From b4fed89078efeb11da212091421a9f4718f625cc Mon Sep 17 00:00:00 2001 From: "H.J. Lu" Date: Tue, 12 Sep 2017 16:30:28 +0000 Subject: [PATCH] Add -static-pie to GCC driver to create static PIE This patch adds -static-pie to GCC driver to create static PIE. A static position independent executable (PIE) is similar to static executable, but can be loaded at any address without a dynamic linker. All linker input files must be compiled with -fpie or -fPIE and linker must support --no-dynamic-linker to avoid linking with dynamic linker. "-z text" is also needed to prevent dynamic relocations in read-only segments. PR driver/81498 * common.opt (-static-pie): New alias. (shared): Negate static-pie. (-no-pie): Update help text. (-pie): Likewise. (static-pie): New option. * config/gnu-user.h (GNU_USER_TARGET_STARTFILE_SPEC): Add -static-pie support. (GNU_USER_TARGET_ENDFILE_SPEC): Likewise. (LINK_EH_SPEC): Likewise. (LINK_GCC_C_SEQUENCE_SPEC): Likewise. * config/i386/gnu-user.h (GNU_USER_TARGET_LINK_SPEC): Likewise. * config/i386/gnu-user64.h (GNU_USER_TARGET_LINK_SPEC): Likewise. * gcc.c (LINK_COMMAND_SPEC): Likewise. (init_gcc_specs): Likewise. (init_spec): Likewise. (display_help): Update help message for -pie. * doc/invoke.texi: Update -pie, -no-pie and -static. Document -static-pie. From-SVN: r252034 --- gcc/ChangeLog | 22 ++++++++++++++++++++++ gcc/common.opt | 13 ++++++++++--- gcc/config/gnu-user.h | 15 ++++++++------- gcc/config/i386/gnu-user.h | 7 ++++--- gcc/config/i386/gnu-user64.h | 11 ++++++----- gcc/doc/invoke.texi | 24 +++++++++++++++++------- gcc/gcc.c | 20 ++++++++++++-------- 7 files changed, 79 insertions(+), 33 deletions(-) diff --git a/gcc/ChangeLog b/gcc/ChangeLog index d73074d4b74..766dd644031 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,25 @@ +2017-09-12 H.J. Lu + + PR driver/81498 + * common.opt (-static-pie): New alias. + (shared): Negate static-pie. + (-no-pie): Update help text. + (-pie): Likewise. + (static-pie): New option. + * config/gnu-user.h (GNU_USER_TARGET_STARTFILE_SPEC): Add + -static-pie support. + (GNU_USER_TARGET_ENDFILE_SPEC): Likewise. + (LINK_EH_SPEC): Likewise. + (LINK_GCC_C_SEQUENCE_SPEC): Likewise. + * config/i386/gnu-user.h (GNU_USER_TARGET_LINK_SPEC): Likewise. + * config/i386/gnu-user64.h (GNU_USER_TARGET_LINK_SPEC): Likewise. + * gcc.c (LINK_COMMAND_SPEC): Likewise. + (init_gcc_specs): Likewise. + (init_spec): Likewise. + (display_help): Update help message for -pie. + * doc/invoke.texi: Update -pie, -no-pie and -static. Document + -static-pie. + 2017-09-12 Wilco Dijkstra * config/aarch64/aarch64.md (movsi_aarch64): Remove all '*'. diff --git a/gcc/common.opt b/gcc/common.opt index 0873fb9436f..1581ca885e5 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -352,6 +352,9 @@ Common Alias(pedantic-errors) -pie Driver Alias(pie) +-static-pie +Driver Alias(static-pie) + -pipe Driver Alias(pipe) @@ -3065,7 +3068,7 @@ x Driver Joined Separate shared -Driver RejectNegative Negative(pie) +Driver RejectNegative Negative(static-pie) Create a shared library. shared-libgcc @@ -3111,11 +3114,15 @@ Driver no-pie Driver RejectNegative Negative(shared) -Don't create a position independent executable. +Don't create a dynamically linked position independent executable. pie Driver RejectNegative Negative(no-pie) -Create a position independent executable. +Create a dynamically linked position independent executable. + +static-pie +Driver RejectNegative Negative(pie) +Create a static position independent executable. z Driver Joined Separate diff --git a/gcc/config/gnu-user.h b/gcc/config/gnu-user.h index de605b0c466..a967b69a350 100644 --- a/gcc/config/gnu-user.h +++ b/gcc/config/gnu-user.h @@ -53,11 +53,11 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see "%{shared:; \ pg|p|profile:gcrt1.o%s; \ static:crt1.o%s; \ - " PIE_SPEC ":Scrt1.o%s; \ + static-pie|" PIE_SPEC ":Scrt1.o%s; \ :crt1.o%s} \ crti.o%s \ %{static:crtbeginT.o%s; \ - shared|" PIE_SPEC ":crtbeginS.o%s; \ + shared|static-pie|" PIE_SPEC ":crtbeginS.o%s; \ :crtbegin.o%s} \ %{fvtable-verify=none:%s; \ fvtable-verify=preinit:vtv_start_preinit.o%s; \ @@ -70,7 +70,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see :crt1.o%s} \ crti.o%s \ %{static:crtbeginT.o%s; \ - shared|pie:crtbeginS.o%s; \ + shared|pie|static-pie:crtbeginS.o%s; \ :crtbegin.o%s} \ %{fvtable-verify=none:%s; \ fvtable-verify=preinit:vtv_start_preinit.o%s; \ @@ -92,7 +92,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see fvtable-verify=preinit:vtv_end_preinit.o%s; \ fvtable-verify=std:vtv_end.o%s} \ %{static:crtend.o%s; \ - shared|" PIE_SPEC ":crtendS.o%s; \ + shared|static-pie|" PIE_SPEC ":crtendS.o%s; \ :crtend.o%s} \ crtn.o%s \ " CRTOFFLOADEND @@ -102,7 +102,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see fvtable-verify=preinit:vtv_end_preinit.o%s; \ fvtable-verify=std:vtv_end.o%s} \ %{static:crtend.o%s; \ - shared|pie:crtendS.o%s; \ + shared|pie|static-pie:crtendS.o%s; \ :crtend.o%s} \ crtn.o%s \ " CRTOFFLOADEND @@ -132,12 +132,13 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see #define LIB_SPEC GNU_USER_TARGET_LIB_SPEC #if defined(HAVE_LD_EH_FRAME_HDR) -#define LINK_EH_SPEC "%{!static:--eh-frame-hdr} " +#define LINK_EH_SPEC "%{!static|static-pie:--eh-frame-hdr} " #endif #undef LINK_GCC_C_SEQUENCE_SPEC #define LINK_GCC_C_SEQUENCE_SPEC \ - "%{static:--start-group} %G %L %{static:--end-group}%{!static:%G}" + "%{static|static-pie:--start-group} %G %L \ + %{static|static-pie:--end-group}%{!static:%{!static-pie:%G}}" /* Use --as-needed -lgcc_s for eh support. */ #ifdef HAVE_LD_AS_NEEDED diff --git a/gcc/config/i386/gnu-user.h b/gcc/config/i386/gnu-user.h index a4c88f1a848..8983dc9ecd7 100644 --- a/gcc/config/i386/gnu-user.h +++ b/gcc/config/i386/gnu-user.h @@ -77,9 +77,10 @@ along with GCC; see the file COPYING3. If not see #define GNU_USER_TARGET_LINK_SPEC "-m %(link_emulation) %{shared:-shared} \ %{!shared: \ %{!static: \ - %{rdynamic:-export-dynamic} \ - -dynamic-linker %(dynamic_linker)} \ - %{static:-static}}" + %{!static-pie: \ + %{rdynamic:-export-dynamic} \ + -dynamic-linker %(dynamic_linker)}} \ + %{static:-static} %{static-pie:-static -pie --no-dynamic-linker -z text}}" #undef LINK_SPEC #define LINK_SPEC GNU_USER_TARGET_LINK_SPEC diff --git a/gcc/config/i386/gnu-user64.h b/gcc/config/i386/gnu-user64.h index 39f5ef6a68b..6fc9eae6f6b 100644 --- a/gcc/config/i386/gnu-user64.h +++ b/gcc/config/i386/gnu-user64.h @@ -59,11 +59,12 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see %{shared:-shared} \ %{!shared: \ %{!static: \ - %{rdynamic:-export-dynamic} \ - %{" SPEC_32 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKER32 "} \ - %{" SPEC_64 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKER64 "} \ - %{" SPEC_X32 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKERX32 "}} \ - %{static:-static}}" + %{!static-static: \ + %{rdynamic:-export-dynamic} \ + %{" SPEC_32 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKER32 "} \ + %{" SPEC_64 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKER64 "} \ + %{" SPEC_X32 ":-dynamic-linker " GNU_USER_DYNAMIC_LINKERX32 "}}} \ + %{static:-static} %{static-pie:-static -pie --no-dynamic-linker -z text}}" #undef LINK_SPEC #define LINK_SPEC GNU_USER_TARGET_LINK_SPEC diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 6c844c6ab76..e4cacf26bdb 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -497,7 +497,7 @@ Objective-C and Objective-C++ Dialects}. @xref{Link Options,,Options for Linking}. @gccoptlist{@var{object-file-name} -fuse-ld=@var{linker} -l@var{library} @gol -nostartfiles -nodefaultlibs -nostdlib -pie -pthread -rdynamic @gol --s -static -static-libgcc -static-libstdc++ @gol +-s -static -static-pie -static-libgcc -static-libstdc++ @gol -static-libasan -static-libtsan -static-liblsan -static-libubsan @gol -static-libmpx -static-libmpxwrappers @gol -shared -shared-libgcc -symbolic @gol @@ -11825,14 +11825,23 @@ GNU Compiler Collection (GCC) Internals}.) @item -pie @opindex pie -Produce a position independent executable on targets that support it. -For predictable results, you must also specify the same set of options -used for compilation (@option{-fpie}, @option{-fPIE}, +Produce a dynamically linked position independent executable on targets +that support it. For predictable results, you must also specify the same +set of options used for compilation (@option{-fpie}, @option{-fPIE}, or model suboptions) when you specify this linker option. @item -no-pie @opindex no-pie -Don't produce a position independent executable. +Don't produce a dynamically linked position independent executable. + +@item -static-pie +@opindex static-pie +Produce a static position independent executable on targets that support +it. A static position independent executable is similar to a static +executable, but can be loaded at any address without a dynamic linker. +For predictable results, you must also specify the same set of options +used for compilation (@option{-fpie}, @option{-fPIE}, or model +suboptions) when you specify this linker option. @item -pthread @opindex pthread @@ -11856,8 +11865,9 @@ Remove all symbol table and relocation information from the executable. @item -static @opindex static -On systems that support dynamic linking, this prevents linking with the shared -libraries. On other systems, this option has no effect. +On systems that support dynamic linking, this overrides @option{-pie} +and prevents linking with the shared libraries. On other systems, this +option has no effect. @item -shared @opindex shared diff --git a/gcc/gcc.c b/gcc/gcc.c index f1aad1f23b6..cec3ed5be5f 100644 --- a/gcc/gcc.c +++ b/gcc/gcc.c @@ -1015,9 +1015,10 @@ proper position among the other output files. */ #endif /* -u* was put back because both BSD and SysV seem to support it. */ -/* %{static|no-pie:} simply prevents an error message: +/* %{static|no-pie|static-pie:} simply prevents an error message: 1. If the target machine doesn't handle -static. 2. If PIE isn't enabled by default. + 3. If the target machine doesn't handle -static-pie. */ /* We want %{T*} after %{L*} and %D so that it can be used to specify linker scripts which exist in user specified directories, or in standard @@ -1035,7 +1036,7 @@ proper position among the other output files. */ "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \ "%X %{o*} %{e*} %{N} %{n} %{r}\ %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!nostartfiles:%S}} \ - %{static|no-pie:} %{L*} %(mfwrap) %(link_libgcc) " \ + %{static|no-pie|static-pie:} %{L*} %(mfwrap) %(link_libgcc) " \ VTABLE_VERIFICATION_SPEC " " SANITIZER_EARLY_SPEC " %o " CHKP_SPEC " \ %{fopenacc|fopenmp|%:gt(%{ftree-parallelize-loops=*:%*} 1):\ %:include(libgomp.spec)%(link_gomp)}\ @@ -1670,17 +1671,19 @@ init_gcc_specs (struct obstack *obstack, const char *shared_name, { char *buf; - buf = concat ("%{static|static-libgcc:", static_name, " ", eh_name, "}" - "%{!static:%{!static-libgcc:" #if USE_LD_AS_NEEDED + buf = concat ("%{static|static-libgcc|static-pie:", static_name, " ", eh_name, "}" + "%{!static:%{!static-libgcc:%{!static-pie:" "%{!shared-libgcc:", static_name, " " LD_AS_NEEDED_OPTION " ", shared_name, " " LD_NO_AS_NEEDED_OPTION "}" "%{shared-libgcc:", shared_name, "%{!shared: ", static_name, "}" - "}" + "}}" #else + buf = concat ("%{static|static-libgcc:", static_name, " ", eh_name, "}" + "%{!static:%{!static-libgcc:" "%{!shared:" "%{!shared-libgcc:", static_name, " ", eh_name, "}" "%{shared-libgcc:", shared_name, " ", static_name, "}" @@ -1788,8 +1791,8 @@ init_spec (void) "-lgcc_eh" #ifdef USE_LIBUNWIND_EXCEPTIONS # ifdef HAVE_LD_STATIC_DYNAMIC - " %{!static:" LD_STATIC_OPTION "} -lunwind" - " %{!static:" LD_DYNAMIC_OPTION "}" + " %{!static:%{!static-pie:" LD_STATIC_OPTION "}} -lunwind" + " %{!static:%{!static-pie:" LD_DYNAMIC_OPTION "}}" # else " -lunwind" # endif @@ -3478,7 +3481,8 @@ display_help (void) fputs (_(" -S Compile only; do not assemble or link.\n"), stdout); fputs (_(" -c Compile and assemble, but do not link.\n"), stdout); fputs (_(" -o Place the output into .\n"), stdout); - fputs (_(" -pie Create a position independent executable.\n"), stdout); + fputs (_(" -pie Create a dynamically linked position independent\n\ + executable.\n"), stdout); fputs (_(" -shared Create a shared library.\n"), stdout); fputs (_("\ -x Specify the language of the following input files.\n\ -- 2.30.2