* common.opt (fstack-protector): Initialize to -1.
(fstack-protector-all): Likewise.
(fstack-protector-strong): Likewise.
(fstack-protector-explicit): Likewise.
* configure.ac: Add --enable-default-ssp.
* defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong.
* opts.c (finish_options): Update opts->x_flag_stack_protect if it is
-1.
* doc/install.texi: Document --enable-default-ssp.
* config.in: Regenerated.
* configure: Likewise.
* lib/target-supports.exp
(check_effective_target_fstack_protector_enabled): New test.
* gcc.target/i386/ssp-default.c: New test.
From-SVN: r227017
+2015-08-19 Magnus Granberg <zorry@gentoo.org>
+
+ * common.opt (fstack-protector): Initialize to -1.
+ (fstack-protector-all): Likewise.
+ (fstack-protector-strong): Likewise.
+ (fstack-protector-explicit): Likewise.
+ * configure.ac: Add --enable-default-ssp.
+ * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong.
+ * opts.c (finish_options): Update opts->x_flag_stack_protect if it is
+ -1.
+ * doc/install.texi: Document --enable-default-ssp.
+ * config.in: Regenerated.
+ * configure: Likewise.
+
2015-08-19 Alexandre Oliva <aoliva@redhat.com>
PR rtl-optimization/64164
-fstack-limit-symbol=<name> Trap if the stack goes past symbol <name>
fstack-protector
-Common Report Var(flag_stack_protect, 1)
+Common Report Var(flag_stack_protect, 1) Init(-1)
Use propolice as a stack protection method
fstack-protector-all
-Common Report RejectNegative Var(flag_stack_protect, 2)
+Common Report RejectNegative Var(flag_stack_protect, 2) Init(-1)
Use a stack protection method for every function
fstack-protector-strong
-Common Report RejectNegative Var(flag_stack_protect, 3)
+Common Report RejectNegative Var(flag_stack_protect, 3) Init(-1)
Use a smart stack protection method for certain functions
fstack-protector-explicit
#endif
+/* Define if your target supports default stack protector and it is enabled.
+ */
+#ifndef USED_FOR_TARGET
+#undef ENABLE_DEFAULT_SSP
+#endif
+
+
/* Define if you want more run-time sanity checks for dataflow. */
#ifndef USED_FOR_TARGET
#undef ENABLE_DF_CHECKING
zlibinc
zlibdir
HOST_LIBS
+enable_default_ssp
libgcc_visibility
gcc_cv_readelf
gcc_cv_objdump
with_glibc_version
enable_gnu_unique_object
enable_linker_build_id
+enable_default_ssp
with_long_double_128
with_gc
with_system_zlib
extension on glibc systems
--enable-linker-build-id
compiler will always pass --build-id to linker
+ --enable-default-ssp enable Stack Smashing Protection as default
--enable-maintainer-mode
enable make rules and dependencies not useful (and
sometimes confusing) to the casual installer
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 18344 "configure"
+#line 18347 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 18450 "configure"
+#line 18453 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
fi
+# Check whether --enable-default-ssp was given.
+# Check whether --enable-default-ssp was given.
+if test "${enable_default_ssp+set}" = set; then :
+ enableval=$enable_default_ssp;
+if test x$gcc_cv_libc_provides_ssp = xyes; then
+ case "$target" in
+ ia64*-*-*) enable_default_ssp=no ;;
+ *) enable_default_ssp=$enableval ;;
+ esac
+else
+ enable_default_ssp=no
+fi
+else
+ enable_default_ssp=no
+fi
+
+if test x$enable_default_ssp == xyes ; then
+
+$as_echo "#define ENABLE_DEFAULT_SSP 1" >>confdefs.h
+
+fi
+
+
# Test for <sys/sdt.h> on the target.
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking sys/sdt.h in the target C library" >&5
[Define if your target C library provides stack protector support])
fi
+# Check whether --enable-default-ssp was given.
+AC_ARG_ENABLE(default-ssp,
+[AS_HELP_STRING([--enable-default-ssp],
+ [enable Stack Smashing Protection as default])],[
+if test x$gcc_cv_libc_provides_ssp = xyes; then
+ case "$target" in
+ ia64*-*-*) enable_default_ssp=no ;;
+ *) enable_default_ssp=$enableval ;;
+ esac
+else
+ enable_default_ssp=no
+fi],
+enable_default_ssp=no)
+if test x$enable_default_ssp == xyes ; then
+ AC_DEFINE(ENABLE_DEFAULT_SSP, 1,
+ [Define if your target supports default stack protector and it is enabled.])
+fi
+AC_SUBST([enable_default_ssp])
+
# Test for <sys/sdt.h> on the target.
GCC_TARGET_TEMPLATE([HAVE_SYS_SDT_H])
AC_MSG_CHECKING(sys/sdt.h in the target C library)
#define STACK_SIZE_MODE word_mode
#endif
+/* Default value for flag_stack_protect when flag_stack_protect is initialized to -1:
+ --enable-default-ssp: Default flag_stack_protect to -fstack-protector-strong.
+ --disable-default-ssp: Default flag_stack_protect to 0.
+ */
+#ifdef ENABLE_DEFAULT_SSP
+# ifndef DEFAULT_FLAG_SSP
+# define DEFAULT_FLAG_SSP 3
+# endif
+#else
+# define DEFAULT_FLAG_SSP 0
+#endif
+
/* Provide default values for the macros controlling stack checking. */
/* The default is neither full builtin stack checking... */
See ``RS/6000 and PowerPC Options'' in the main manual
@end ifhtml
+@item --enable-default-ssp
+Turn on @option{-fstack-protector-strong} by default.
+
@item --enable-cld
This option enables @option{-mcld} by default for 32-bit x86 targets.
@ifnothtml
opts->x_flag_opts_finished = true;
}
+ /* We initialize opts->x_flag_stack_protect to -1 so that targets
+ can set a default value. */
+ if (opts->x_flag_stack_protect == -1)
+ opts->x_flag_stack_protect = DEFAULT_FLAG_SSP;
+
if (opts->x_optimize == 0)
{
/* Inlining does not work if not optimizing,
+2015-08-19 Magnus Granberg <zorry@gentoo.org>
+
+ * lib/target-supports.exp
+ (check_effective_target_fstack_protector_enabled): New test.
+ * gcc.target/i386/ssp-default.c: New test.
+
2015-08-19 Mikael Morin <mikael@gcc.gnu.org>
PR fortran/66929
--- /dev/null
+/* { dg-do run { target native } } */
+/* { dg-require-effective-target fstack_protector_enabled } */
+
+#include <stdlib.h>
+
+void
+__stack_chk_fail (void)
+{
+ exit (0); /* pass */
+}
+
+int main ()
+{
+ int i;
+ char foo[255];
+
+ /* smash stack */
+ for (i = 0; i <= 400; i++)
+ foo[i] = 42;
+
+ return 1; /* fail */
+}
}]
}
+# Return 1 if the target generates -fstack-protector by default.
+
+proc check_effective_target_fstack_protector_enabled {} {
+ return [ check_no_compiler_messages fstack_protector_enabled assembly {
+ #if !defined(__SSP__) && !defined(__SSP_ALL__) && \
+ !defined(__SSP_STRONG__) && !defined(__SSP_EXPICIT__)
+ #error unsupported
+ #endif
+ }]
+}
+
# Return 1 if the target does not use a status wrapper.
proc check_effective_target_unwrapped { } {
projects / gcc.git / commitdiff