2 files changed, 29 insertions, 4 deletions
diff --git a/documentation/ref-manual/migration.xml b/documentation/ref-manual/migration.xml
index 91eabf807b..5dea5ad960 100644
--- a/documentation/ref-manual/migration.xml
+++ b/documentation/ref-manual/migration.xml
@@ -5182,9 +5182,10 @@ id=f4d4f99cfbc2396e49c1613a7d237b9e57f06f81'>commit message</ulink>.
                    </para></listitem>
                <listitem><para>
                    By default, the <filename>security_flags.inc</filename> file
-                    sets a <filename>GCCPIE</filename> variable with an option
+                    sets a
-                    to enable Position Independent Executables (PIE) within
+                    <link linkend='var-GCCPIE'><filename>GCCPIE</filename></link>
-                    <filename>gcc</filename>.
+                    variable with an option to enable Position Independent
+                    Executables (PIE) within <filename>gcc</filename>.
                    Enabling PIE in the GNU C Compiler (GCC), makes Return
                    Oriented Programming (ROP) attacks much more difficult to
                    execute.
diff --git a/documentation/ref-manual/ref-variables.xml b/documentation/ref-manual/ref-variables.xml
index a79fc2ec87..631759d372 100644
--- a/documentation/ref-manual/ref-variables.xml
+++ b/documentation/ref-manual/ref-variables.xml
@@ -22,7 +22,7 @@
       <link linkend='var-D'>D</link>
       <link linkend='var-EFI_PROVIDER'>E</link>
       <link linkend='var-FEATURE_PACKAGES'>F</link>
-       <link linkend='var-GDB'>G</link>
+       <link linkend='var-GCCPIE'>G</link>
       <link linkend='var-HOMEPAGE'>H</link>
       <link linkend='var-ICECC_DISABLED'>I</link>
 <!--               <link linkend='var-glossary-j'>J</link> -->
@@ -5030,6 +5030,30 @@
    <glossdiv id='var-glossary-g'><title>G</title>
+        <glossentry id='var-GCCPIE'><glossterm>GCCPIE</glossterm>
+            <info>
+                GCCPIE[doc] = "Enables Position Independent Executables (PIE) within the GNU C Compiler (GCC)."
+            </info>
+            <glossdef>
+                <para role="glossdeffirst">
+<!--                <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
+                    Enables Position Independent Executables (PIE) within the
+                    GNU C Compiler (GCC).
+                    Enabling PIE in the GCC makes Return Oriented Programming
+                    (ROP) attacks much more difficult to
+                    execute.
+                </para>
+                <para>
+                    By default the <filename>security_flags.inc</filename>
+                    file enables PIE by setting the variable as follows:
+                    <literallayout class='monospaced'>
+     GCCPIE ?= "--enable-default-pie"
+                    </literallayout>
+                </para>
+            </glossdef>
+        </glossentry>
        <glossentry id='var-GDB'><glossterm>GDB</glossterm>
            <info>
                GDB[doc] = "The minimal command and arguments to run the GNU Debugger."

diff --git a/documentation/ref-manual/migration.xml b/documentation/ref-manual/migration.xml index 91eabf807b..5dea5ad960 100644 --- a/documentation/ref-manual/migration.xml +++ b/documentation/ref-manual/migration.xml
@@ -5182,9 +5182,10 @@ id=f4d4f99cfbc2396e49c1613a7d237b9e57f06f81'>commit message</ulink>.
5182	</para></listitem>	5182	</para></listitem>
5183	<listitem><para>	5183	<listitem><para>
5184	By default, the <filename>security_flags.inc</filename> file	5184	By default, the <filename>security_flags.inc</filename> file
5185	sets a <filename>GCCPIE</filename> variable with an option	5185	sets a
5186	to enable Position Independent Executables (PIE) within	5186	<link linkend='var-GCCPIE'><filename>GCCPIE</filename></link>
5187	<filename>gcc</filename>.	5187	variable with an option to enable Position Independent
		5188	Executables (PIE) within <filename>gcc</filename>.
5188	Enabling PIE in the GNU C Compiler (GCC), makes Return	5189	Enabling PIE in the GNU C Compiler (GCC), makes Return
5189	Oriented Programming (ROP) attacks much more difficult to	5190	Oriented Programming (ROP) attacks much more difficult to
5190	execute.	5191	execute.


diff --git a/documentation/ref-manual/ref-variables.xml b/documentation/ref-manual/ref-variables.xml index a79fc2ec87..631759d372 100644 --- a/documentation/ref-manual/ref-variables.xml +++ b/documentation/ref-manual/ref-variables.xml
@@ -22,7 +22,7 @@
22	<link linkend='var-D'>D</link>	22	<link linkend='var-D'>D</link>
23	<link linkend='var-EFI_PROVIDER'>E</link>	23	<link linkend='var-EFI_PROVIDER'>E</link>
24	<link linkend='var-FEATURE_PACKAGES'>F</link>	24	<link linkend='var-FEATURE_PACKAGES'>F</link>
25	<link linkend='var-GDB'>G</link>	25	<link linkend='var-GCCPIE'>G</link>
26	<link linkend='var-HOMEPAGE'>H</link>	26	<link linkend='var-HOMEPAGE'>H</link>
27	<link linkend='var-ICECC_DISABLED'>I</link>	27	<link linkend='var-ICECC_DISABLED'>I</link>
28	<!-- <link linkend='var-glossary-j'>J</link> -->	28	<!-- <link linkend='var-glossary-j'>J</link> -->
@@ -5030,6 +5030,30 @@
5030		5030
5031	<glossdiv id='var-glossary-g'><title>G</title>	5031	<glossdiv id='var-glossary-g'><title>G</title>
5032		5032
		5033	<glossentry id='var-GCCPIE'><glossterm>GCCPIE</glossterm>
		5034	<info>
		5035	GCCPIE[doc] = "Enables Position Independent Executables (PIE) within the GNU C Compiler (GCC)."
		5036	</info>
		5037	<glossdef>
		5038	<para role="glossdeffirst">
		5039	<!-- <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
		5040	Enables Position Independent Executables (PIE) within the
		5041	GNU C Compiler (GCC).
		5042	Enabling PIE in the GCC makes Return Oriented Programming
		5043	(ROP) attacks much more difficult to
		5044	execute.
		5045	</para>
		5046
		5047	<para>
		5048	By default the <filename>security_flags.inc</filename>
		5049	file enables PIE by setting the variable as follows:
		5050	<literallayout class='monospaced'>
		5051	GCCPIE ?= "--enable-default-pie"
		5052	</literallayout>
		5053	</para>
		5054	</glossdef>
		5055	</glossentry>
		5056
5033	<glossentry id='var-GDB'><glossterm>GDB</glossterm>	5057	<glossentry id='var-GDB'><glossterm>GDB</glossterm>
5034	<info>	5058	<info>
5035	GDB[doc] = "The minimal command and arguments to run the GNU Debugger."	5059	GDB[doc] = "The minimal command and arguments to run the GNU Debugger."