1 files changed, 25 insertions, 1 deletions

diff --git a/documentation/ref-manual/ref-variables.xml b/documentation/ref-manual/ref-variables.xml
index a79fc2ec87..631759d372 100644
--- a/documentation/ref-manual/ref-variables.xml
+++ b/documentation/ref-manual/ref-variables.xml
@@ -22,7 +22,7 @@
        <link linkend='var-D'>D</link>
        <link linkend='var-EFI_PROVIDER'>E</link>
        <link linkend='var-FEATURE_PACKAGES'>F</link>
-       <link linkend='var-GDB'>G</link>
+       <link linkend='var-GCCPIE'>G</link>
        <link linkend='var-HOMEPAGE'>H</link>
        <link linkend='var-ICECC_DISABLED'>I</link>
 <!--               <link linkend='var-glossary-j'>J</link> -->
@@ -5030,6 +5030,30 @@
 
     <glossdiv id='var-glossary-g'><title>G</title>
 
+        <glossentry id='var-GCCPIE'><glossterm>GCCPIE</glossterm>
+            <info>
+                GCCPIE[doc] = "Enables Position Independent Executables (PIE) within the GNU C Compiler (GCC)."
+            </info>
+            <glossdef>
+                <para role="glossdeffirst">
+<!--                <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
+                    Enables Position Independent Executables (PIE) within the
+                    GNU C Compiler (GCC).
+                    Enabling PIE in the GCC makes Return Oriented Programming
+                    (ROP) attacks much more difficult to
+                    execute.
+                </para>
+
+                <para>
+                    By default the <filename>security_flags.inc</filename>
+                    file enables PIE by setting the variable as follows:
+                    <literallayout class='monospaced'>
+     GCCPIE ?= "--enable-default-pie"
+                    </literallayout>
+                </para>
+            </glossdef>
+        </glossentry>
+
         <glossentry id='var-GDB'><glossterm>GDB</glossterm>
             <info>
                 GDB[doc] = "The minimal command and arguments to run the GNU Debugger."