-ccp-3.c 2014-07-29 00:55:17.421086416 +0200
> @@ -2,6 +2,7 @@
> /* Skipped on MIPS GNU/Linux target because __PIC__ can be
> defined for executables as well as shared libraries. */
> /* { dg-skip-if "" { *-*-darwin* hppa*64*-*-* mips*-*-linux* *-*-mingw* } { "*" } { "" } } */
> +/* { dg-skip-if "" { default_pie } { "*" } { "" } } */
> /* { dg-options "-O2 -fno-common -fdump-tree-optimized" } */
>
> const int conststaticvariable;
> --- a/gcc/testsuite/g++.dg/other/anon5.C 2012-11-10 15:34:42.000000000 +0100
> +++ b/gcc/testsuite/g++.dg/other/anon5.C 2013-11-09 14:49:52.281390127 +0100
> @@ -1,5 +1,6 @@
> // PR c++/34094
> // { dg-do link { target { ! { *-*-darwin* *-*-hpux* *-*-solaris2.* } } } }
> +// { dg-skip-if "" { default_pie } { "*" } { "" } }
> // { dg-options "-g" }
> // Ignore additional message on powerpc-ibm-aix
> // { dg-prune-output "obtain more information" } */
> --- a/gcc/testsuite/lib/target-supports.exp 2013-10-01 11:18:30.000000000 +0200
> +++ b/gcc/testsuite/lib/target-supports.exp 2013-10-25 22:01:46.743388469 +0200
> @@ -474,6 +474,11 @@ proc check_profiling_available { test_wh
> }
> }
>
> + # Profiling doesn't work with default -fPIE -pie.
> + if { [check_effective_target_default_pie] } {
> + return 0
> + }
> +
> # Support for -p on solaris2 relies on mcrt1.o which comes with the
> # vendor compiler. We cannot reliably predict the directory where the
> # vendor compiler (and thus mcrt1.o) is installed so we can't
> @@ -856,6 +856,14 @@ proc check_effective_target_pie { } {
> return 0
> }
>
> +# Return 1 if -pie, -fPIE are enable by default, 0 otherwise.
> +
> +proc check_effective_target_default_pie { } {
> + global ENABLE_DEFAULT_PIE
> + return [info exists ENABLE_DEFAULT_PIE]
> + return 0
> +}
> +
> # Return true if the target supports -mpaired-single (as used on MIPS).
>
> proc check_effective_target_mpaired_single { } {