From e0f6cba004eb94ef9a06c68d09160d8601503085 Mon Sep 17 00:00:00 2001 From: Magnus Granberg Date: Wed, 19 Aug 2015 22:07:06 +0000 Subject: [PATCH] common.opt (fstack-protector): Initialize to -1. * common.opt (fstack-protector): Initialize to -1. (fstack-protector-all): Likewise. (fstack-protector-strong): Likewise. (fstack-protector-explicit): Likewise. * configure.ac: Add --enable-default-ssp. * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. * opts.c (finish_options): Update opts->x_flag_stack_protect if it is -1. * doc/install.texi: Document --enable-default-ssp. * config.in: Regenerated. * configure: Likewise. * lib/target-supports.exp (check_effective_target_fstack_protector_enabled): New test. * gcc.target/i386/ssp-default.c: New test. From-SVN: r227017 --- gcc/ChangeLog | 14 ++++++++++ gcc/common.opt | 6 ++--- gcc/config.in | 7 +++++ gcc/configure | 30 +++++++++++++++++++-- gcc/configure.ac | 19 +++++++++++++ gcc/defaults.h | 12 +++++++++ gcc/doc/install.texi | 3 +++ gcc/opts.c | 5 ++++ gcc/testsuite/ChangeLog | 6 +++++ gcc/testsuite/gcc.target/i386/ssp-default.c | 22 +++++++++++++++ gcc/testsuite/lib/target-supports.exp | 11 ++++++++ 11 files changed, 130 insertions(+), 5 deletions(-) create mode 100644 gcc/testsuite/gcc.target/i386/ssp-default.c diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 567d440fd68..14446bc6795 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,17 @@ +2015-08-19 Magnus Granberg + + * common.opt (fstack-protector): Initialize to -1. + (fstack-protector-all): Likewise. + (fstack-protector-strong): Likewise. + (fstack-protector-explicit): Likewise. + * configure.ac: Add --enable-default-ssp. + * defaults.h (DEFAULT_FLAG_SSP): New. Default SSP to strong. + * opts.c (finish_options): Update opts->x_flag_stack_protect if it is + -1. + * doc/install.texi: Document --enable-default-ssp. + * config.in: Regenerated. + * configure: Likewise. + 2015-08-19 Alexandre Oliva PR rtl-optimization/64164 diff --git a/gcc/common.opt b/gcc/common.opt index dd59ff337e6..4dcd51807af 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -2124,15 +2124,15 @@ Common RejectNegative Joined Var(common_deferred_options) Defer -fstack-limit-symbol= Trap if the stack goes past symbol fstack-protector -Common Report Var(flag_stack_protect, 1) +Common Report Var(flag_stack_protect, 1) Init(-1) Use propolice as a stack protection method fstack-protector-all -Common Report RejectNegative Var(flag_stack_protect, 2) +Common Report RejectNegative Var(flag_stack_protect, 2) Init(-1) Use a stack protection method for every function fstack-protector-strong -Common Report RejectNegative Var(flag_stack_protect, 3) +Common Report RejectNegative Var(flag_stack_protect, 3) Init(-1) Use a smart stack protection method for certain functions fstack-protector-explicit diff --git a/gcc/config.in b/gcc/config.in index 541963a727a..22a4e6b7cb2 100644 --- a/gcc/config.in +++ b/gcc/config.in @@ -95,6 +95,13 @@ #endif +/* Define if your target supports default stack protector and it is enabled. + */ +#ifndef USED_FOR_TARGET +#undef ENABLE_DEFAULT_SSP +#endif + + /* Define if you want more run-time sanity checks for dataflow. */ #ifndef USED_FOR_TARGET #undef ENABLE_DF_CHECKING diff --git a/gcc/configure b/gcc/configure index 8e89dd9c6eb..cf685f29ea6 100755 --- a/gcc/configure +++ b/gcc/configure @@ -678,6 +678,7 @@ MAINT zlibinc zlibdir HOST_LIBS +enable_default_ssp libgcc_visibility gcc_cv_readelf gcc_cv_objdump @@ -930,6 +931,7 @@ enable_fix_cortex_a53_843419 with_glibc_version enable_gnu_unique_object enable_linker_build_id +enable_default_ssp with_long_double_128 with_gc with_system_zlib @@ -1666,6 +1668,7 @@ Optional Features: extension on glibc systems --enable-linker-build-id compiler will always pass --build-id to linker + --enable-default-ssp enable Stack Smashing Protection as default --enable-maintainer-mode enable make rules and dependencies not useful (and sometimes confusing) to the casual installer @@ -18341,7 +18344,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 18344 "configure" +#line 18347 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -18447,7 +18450,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 18450 "configure" +#line 18453 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -28047,6 +28050,29 @@ $as_echo "#define TARGET_LIBC_PROVIDES_SSP 1" >>confdefs.h fi +# Check whether --enable-default-ssp was given. +# Check whether --enable-default-ssp was given. +if test "${enable_default_ssp+set}" = set; then : + enableval=$enable_default_ssp; +if test x$gcc_cv_libc_provides_ssp = xyes; then + case "$target" in + ia64*-*-*) enable_default_ssp=no ;; + *) enable_default_ssp=$enableval ;; + esac +else + enable_default_ssp=no +fi +else + enable_default_ssp=no +fi + +if test x$enable_default_ssp == xyes ; then + +$as_echo "#define ENABLE_DEFAULT_SSP 1" >>confdefs.h + +fi + + # Test for on the target. { $as_echo "$as_me:${as_lineno-$LINENO}: checking sys/sdt.h in the target C library" >&5 diff --git a/gcc/configure.ac b/gcc/configure.ac index c7d5d327a2e..d3c1449516d 100644 --- a/gcc/configure.ac +++ b/gcc/configure.ac @@ -5329,6 +5329,25 @@ if test x$gcc_cv_libc_provides_ssp = xyes; then [Define if your target C library provides stack protector support]) fi +# Check whether --enable-default-ssp was given. +AC_ARG_ENABLE(default-ssp, +[AS_HELP_STRING([--enable-default-ssp], + [enable Stack Smashing Protection as default])],[ +if test x$gcc_cv_libc_provides_ssp = xyes; then + case "$target" in + ia64*-*-*) enable_default_ssp=no ;; + *) enable_default_ssp=$enableval ;; + esac +else + enable_default_ssp=no +fi], +enable_default_ssp=no) +if test x$enable_default_ssp == xyes ; then + AC_DEFINE(ENABLE_DEFAULT_SSP, 1, + [Define if your target supports default stack protector and it is enabled.]) +fi +AC_SUBST([enable_default_ssp]) + # Test for on the target. GCC_TARGET_TEMPLATE([HAVE_SYS_SDT_H]) AC_MSG_CHECKING(sys/sdt.h in the target C library) diff --git a/gcc/defaults.h b/gcc/defaults.h index 713ca077c79..4fe8eb17f48 100644 --- a/gcc/defaults.h +++ b/gcc/defaults.h @@ -1359,6 +1359,18 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see #define STACK_SIZE_MODE word_mode #endif +/* Default value for flag_stack_protect when flag_stack_protect is initialized to -1: + --enable-default-ssp: Default flag_stack_protect to -fstack-protector-strong. + --disable-default-ssp: Default flag_stack_protect to 0. + */ +#ifdef ENABLE_DEFAULT_SSP +# ifndef DEFAULT_FLAG_SSP +# define DEFAULT_FLAG_SSP 3 +# endif +#else +# define DEFAULT_FLAG_SSP 0 +#endif + /* Provide default values for the macros controlling stack checking. */ /* The default is neither full builtin stack checking... */ diff --git a/gcc/doc/install.texi b/gcc/doc/install.texi index 360b0666b69..6ba0fb97058 100644 --- a/gcc/doc/install.texi +++ b/gcc/doc/install.texi @@ -1642,6 +1642,9 @@ Using the GNU Compiler Collection (GCC)}, See ``RS/6000 and PowerPC Options'' in the main manual @end ifhtml +@item --enable-default-ssp +Turn on @option{-fstack-protector-strong} by default. + @item --enable-cld This option enables @option{-mcld} by default for 32-bit x86 targets. @ifnothtml diff --git a/gcc/opts.c b/gcc/opts.c index 32de605314f..f1a9acd7ba0 100644 --- a/gcc/opts.c +++ b/gcc/opts.c @@ -754,6 +754,11 @@ finish_options (struct gcc_options *opts, struct gcc_options *opts_set, opts->x_flag_opts_finished = true; } + /* We initialize opts->x_flag_stack_protect to -1 so that targets + can set a default value. */ + if (opts->x_flag_stack_protect == -1) + opts->x_flag_stack_protect = DEFAULT_FLAG_SSP; + if (opts->x_optimize == 0) { /* Inlining does not work if not optimizing, diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index e162dd26d78..9654cc34089 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,9 @@ +2015-08-19 Magnus Granberg + + * lib/target-supports.exp + (check_effective_target_fstack_protector_enabled): New test. + * gcc.target/i386/ssp-default.c: New test. + 2015-08-19 Mikael Morin PR fortran/66929 diff --git a/gcc/testsuite/gcc.target/i386/ssp-default.c b/gcc/testsuite/gcc.target/i386/ssp-default.c new file mode 100644 index 00000000000..3f65ed8a80d --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/ssp-default.c @@ -0,0 +1,22 @@ +/* { dg-do run { target native } } */ +/* { dg-require-effective-target fstack_protector_enabled } */ + +#include + +void +__stack_chk_fail (void) +{ + exit (0); /* pass */ +} + +int main () +{ + int i; + char foo[255]; + + /* smash stack */ + for (i = 0; i <= 400; i++) + foo[i] = 42; + + return 1; /* fail */ +} diff --git a/gcc/testsuite/lib/target-supports.exp b/gcc/testsuite/lib/target-supports.exp index 1988301045b..b6551e834d0 100644 --- a/gcc/testsuite/lib/target-supports.exp +++ b/gcc/testsuite/lib/target-supports.exp @@ -1145,6 +1145,17 @@ proc check_effective_target_pie_enabled { } { }] } +# Return 1 if the target generates -fstack-protector by default. + +proc check_effective_target_fstack_protector_enabled {} { + return [ check_no_compiler_messages fstack_protector_enabled assembly { + #if !defined(__SSP__) && !defined(__SSP_ALL__) && \ + !defined(__SSP_STRONG__) && !defined(__SSP_EXPICIT__) + #error unsupported + #endif + }] +} + # Return 1 if the target does not use a status wrapper. proc check_effective_target_unwrapped { } { -- 2.30.2