diff options
Diffstat (limited to 'recipes-devtools/clang/clang/0007-clang-Enable-SSP-and-PIE-by-default.patch')
-rw-r--r-- | recipes-devtools/clang/clang/0007-clang-Enable-SSP-and-PIE-by-default.patch | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/recipes-devtools/clang/clang/0007-clang-Enable-SSP-and-PIE-by-default.patch b/recipes-devtools/clang/clang/0007-clang-Enable-SSP-and-PIE-by-default.patch new file mode 100644 index 0000000..481dd24 --- /dev/null +++ b/recipes-devtools/clang/clang/0007-clang-Enable-SSP-and-PIE-by-default.patch | |||
@@ -0,0 +1,95 @@ | |||
1 | From 013035de788d1e2e00a4238fb2fdd39591c5c009 Mon Sep 17 00:00:00 2001 | ||
2 | From: Khem Raj <raj.khem@gmail.com> | ||
3 | Date: Sat, 29 Jul 2017 08:29:19 -0700 | ||
4 | Subject: [PATCH 7/7] clang: Enable SSP and PIE by default | ||
5 | |||
6 | This is a minimal set of changes needed to make clang use SSP and PIE by | ||
7 | default on Arch Linux. Tests that were easy to adjust have been changed | ||
8 | accordingly; only test/Driver/linux-ld.c has been marked as "expected | ||
9 | failure" due to the number of changes it would require (mostly replacing | ||
10 | crtbegin.o with crtbeginS.o). | ||
11 | |||
12 | Doing so is needed in order to align clang with the new default GCC | ||
13 | behavior in Arch which generates PIE executables by default and also | ||
14 | defaults to -fstack-protector-strong. It is not meant to be a long term | ||
15 | solution, but a simple temporary fix. | ||
16 | |||
17 | Hopefully these changes will be obsoleted by the introduction upstream | ||
18 | of a compile-time option (https://bugs.llvm.org/show_bug.cgi?id=13410) | ||
19 | |||
20 | From: Evangelos Foutras <evangelos@foutrelis.com> | ||
21 | |||
22 | https://git.archlinux.org/svntogit/packages.git/tree/trunk/0002-Enable-SSP-and-PIE-by-default.patch?h=packages/llvm | ||
23 | |||
24 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
25 | --- | ||
26 | lib/Driver/ToolChains/FreeBSD.cpp | 1 + | ||
27 | lib/Driver/ToolChains/Gnu.cpp | 1 + | ||
28 | lib/Driver/ToolChains/Linux.cpp | 14 +++++++++++++- | ||
29 | lib/Driver/ToolChains/Linux.h | 1 + | ||
30 | 4 files changed, 16 insertions(+), 1 deletion(-) | ||
31 | |||
32 | diff --git a/lib/Driver/ToolChains/FreeBSD.cpp b/lib/Driver/ToolChains/FreeBSD.cpp | ||
33 | index c6626e922e..39d0d6fb0d 100644 | ||
34 | --- a/lib/Driver/ToolChains/FreeBSD.cpp | ||
35 | +++ b/lib/Driver/ToolChains/FreeBSD.cpp | ||
36 | @@ -128,6 +128,7 @@ void freebsd::Linker::ConstructJob(Compilation &C, const JobAction &JA, | ||
37 | const llvm::Triple::ArchType Arch = ToolChain.getArch(); | ||
38 | const bool IsPIE = | ||
39 | !Args.hasArg(options::OPT_shared) && | ||
40 | + !Args.hasArg(options::OPT_nopie) && | ||
41 | (Args.hasArg(options::OPT_pie) || ToolChain.isPIEDefault()); | ||
42 | ArgStringList CmdArgs; | ||
43 | |||
44 | diff --git a/lib/Driver/ToolChains/Gnu.cpp b/lib/Driver/ToolChains/Gnu.cpp | ||
45 | index 8eb7401b24..8d06196231 100644 | ||
46 | --- a/lib/Driver/ToolChains/Gnu.cpp | ||
47 | +++ b/lib/Driver/ToolChains/Gnu.cpp | ||
48 | @@ -417,6 +417,7 @@ void tools::gnutools::Linker::ConstructJob(Compilation &C, const JobAction &JA, | ||
49 | const bool IsIAMCU = ToolChain.getTriple().isOSIAMCU(); | ||
50 | const bool IsPIE = | ||
51 | !Args.hasArg(options::OPT_shared) && !Args.hasArg(options::OPT_static) && | ||
52 | + !Args.hasArg(options::OPT_nopie) && | ||
53 | (Args.hasArg(options::OPT_pie) || ToolChain.isPIEDefault()); | ||
54 | const bool HasCRTBeginEndFiles = | ||
55 | ToolChain.getTriple().hasEnvironment() || | ||
56 | diff --git a/lib/Driver/ToolChains/Linux.cpp b/lib/Driver/ToolChains/Linux.cpp | ||
57 | index 6dd6d52633..773063249a 100644 | ||
58 | --- a/lib/Driver/ToolChains/Linux.cpp | ||
59 | +++ b/lib/Driver/ToolChains/Linux.cpp | ||
60 | @@ -810,7 +810,19 @@ void Linux::AddIAMCUIncludeArgs(const ArgList &DriverArgs, | ||
61 | } | ||
62 | } | ||
63 | |||
64 | -bool Linux::isPIEDefault() const { return getSanitizerArgs().requiresPIE(); } | ||
65 | +bool Linux::isPIEDefault() const { | ||
66 | + const bool IsMips = tools::isMipsArch(getTriple().getArch()); | ||
67 | + const bool IsAndroid = getTriple().isAndroid(); | ||
68 | + | ||
69 | + if (IsMips || IsAndroid) | ||
70 | + return getSanitizerArgs().requiresPIE(); | ||
71 | + | ||
72 | + return true; | ||
73 | +} | ||
74 | + | ||
75 | +unsigned Linux::GetDefaultStackProtectorLevel(bool KernelOrKext) const { | ||
76 | + return 2; | ||
77 | +} | ||
78 | |||
79 | SanitizerMask Linux::getSupportedSanitizers() const { | ||
80 | const bool IsX86 = getTriple().getArch() == llvm::Triple::x86; | ||
81 | diff --git a/lib/Driver/ToolChains/Linux.h b/lib/Driver/ToolChains/Linux.h | ||
82 | index 9778c1832c..ddd46a1d58 100644 | ||
83 | --- a/lib/Driver/ToolChains/Linux.h | ||
84 | +++ b/lib/Driver/ToolChains/Linux.h | ||
85 | @@ -36,6 +36,7 @@ public: | ||
86 | void AddIAMCUIncludeArgs(const llvm::opt::ArgList &DriverArgs, | ||
87 | llvm::opt::ArgStringList &CC1Args) const override; | ||
88 | bool isPIEDefault() const override; | ||
89 | + unsigned GetDefaultStackProtectorLevel(bool KernelOrKext) const override; | ||
90 | SanitizerMask getSupportedSanitizers() const override; | ||
91 | void addProfileRTLibs(const llvm::opt::ArgList &Args, | ||
92 | llvm::opt::ArgStringList &CmdArgs) const override; | ||
93 | -- | ||
94 | 2.13.3 | ||
95 | |||