From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) by sourceware.org (Postfix) with ESMTPS id 7D1253858C83 for ; Tue, 16 May 2023 20:11:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7D1253858C83 Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=googlemail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=googlemail.com Received: by mail-wm1-x32b.google.com with SMTP id 5b1f17b1804b1-3f427118644so75505e9.0 for ; Tue, 16 May 2023 13:11:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1684267890; x=1686859890; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=zIjqUyeec4w1paokUWhqOVyoupyjaq0+FW/PWj3fo9s=; b=jBLzeMaaQU96/sZmYuwRMDHnWBVhVt4VnIkBtrAkwsxSX/TUhx1UPXAO1ltP9AXx3t uwj/myjeozPGvq3PUbMJiX42bbFS6cOGiU8t0nEKGifXID9LLH+AN/Ez8GOM/dNmCCml 332lEV8H1t61AyWIxpTFzbK8Q+eD0N9s5RRoyEWv/1EXHWZbHxh+5BaclpBNRayy/fZ3 p7N2Gm3lQ6eTy4u01moBWTtaCIPQgfKAEVZDyFWoZtl+uajMVHn15iStf6APkCf+DhY1 EkneZ2Xe4Z7EJVqFu+QlsxdKQqshs9Jx7D6b4InFAjP0Ugojs01MbVZLRMlwCEDXYZD8 TuHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684267890; x=1686859890; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zIjqUyeec4w1paokUWhqOVyoupyjaq0+FW/PWj3fo9s=; b=gK63rtP0k86jJKbVZS1lr0O59PJiFhCoY6ODg2PMAOUvKT3LpEfmghuaOB6ilBBqhS ake4b0yEZQRAVU2ddzBgBMShtqUhuAknBGb/JvTMNDpq1qhoVt8+lrwLj9tB2AAycekZ kTvWYUGKKD+g+IQ5xebJTMYudxqFRCeWqEgfF2v0c8Jdr27ruLtnT/8JCrzDEbzOZqZq 9bLGODT6JyrCHmblL0yJ8M697Fb/jF56TOzpb2It4ePjCUvsGE8RjFwJP56aIYlbtrPR V1zpdgzOqQFi/WRhNX7Ih7XHsvS4L2cRhDk/2LNclhvP+um4MugjidCga2nbqcXTtSR7 PZ/Q== X-Gm-Message-State: AC+VfDzp/dO1lxm4hifDpS3xTO8d7ayxJyLRqpQAo/kRc+i3BM30VTzs jiIbwRUsC+bMv+puE4nZdiA= X-Google-Smtp-Source: ACHHUZ78uVpg+PSqyw9yLYM72JBlC/oRR1PigtWwObDC0sYUnia1GFz/JGl3qktAUQW6vKs4SG1l7A== X-Received: by 2002:a7b:c4c3:0:b0:3f1:9526:22d4 with SMTP id g3-20020a7bc4c3000000b003f1952622d4mr29846928wmk.21.1684267889470; Tue, 16 May 2023 13:11:29 -0700 (PDT) Received: from smtpclient.apple (host81-138-1-83.in-addr.btopenworld.com. [81.138.1.83]) by smtp.googlemail.com with ESMTPSA id f17-20020a5d4dd1000000b003078a3f3a24sm285330wru.114.2023.05.16.13.11.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 May 2023 13:11:28 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.3\)) Subject: Re: [PATCH] configure: Implement --enable-host-pie From: Iain Sandoe In-Reply-To: Date: Tue, 16 May 2023 21:11:27 +0100 Cc: GCC Patches Content-Transfer-Encoding: quoted-printable Message-Id: References: <20230509194158.329137-1-polacek@redhat.com> To: Marek Polacek X-Mailer: Apple Mail (2.3696.120.41.1.3) X-Spam-Status: No, score=-8.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Hi Marek, > On 16 May 2023, at 16:29, Marek Polacek via Gcc-patches = wrote: >=20 > Ping. I=E2=80=99m trying this on Darwin (since I have a local patch to do this = for modern [darwin20+] versions, which do not allow non-PIE) I think you are missing a hunk to deal with Ada. thanks for the patch Iain >=20 > On Tue, May 09, 2023 at 03:41:58PM -0400, Marek Polacek via = Gcc-patches wrote: >> [ This is my third attempt to add this configure option. The first >> version was approved but it came too late in the development cycle. >> The second version was also approved, but I had to revert it: >> = . >> I've fixed the problem (by moving $(PICFLAG) from INTERNAL_CFLAGS to >> ALL_COMPILERFLAGS). Another change is that since r13-4536 I no = longer >> need to touch Makefile.def, so this patch is simplified. ] >>=20 >> This patch implements the --enable-host-pie configure option which >> makes the compiler executables PIE. This can be used to enhance >> protection against ROP attacks, and can be viewed as part of a wider >> trend to harden binaries. >>=20 >> It is similar to the option --enable-host-shared, except that --e-h-s >> won't add -shared to the linker flags whereas --e-h-p will add -pie. >> It is different from --enable-default-pie because that option just >> adds an implicit -fPIE/-pie when the compiler is invoked, but the >> compiler itself isn't PIE. >>=20 >> Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no = PCH >> regressions. >>=20 >> When building the compiler, the build process may use various in-tree >> libraries; these need to be built with -fPIE so that it's possible to >> use them when building a PIE. For instance, when = --with-included-gettext >> is in effect, intl object files must be compiled with -fPIE. = Similarly, >> when building in-tree gmp, isl, mpfr and mpc, they must be compiled = with >> -fPIE. >>=20 >> With this patch and --enable-host-pie used to configure gcc: >>=20 >> $ file gcc/cc1{,plus,obj} gcc/f951 gcc/lto1 gcc/cpp >> gcc/cc1: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >> gcc/cc1plus: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >> gcc/f951: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >> gcc/cc1obj: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >> gcc/lto1: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >> gcc/cpp: ELF 64-bit LSB pie executable, x86-64, version 1 = (GNU/Linux), dynamically linked, interpreter = /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not = stripped >>=20 >> I plan to add an option to link with -Wl,-z,now. >>=20 >> Bootstrapped on x86_64-pc-linux-gnu with --with-included-gettext >> --enable-host-pie as well as without --enable-host-pie. Also tested >> on a Debian system where the system gcc was configured with >> --enable-default-pie. >>=20 >> ChangeLog: >>=20 >> * configure.ac (--enable-host-pie): New check. Set PICFLAG = after this >> check. >> * configure: Regenerate. >>=20 >> c++tools/ChangeLog: >>=20 >> * Makefile.in: Rename PIEFLAG to PICFLAG. Set LD_PICFLAG. Use = it. >> Use pic/libiberty.a if PICFLAG is set. >> * configure.ac (--enable-default-pie): Set PICFLAG instead of = PIEFLAG. >> (--enable-host-pie): New check. >> * configure: Regenerate. >>=20 >> fixincludes/ChangeLog: >>=20 >> * Makefile.in: Set and use PICFLAG and LD_PICFLAG. Use the = "pic" >> build of libiberty if PICFLAG is set. >> * configure.ac: >> * configure: Regenerate. >>=20 >> gcc/ChangeLog: >>=20 >> * Makefile.in: Set LD_PICFLAG. Use it. Set enable_host_pie. >> Remove NO_PIE_CFLAGS and NO_PIE_FLAG. Pass LD_PICFLAG to >> ALL_LINKERFLAGS. Use the "pic" build of libiberty if = --enable-host-pie. >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG = after this >> check. >> * configure: Regenerate. >> * doc/install.texi: Document --enable-host-pie. >>=20 >> gcc/d/ChangeLog: >>=20 >> * Make-lang.in: Remove NO_PIE_CFLAGS. >>=20 >> intl/ChangeLog: >>=20 >> * Makefile.in: Use @PICFLAG@ in COMPILE as well. >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG after this check. >> * configure: Regenerate. >>=20 >> libcody/ChangeLog: >>=20 >> * Makefile.in: Pass LD_PICFLAG to LDFLAGS. >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG and LD_PICFLAG = after this >> check. >> * configure: Regenerate. >>=20 >> libcpp/ChangeLog: >>=20 >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG after this check. >> * configure: Regenerate. >>=20 >> libdecnumber/ChangeLog: >>=20 >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG after this check. >> * configure: Regenerate. >>=20 >> libiberty/ChangeLog: >>=20 >> * configure.ac: Also set shared when enable_host_pie. >> * configure: Regenerate. >>=20 >> zlib/ChangeLog: >>=20 >> * configure.ac (--enable-host-shared): Don't set PICFLAG here. >> (--enable-host-pie): New check. Set PICFLAG after this check. >> * configure: Regenerate. >> --- >> c++tools/Makefile.in | 11 ++++++--- >> c++tools/configure | 17 +++++++++++--- >> c++tools/configure.ac | 11 +++++++-- >> configure | 24 +++++++++++++++++++- >> configure.ac | 18 ++++++++++++++- >> fixincludes/Makefile.in | 12 ++++++---- >> fixincludes/configure | 13 +++++++++++ >> fixincludes/configure.ac | 8 +++++++ >> gcc/Makefile.in | 32 +++++++++++++++----------- >> gcc/configure | 47 = +++++++++++++++++++++++++++------------ >> gcc/configure.ac | 36 +++++++++++++++++++++--------- >> gcc/d/Make-lang.in | 2 +- >> gcc/doc/install.texi | 16 +++++++++++-- >> intl/Makefile.in | 2 +- >> intl/configure | 24 ++++++++++++++++++-- >> intl/configure.ac | 19 ++++++++++++++-- >> libcody/Makefile.in | 2 +- >> libcody/configure | 30 ++++++++++++++++++++++++- >> libcody/configure.ac | 26 ++++++++++++++++++++-- >> libcpp/configure | 22 +++++++++++++++++- >> libcpp/configure.ac | 19 ++++++++++++++-- >> libdecnumber/configure | 22 +++++++++++++++++- >> libdecnumber/configure.ac | 19 ++++++++++++++-- >> libiberty/configure | 4 ++-- >> libiberty/configure.ac | 4 ++-- >> zlib/configure | 28 +++++++++++++++++++---- >> zlib/configure.ac | 21 ++++++++++++++--- >> 27 files changed, 409 insertions(+), 80 deletions(-) >>=20 >> diff --git a/c++tools/Makefile.in b/c++tools/Makefile.in >> index 77bda3d56dc..dcb1029e064 100644 >> --- a/c++tools/Makefile.in >> +++ b/c++tools/Makefile.in >> @@ -29,8 +29,9 @@ AUTOCONF :=3D @AUTOCONF@ >> AUTOHEADER :=3D @AUTOHEADER@ >> CXX :=3D @CXX@ >> CXXFLAGS :=3D @CXXFLAGS@ >> -PIEFLAG :=3D @PIEFLAG@ >> -CXXOPTS :=3D $(CXXFLAGS) $(PIEFLAG) -fno-exceptions -fno-rtti >> +PICFLAG :=3D @PICFLAG@ >> +LD_PICFLAG :=3D @LD_PICFLAG@ >> +CXXOPTS :=3D $(CXXFLAGS) $(PICFLAG) -fno-exceptions -fno-rtti >> LDFLAGS :=3D @LDFLAGS@ >> exeext :=3D @EXEEXT@ >> LIBIBERTY :=3D ../libiberty/libiberty.a >> @@ -90,11 +91,15 @@ ifeq (@CXX_AUX_TOOLS@,yes) >>=20 >> all::g++-mapper-server$(exeext) >>=20 >> +ifneq ($(PICFLAG),) >> +override LIBIBERTY :=3D ../libiberty/pic/libiberty.a >> +endif >> + >> MAPPER.O :=3D server.o resolver.o >> CODYLIB =3D ../libcody/libcody.a >> CXXINC +=3D -I$(srcdir)/../libcody -I$(srcdir)/../include = -I$(srcdir)/../gcc -I. -I../gcc >> g++-mapper-server$(exeext): $(MAPPER.O) $(CODYLIB) >> - +$(CXX) $(LDFLAGS) $(PIEFLAG) -o $@ $^ $(LIBIBERTY) $(NETLIBS) >> + +$(CXX) $(LDFLAGS) $(PICFLAG) $(LD_PICFLAG) -o $@ $^ = $(LIBIBERTY) $(NETLIBS) >>=20 >> # copy to gcc dir so tests there can run >> all::../gcc/g++-mapper-server$(exeext) >> diff --git a/c++tools/configure b/c++tools/configure >> index 742816e4253..88087009383 100755 >> --- a/c++tools/configure >> +++ b/c++tools/configure >> @@ -627,7 +627,8 @@ get_gcc_base_ver >> EGREP >> GREP >> CXXCPP >> -PIEFLAG >> +LD_PICFLAG >> +PICFLAG >> MAINTAINER >> CXX_AUX_TOOLS >> AUTOHEADER >> @@ -700,6 +701,7 @@ enable_c___tools >> enable_maintainer_mode >> enable_checking >> enable_default_pie >> +enable_host_pie >> with_gcc_major_version_only >> ' >> ac_precious_vars=3D'build_alias >> @@ -1333,6 +1335,7 @@ Optional Features: >> only specific categories of checks. = Categories are: >> yes,no,all,none,release. >> --enable-default-pie enable Position Independent Executable as = default >> + --enable-host-pie build host code as PIE >>=20 >> Optional Packages: >> --with-PACKAGE[=3DARG] use PACKAGE [ARG=3Dyes] >> @@ -2990,12 +2993,20 @@ fi >> # Check whether --enable-default-pie was given. >> # Check whether --enable-default-pie was given. >> if test "${enable_default_pie+set}" =3D set; then : >> - enableval=3D$enable_default_pie; PIEFLAG=3D-fPIE >> + enableval=3D$enable_default_pie; PICFLAG=3D-fPIE >> else >> - PIEFLAG=3D >> + PICFLAG=3D >> fi >>=20 >>=20 >> +# Enable --enable-host-pie >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; PICFLAG=3D-fPIE; LD_PICFLAG=3D-pie >> +fi >> + >> + >> + >>=20 >> # Check if O_CLOEXEC is defined by fcntl >>=20 >> diff --git a/c++tools/configure.ac b/c++tools/configure.ac >> index 23e98c8e721..44dfaccbbfa 100644 >> --- a/c++tools/configure.ac >> +++ b/c++tools/configure.ac >> @@ -102,8 +102,15 @@ fi >> AC_ARG_ENABLE(default-pie, >> [AS_HELP_STRING([--enable-default-pie], >> [enable Position Independent Executable as default])], >> -[PIEFLAG=3D-fPIE], [PIEFLAG=3D]) >> -AC_SUBST([PIEFLAG]) >> +[PICFLAG=3D-fPIE], [PICFLAG=3D]) >> + >> +# Enable --enable-host-pie >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])], >> +[PICFLAG=3D-fPIE; LD_PICFLAG=3D-pie], []) >> +AC_SUBST(PICFLAG) >> +AC_SUBST(LD_PICFLAG) >>=20 >> # Check if O_CLOEXEC is defined by fcntl >> AC_CACHE_CHECK(for O_CLOEXEC, ac_cv_o_cloexec, [ >> diff --git a/configure b/configure >> index 0494e2fa2bf..f5cf9b84c06 100755 >> --- a/configure >> +++ b/configure >> @@ -687,6 +687,8 @@ extra_host_zlib_configure_flags >> extra_host_libiberty_configure_flags >> stage1_languages >> host_libs_picflag >> +PICFLAG >> +enable_host_pie >> host_shared >> extra_linker_plugin_flags >> extra_linker_plugin_configure_flags >> @@ -831,6 +833,7 @@ enable_lto >> enable_linker_plugin_configure_flags >> enable_linker_plugin_flags >> enable_host_shared >> +enable_host_pie >> enable_stage1_languages >> enable_objc_gc >> with_target_bdw_gc >> @@ -1559,6 +1562,7 @@ Optional Features: >> additional flags for configuring and = building linker >> plugins [none] >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >> --enable-stage1-languages[=3Dall] >> choose additional languages to build during = stage1. >> Mostly useful for compiler development >> @@ -8669,11 +8673,29 @@ fi >>=20 >>=20 >>=20 >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> + >> + >> + >> # If we are building PIC/PIE host executables, and we are building = dependent >> # libs (e.g. GMP) in-tree those libs need to be configured to = generate PIC >> # code. >> host_libs_picflag=3D >> -if test "$host_shared" =3D "yes";then >> +if test "$host_shared" =3D "yes" -o "$enable_host_pie" =3D "yes"; = then >> host_libs_picflag=3D'--with-pic' >> fi >>=20 >> diff --git a/configure.ac b/configure.ac >> index f5cce5830bc..2a85834f2b6 100644 >> --- a/configure.ac >> +++ b/configure.ac >> @@ -1913,11 +1913,27 @@ AC_ARG_ENABLE(host-shared, >>=20 >> AC_SUBST(host_shared) >>=20 >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> + >> +AC_SUBST(PICFLAG) >> + >> # If we are building PIC/PIE host executables, and we are building = dependent >> # libs (e.g. GMP) in-tree those libs need to be configured to = generate PIC >> # code. >> host_libs_picflag=3D >> -if test "$host_shared" =3D "yes";then >> +if test "$host_shared" =3D "yes" -o "$enable_host_pie" =3D "yes"; = then >> host_libs_picflag=3D'--with-pic' >> fi >> AC_SUBST(host_libs_picflag) >> diff --git a/fixincludes/Makefile.in b/fixincludes/Makefile.in >> index 1937dcaa32d..e6ce41dba39 100644 >> --- a/fixincludes/Makefile.in >> +++ b/fixincludes/Makefile.in >> @@ -73,7 +73,7 @@ default : all >> # Now figure out from those variables how to compile and link. >>=20 >> .c.o: >> - $(CC) -c $(CFLAGS) $(WARN_CFLAGS) $(CPPFLAGS) $(FIXINC_CFLAGS) = $< >> + $(CC) -c $(CFLAGS) $(PICFLAG) $(WARN_CFLAGS) $(CPPFLAGS) = $(FIXINC_CFLAGS) $< >>=20 >> # The only suffixes we want for implicit rules are .c and .o. >> .SUFFIXES: >> @@ -87,7 +87,11 @@ default : all >> ## >> ## # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # >>=20 >> +ifeq ($(PICFLAG),) >> LIBIBERTY=3D../libiberty/libiberty.a >> +else >> +LIBIBERTY=3D../libiberty/pic/libiberty.a >> +endif >>=20 >> ALLOBJ =3D fixincl.o fixtests.o fixfixes.o server.o procopen.o \ >> fixlib.o fixopts.o >> @@ -107,15 +111,15 @@ oneprocess : full-stamp >> twoprocess : test-stamp $(AF) >>=20 >> full-stamp : $(ALLOBJ) $(LIBIBERTY) >> - $(CC) $(CFLAGS) $(LDFLAGS) -o $(FI) $(ALLOBJ) $(LIBIBERTY) >> + $(CC) $(CFLAGS) $(PICFLAG) $(LDFLAGS) $(LD_PICFLAG) -o $(FI) = $(ALLOBJ) $(LIBIBERTY) >> $(STAMP) $@ >>=20 >> test-stamp : $(TESTOBJ) $(LIBIBERTY) >> - $(CC) $(CFLAGS) $(LDFLAGS) -o $(FI) $(TESTOBJ) $(LIBIBERTY) >> + $(CC) $(CFLAGS) $(PICFLAG) $(LDFLAGS) $(LD_PICFLAG) -o $(FI) = $(TESTOBJ) $(LIBIBERTY) >> $(STAMP) $@ >>=20 >> $(AF): $(FIXOBJ) $(LIBIBERTY) >> - $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(FIXOBJ) $(LIBIBERTY) >> + $(CC) $(CFLAGS) $(PICFLAG) $(LDFLAGS) $(LD_PICFLAG) -o $@ = $(FIXOBJ) $(LIBIBERTY) >>=20 >> $(ALLOBJ) : $(HDR) >> fixincl.o : fixincl.c $(srcdir)/fixincl.x >> diff --git a/fixincludes/configure b/fixincludes/configure >> index bdcc41f6ddc..f1748ebef74 100755 >> --- a/fixincludes/configure >> +++ b/fixincludes/configure >> @@ -623,6 +623,8 @@ ac_subst_vars=3D'LTLIBOBJS >> LIBOBJS >> get_gcc_base_ver >> MAINT >> +LD_PICFLAG >> +PICFLAG >> TARGET >> target_noncanonical >> WERROR >> @@ -695,6 +697,7 @@ enable_option_checking >> enable_werror_always >> with_local_prefix >> enable_twoprocess >> +enable_host_pie >> enable_maintainer_mode >> with_gcc_major_version_only >> ' >> @@ -1323,6 +1326,7 @@ Optional Features: >> --enable-FEATURE[=3DARG] include FEATURE [ARG=3Dyes] >> --enable-werror-always enable -Werror despite compiler version >> --enable-twoprocess Use a separate process to apply the fixes >> + --enable-host-pie build host code as PIE >> --enable-maintainer-mode enable make rules and dependencies not = useful >> (and sometimes confusing) to the casual = installer >>=20 >> @@ -4835,6 +4839,15 @@ $as_echo "#define SEPARATE_FIX_PROC 1" = >>confdefs.h >>=20 >> fi >>=20 >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; PICFLAG=3D-fPIE; LD_PICFLAG=3D-pie >> +fi >> + >> + >> + >> + >> case $host in >> vax-dec-bsd* ) >>=20 >> diff --git a/fixincludes/configure.ac b/fixincludes/configure.ac >> index ef2227e3c93..4e78511d20f 100644 >> --- a/fixincludes/configure.ac >> +++ b/fixincludes/configure.ac >> @@ -68,6 +68,14 @@ if test $TARGET =3D twoprocess; then >> [Define if testing and fixing are done by separate = process]) >> fi >>=20 >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])], >> +[PICFLAG=3D-fPIE; LD_PICFLAG=3D-pie], []) >> +AC_SUBST(PICFLAG) >> +AC_SUBST(LD_PICFLAG) >> + >> case $host in >> vax-dec-bsd* ) >> AC_DEFINE(exit, xexit, [Define to xexit if the host = system does not support atexit]) >> diff --git a/gcc/Makefile.in b/gcc/Makefile.in >> index bb63b5c501d..860fd9af81a 100644 >> --- a/gcc/Makefile.in >> +++ b/gcc/Makefile.in >> @@ -158,6 +158,9 @@ LDFLAGS =3D @LDFLAGS@ >> # Should we build position-independent host code? >> PICFLAG =3D @PICFLAG@ >>=20 >> +# The linker flag for the above. >> +LD_PICFLAG =3D @LD_PICFLAG@ >> + >> # Flags to determine code coverage. When coverage is disabled, this = will >> # contain the optimization flags, as you normally want code coverage >> # without optimization. >> @@ -283,19 +286,19 @@ LINKER =3D $(CC) >> LINKER_FLAGS =3D $(CFLAGS) >> endif >>=20 >> +enable_host_pie =3D @enable_host_pie@ >> + >> # Enable Intel CET on Intel CET enabled host if needed. >> CET_HOST_FLAGS =3D @CET_HOST_FLAGS@ >> COMPILER +=3D $(CET_HOST_FLAGS) >>=20 >> -NO_PIE_CFLAGS =3D @NO_PIE_CFLAGS@ >> -NO_PIE_FLAG =3D @NO_PIE_FLAG@ >> DO_LINK_MUTEX =3D @DO_LINK_MUTEX@ >>=20 >> -# We don't want to compile the compilers with -fPIE, it make PCH = fail. >> -COMPILER +=3D $(NO_PIE_CFLAGS) >> +# Maybe compile the compilers with -fPIE or -fPIC. >> +COMPILER +=3D $(PICFLAG) >>=20 >> -# Link with -no-pie since we compile the compiler with -fno-PIE. >> -LINKER +=3D $(NO_PIE_FLAG) >> +# Link with -pie, or -no-pie, depending on the above. >> +LINKER +=3D $(LD_PICFLAG) >>=20 >> # Like LINKER, but use a mutex for serializing front end links. >> ifeq (@DO_LINK_MUTEX@,true) >> @@ -1067,7 +1070,7 @@ RTL_SSA_H =3D $(PRETTY_PRINT_H) insn-config.h = splay-tree-utils.h \ >> # programs built during a bootstrap. >> # autoconf inserts -DCROSS_DIRECTORY_STRUCTURE if we are building a >> # cross compiler which does not use the native headers and libraries. >> -INTERNAL_CFLAGS =3D -DIN_GCC $(PICFLAG) @CROSS@ >> +INTERNAL_CFLAGS =3D -DIN_GCC @CROSS@ >>=20 >> # This is the variable actually used when we compile. If you change = this, >> # you probably want to update BUILD_CFLAGS in configure.ac >> @@ -1085,21 +1088,24 @@ ALL_CXXFLAGS =3D $(T_CFLAGS) $(CFLAGS-$@) = $(CXXFLAGS) $(INTERNAL_CFLAGS) \ >> ALL_CPPFLAGS =3D $(INCLUDES) $(CPPFLAGS) >>=20 >> # This is the variable to use when using $(COMPILER). >> -ALL_COMPILERFLAGS =3D $(ALL_CXXFLAGS) >> +ALL_COMPILERFLAGS =3D $(ALL_CXXFLAGS) $(PICFLAG) >>=20 >> # This is the variable to use when using $(LINKER). >> -ALL_LINKERFLAGS =3D $(ALL_CXXFLAGS) >> +ALL_LINKERFLAGS =3D $(ALL_CXXFLAGS) $(LD_PICFLAG) >>=20 >> # Build and host support libraries. >>=20 >> -# Use the "pic" build of libiberty if --enable-host-shared, unless = we are >> -# building for mingw. >> +# Use the "pic" build of libiberty if --enable-host-shared or = --enable-host-pie, >> +# unless we are building for mingw. >> LIBIBERTY_PICDIR=3D$(if $(findstring mingw,$(target)),,pic) >> -ifeq ($(enable_host_shared),yes) >> +ifneq ($(enable_host_shared)$(enable_host_pie),) >> LIBIBERTY =3D ../libiberty/$(LIBIBERTY_PICDIR)/libiberty.a >> -BUILD_LIBIBERTY =3D = $(build_libobjdir)/libiberty/$(LIBIBERTY_PICDIR)/libiberty.a >> else >> LIBIBERTY =3D ../libiberty/libiberty.a >> +endif >> +ifeq ($(enable_host_shared),yes) >> +BUILD_LIBIBERTY =3D = $(build_libobjdir)/libiberty/$(LIBIBERTY_PICDIR)/libiberty.a >> +else >> BUILD_LIBIBERTY =3D $(build_libobjdir)/libiberty/libiberty.a >> endif >>=20 >> diff --git a/gcc/configure b/gcc/configure >> index 191f68581b3..629446ecf3b 100755 >> --- a/gcc/configure >> +++ b/gcc/configure >> @@ -632,10 +632,10 @@ ac_includes_default=3D"\ >> ac_subst_vars=3D'LTLIBOBJS >> LIBOBJS >> CET_HOST_FLAGS >> -NO_PIE_FLAG >> -NO_PIE_CFLAGS >> -enable_default_pie >> +LD_PICFLAG >> PICFLAG >> +enable_default_pie >> +enable_host_pie >> enable_host_shared >> enable_plugin >> pluginlibs >> @@ -1030,6 +1030,7 @@ enable_link_serialization >> enable_version_specific_runtime_libs >> enable_plugin >> enable_host_shared >> +enable_host_pie >> enable_libquadmath_support >> with_linker_hash_style >> with_diagnostics_color >> @@ -1792,6 +1793,7 @@ Optional Features: >> in a compiler-specific directory >> --enable-plugin enable plugin support >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >> --disable-libquadmath-support >> disable libquadmath support for Fortran >> --enable-default-pie enable Position Independent Executable as = default >> @@ -19850,7 +19852,7 @@ else >> lt_dlunknown=3D0; lt_dlno_uscore=3D1; lt_dlneed_uscore=3D2 >> lt_status=3D$lt_dlunknown >> cat > conftest.$ac_ext <<_LT_EOF >> -#line 19853 "configure" >> +#line 19867 "configure" >> #include "confdefs.h" >>=20 >> #if HAVE_DLFCN_H >> @@ -19956,7 +19958,7 @@ else >> lt_dlunknown=3D0; lt_dlno_uscore=3D1; lt_dlneed_uscore=3D2 >> lt_status=3D$lt_dlunknown >> cat > conftest.$ac_ext <<_LT_EOF >> -#line 19959 "configure" >> +#line 19973 "configure" >> #include "confdefs.h" >>=20 >> #if HAVE_DLFCN_H >> @@ -32090,13 +32092,17 @@ fi >> # Enable --enable-host-shared >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> -else >> - PICFLAG=3D >> + enableval=3D$enable_host_shared; >> fi >>=20 >>=20 >>=20 >> +# Enable --enable-host-pie >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >>=20 >>=20 >> # Check whether --enable-libquadmath-support was given. >> @@ -32250,10 +32256,6 @@ rm -f core conftest.err conftest.$ac_objext = conftest.$ac_ext >> fi >> { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gcc_cv_c_no_fpie" = >&5 >> $as_echo "$gcc_cv_c_no_fpie" >&6; } >> -if test "$gcc_cv_c_no_fpie" =3D "yes"; then >> - NO_PIE_CFLAGS=3D"-fno-PIE" >> -fi >> - >>=20 >> # Check if -no-pie works. >> { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -no-pie option" = >&5 >> @@ -32278,11 +32280,28 @@ rm -f core conftest.err conftest.$ac_objext = \ >> fi >> { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gcc_cv_no_pie" >&5 >> $as_echo "$gcc_cv_no_pie" >&6; } >> -if test "$gcc_cv_no_pie" =3D "yes"; then >> - NO_PIE_FLAG=3D"-no-pie" >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +elif test x$gcc_cv_c_no_fpie =3D xyes; then >> + PICFLAG=3D-fno-PIE >> +else >> + PICFLAG=3D >> +fi >> + >> +if test x$enable_host_pie =3D xyes; then >> + LD_PICFLAG=3D-pie >> +elif test x$gcc_cv_no_pie =3D xyes; then >> + LD_PICFLAG=3D-no-pie >> +else >> + LD_PICFLAG=3D >> fi >>=20 >>=20 >> + >> + >> # Enable Intel CET on Intel CET enabled host if jit is enabled. >> # Check whether --enable-cet was given. >> if test "${enable_cet+set}" =3D set; then : >> diff --git a/gcc/configure.ac b/gcc/configure.ac >> index 075424669c9..9c69a55668e 100644 >> --- a/gcc/configure.ac >> +++ b/gcc/configure.ac >> @@ -7418,11 +7418,14 @@ fi >> # Enable --enable-host-shared >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> + [build host code as shared libraries])]) >> AC_SUBST(enable_host_shared) >> -AC_SUBST(PICFLAG) >>=20 >> +# Enable --enable-host-pie >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >>=20 >> AC_ARG_ENABLE(libquadmath-support, >> [AS_HELP_STRING([--disable-libquadmath-support], >> @@ -7544,10 +7547,6 @@ AC_CACHE_CHECK([for -fno-PIE option], >> [gcc_cv_c_no_fpie=3Dyes], >> [gcc_cv_c_no_fpie=3Dno]) >> CXXFLAGS=3D"$saved_CXXFLAGS"]) >> -if test "$gcc_cv_c_no_fpie" =3D "yes"; then >> - NO_PIE_CFLAGS=3D"-fno-PIE" >> -fi >> -AC_SUBST([NO_PIE_CFLAGS]) >>=20 >> # Check if -no-pie works. >> AC_CACHE_CHECK([for -no-pie option], >> @@ -7558,10 +7557,27 @@ AC_CACHE_CHECK([for -no-pie option], >> [gcc_cv_no_pie=3Dyes], >> [gcc_cv_no_pie=3Dno]) >> LDFLAGS=3D"$saved_LDFLAGS"]) >> -if test "$gcc_cv_no_pie" =3D "yes"; then >> - NO_PIE_FLAG=3D"-no-pie" >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +elif test x$gcc_cv_c_no_fpie =3D xyes; then >> + PICFLAG=3D-fno-PIE >> +else >> + PICFLAG=3D >> fi >> -AC_SUBST([NO_PIE_FLAG]) >> + >> +if test x$enable_host_pie =3D xyes; then >> + LD_PICFLAG=3D-pie >> +elif test x$gcc_cv_no_pie =3D xyes; then >> + LD_PICFLAG=3D-no-pie >> +else >> + LD_PICFLAG=3D >> +fi >> + >> +AC_SUBST([PICFLAG]) >> +AC_SUBST([LD_PICFLAG]) >>=20 >> # Enable Intel CET on Intel CET enabled host if jit is enabled. >> GCC_CET_HOST_FLAGS(CET_HOST_FLAGS) >> diff --git a/gcc/d/Make-lang.in b/gcc/d/Make-lang.in >> index 1679fb81097..4fbf2096416 100644 >> --- a/gcc/d/Make-lang.in >> +++ b/gcc/d/Make-lang.in >> @@ -64,7 +64,7 @@ ALL_DFLAGS =3D $(DFLAGS-$@) $(GDCFLAGS) = -fversion=3DIN_GCC $(CHECKING_DFLAGS) \ >> $(PICFLAG) $(ALIASING_FLAGS) $(NOEXCEPTION_DFLAGS) = $(COVERAGE_FLAGS) \ >> $(WARN_DFLAGS) >>=20 >> -DCOMPILE.base =3D $(GDC) $(NO_PIE_CFLAGS) -c $(ALL_DFLAGS) -o $@ >> +DCOMPILE.base =3D $(GDC) -c $(ALL_DFLAGS) -o $@ >> DCOMPILE =3D $(DCOMPILE.base) -MT $@ -MMD -MP -MF = $(@D)/$(DEPDIR)/$(*F).TPo >> DPOSTCOMPILE =3D @mv $(@D)/$(DEPDIR)/$(*F).TPo = $(@D)/$(DEPDIR)/$(*F).Po >> DLINKER =3D $(GDC) $(NO_PIE_FLAG) -lstdc++ >> diff --git a/gcc/doc/install.texi b/gcc/doc/install.texi >> index fa91ce1953d..2248308dbdf 100644 >> --- a/gcc/doc/install.texi >> +++ b/gcc/doc/install.texi >> @@ -1072,14 +1072,26 @@ code. >>=20 >> @item --enable-host-shared >> Specify that the @emph{host} code should be built into = position-independent >> -machine code (with -fPIC), allowing it to be used within shared = libraries, >> -but yielding a slightly slower compiler. >> +machine code (with @option{-fPIC}), allowing it to be used within = shared >> +libraries, but yielding a slightly slower compiler. >>=20 >> This option is required when building the libgccjit.so library. >>=20 >> Contrast with @option{--enable-shared}, which affects @emph{target} >> libraries. >>=20 >> +@item --enable-host-pie >> +Specify that the @emph{host} executables should be built into >> +position-independent executables (with @option{-fPIE} and = @option{-pie}), >> +yielding a slightly slower compiler (but faster than >> +@option{--enable-host-shared}). Position-independent executables = are loaded >> +at random addresses each time they are executed, therefore provide = additional >> +protection against Return Oriented Programming (ROP) attacks. >> + >> +@option{--enable-host-pie}) may be used with = @option{--enable-host-shared}), >> +in which case @option{-fPIC} is used when compiling, and = @option{-pie} when >> +linking. >> + >> @item @anchor{with-gnu-as}--with-gnu-as >> Specify that the compiler should assume that the >> assembler it finds is the GNU assembler. However, this does not = modify >> diff --git a/intl/Makefile.in b/intl/Makefile.in >> index 409d693c48e..5beebdc152c 100644 >> --- a/intl/Makefile.in >> +++ b/intl/Makefile.in >> @@ -54,7 +54,7 @@ CTAGS =3D @CTAGS@ >> ETAGS =3D @ETAGS@ >> MKID =3D @MKID@ >>=20 >> -COMPILE =3D $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(DEFS-$@) = $(INCLUDES) >> +COMPILE =3D $(CC) -c $(CPPFLAGS) $(CFLAGS) @PICFLAG@ $(DEFS) = $(DEFS-$@) $(INCLUDES) >>=20 >> HEADERS =3D \ >> gmo.h \ >> diff --git a/intl/configure b/intl/configure >> index 03f40487a92..79bb5831a47 100755 >> --- a/intl/configure >> +++ b/intl/configure >> @@ -623,6 +623,8 @@ ac_header_list=3D >> ac_subst_vars=3D'LTLIBOBJS >> LIBOBJS >> PICFLAG >> +enable_host_pie >> +enable_host_shared >> BISON3_NO >> BISON3_YES >> INCINTL >> @@ -731,6 +733,7 @@ with_libintl_prefix >> with_libintl_type >> enable_maintainer_mode >> enable_host_shared >> +enable_host_pie >> ' >> ac_precious_vars=3D'build_alias >> host_alias >> @@ -1356,6 +1359,7 @@ Optional Features: >> --disable-rpath do not hardcode runtime library paths >> --enable-maintainer-mode enable rules only needed by maintainers >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >>=20 >> Optional Packages: >> --with-PACKAGE[=3DARG] use PACKAGE [ARG=3Dyes] >> @@ -6852,15 +6856,31 @@ fi >>=20 >>=20 >>=20 >> +# Enable --enable-host-shared. >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> + enableval=3D$enable_host_shared; >> +fi >> + >> + >> + >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> else >> PICFLAG=3D >> fi >>=20 >>=20 >> - >> ac_config_files=3D"$ac_config_files Makefile config.intl" >>=20 >> cat >confcache <<\_ACEOF >> diff --git a/intl/configure.ac b/intl/configure.ac >> index 16a740aa230..81aa831f59f 100644 >> --- a/intl/configure.ac >> +++ b/intl/configure.ac >> @@ -83,10 +83,25 @@ fi >> AC_SUBST(BISON3_YES) >> AC_SUBST(BISON3_NO) >>=20 >> +# Enable --enable-host-shared. >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> + [build host code as shared libraries])]) >> +AC_SUBST(enable_host_shared) >> + >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> AC_SUBST(PICFLAG) >>=20 >> AC_CONFIG_FILES(Makefile config.intl) >> diff --git a/libcody/Makefile.in b/libcody/Makefile.in >> index bb87468cb9a..cb01b0092d8 100644 >> --- a/libcody/Makefile.in >> +++ b/libcody/Makefile.in >> @@ -31,7 +31,7 @@ endif >> CXXOPTS +=3D $(filter-out -DHAVE_CONFIG_H,@DEFS@) -include config.h >>=20 >> # Linker options >> -LDFLAGS :=3D @LDFLAGS@ >> +LDFLAGS :=3D @LDFLAGS@ @LD_PICFLAG@ >> LIBS :=3D @LIBS@ >>=20 >> # Per-source & per-directory compile flags (warning: recursive) >> diff --git a/libcody/configure b/libcody/configure >> index da52a5cfca5..0e536c0ccb0 100755 >> --- a/libcody/configure >> +++ b/libcody/configure >> @@ -591,7 +591,10 @@ configure_args >> AR >> RANLIB >> EXCEPTIONS >> +LD_PICFLAG >> PICFLAG >> +enable_host_pie >> +enable_host_shared >> OBJEXT >> EXEEXT >> ac_ct_CXX >> @@ -653,6 +656,7 @@ enable_maintainer_mode >> with_compiler >> enable_checking >> enable_host_shared >> +enable_host_pie >> enable_exceptions >> ' >> ac_precious_vars=3D'build_alias >> @@ -1286,6 +1290,7 @@ Optional Features: >> yes,no,all,none,release. Flags are: = misc,valgrind or >> other strings >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >> --enable-exceptions enable exceptions & rtti >>=20 >> Optional Packages: >> @@ -2635,11 +2640,34 @@ fi >> # Enable --enable-host-shared. >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> + enableval=3D$enable_host_shared; >> +fi >> + >> + >> + >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> else >> PICFLAG=3D >> fi >>=20 >> +if test x$enable_host_pie =3D xyes; then >> + LD_PICFLAG=3D-pie >> +else >> + LD_PICFLAG=3D >> +fi >> + >> + >>=20 >>=20 >> # Check whether --enable-exceptions was given. >> diff --git a/libcody/configure.ac b/libcody/configure.ac >> index 960191ecb72..14e8dd4a226 100644 >> --- a/libcody/configure.ac >> +++ b/libcody/configure.ac >> @@ -63,9 +63,31 @@ fi >> # Enable --enable-host-shared. >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> + [build host code as shared libraries])]) >> +AC_SUBST(enable_host_shared) >> + >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> + >> +if test x$enable_host_pie =3D xyes; then >> + LD_PICFLAG=3D-pie >> +else >> + LD_PICFLAG=3D >> +fi >> + >> AC_SUBST(PICFLAG) >> +AC_SUBST(LD_PICFLAG) >>=20 >> NMS_ENABLE_EXCEPTIONS >>=20 >> diff --git a/libcpp/configure b/libcpp/configure >> index e9937cde330..1389ddab544 100755 >> --- a/libcpp/configure >> +++ b/libcpp/configure >> @@ -625,6 +625,8 @@ ac_includes_default=3D"\ >> ac_subst_vars=3D'LTLIBOBJS >> CET_HOST_FLAGS >> PICFLAG >> +enable_host_pie >> +enable_host_shared >> MAINT >> USED_CATALOGS >> PACKAGE >> @@ -738,6 +740,7 @@ enable_maintainer_mode >> enable_checking >> enable_canonical_system_headers >> enable_host_shared >> +enable_host_pie >> enable_cet >> enable_valgrind_annotations >> ' >> @@ -1379,6 +1382,7 @@ Optional Features: >> --enable-canonical-system-headers >> enable or disable system headers = canonicalization >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >> --enable-cet enable Intel CET in host libraries = [default=3Dauto] >> --enable-valgrind-annotations >> enable valgrind runtime interaction >> @@ -7605,7 +7609,23 @@ esac >> # Enable --enable-host-shared. >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> + enableval=3D$enable_host_shared; >> +fi >> + >> + >> + >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> else >> PICFLAG=3D >> fi >> diff --git a/libcpp/configure.ac b/libcpp/configure.ac >> index 89ac99b04bd..b29b4d6acf1 100644 >> --- a/libcpp/configure.ac >> +++ b/libcpp/configure.ac >> @@ -211,8 +211,23 @@ esac >> # Enable --enable-host-shared. >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> + [build host code as shared libraries])]) >> +AC_SUBST(enable_host_shared) >> + >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> + >> AC_SUBST(PICFLAG) >>=20 >> # Enable Intel CET on Intel CET enabled host if jit is enabled. >> diff --git a/libdecnumber/configure b/libdecnumber/configure >> index fb6db05565a..84bc4ffc767 100755 >> --- a/libdecnumber/configure >> +++ b/libdecnumber/configure >> @@ -626,6 +626,8 @@ ac_subst_vars=3D'LTLIBOBJS >> LIBOBJS >> CET_HOST_FLAGS >> PICFLAG >> +enable_host_pie >> +enable_host_shared >> ADDITIONAL_OBJS >> enable_decimal_float >> target_os >> @@ -706,6 +708,7 @@ enable_werror_always >> enable_maintainer_mode >> enable_decimal_float >> enable_host_shared >> +enable_host_pie >> enable_cet >> ' >> ac_precious_vars=3D'build_alias >> @@ -1338,6 +1341,7 @@ Optional Features: >> or 'dpd' choses which decimal floating point = format >> to use >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >> --enable-cet enable Intel CET in host libraries = [default=3Dauto] >>=20 >> Some influential environment variables: >> @@ -5186,7 +5190,23 @@ $as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" = >>confdefs.h >> # Enable --enable-host-shared. >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> + enableval=3D$enable_host_shared; >> +fi >> + >> + >> + >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> else >> PICFLAG=3D >> fi >> diff --git a/libdecnumber/configure.ac b/libdecnumber/configure.ac >> index aafd06f8a64..30a51ca410b 100644 >> --- a/libdecnumber/configure.ac >> +++ b/libdecnumber/configure.ac >> @@ -100,8 +100,23 @@ AC_C_BIGENDIAN >> # Enable --enable-host-shared. >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> + [build host code as shared libraries])]) >> +AC_SUBST(enable_host_shared) >> + >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >> + >> AC_SUBST(PICFLAG) >>=20 >> # Enable Intel CET on Intel CET enabled host if jit is enabled. >> diff --git a/libiberty/configure b/libiberty/configure >> index 860f981fa18..b8a19c42110 100755 >> --- a/libiberty/configure >> +++ b/libiberty/configure >> @@ -5258,8 +5258,8 @@ case "${enable_shared}" in >> *) shared=3Dyes ;; >> esac >>=20 >> -# ...unless --enable-host-shared was passed from top-level config: >> -if [ "${enable_host_shared}" =3D "yes" ]; then >> +# ...unless --enable-host-{shared,pie} was passed from top-level = config: >> +if [ "${enable_host_shared}" =3D "yes" ] || [ "${enable_host_pie}" =3D= "yes" ]; then >> shared=3Dyes >> fi >>=20 >> diff --git a/libiberty/configure.ac b/libiberty/configure.ac >> index 28d996f9cf7..6747a7b5cff 100644 >> --- a/libiberty/configure.ac >> +++ b/libiberty/configure.ac >> @@ -233,8 +233,8 @@ case "${enable_shared}" in >> *) shared=3Dyes ;; >> esac >>=20 >> -# ...unless --enable-host-shared was passed from top-level config: >> -if [[ "${enable_host_shared}" =3D "yes" ]]; then >> +# ...unless --enable-host-{shared,pie} was passed from top-level = config: >> +if [[ "${enable_host_shared}" =3D "yes" ]] || [[ = "${enable_host_pie}" =3D "yes" ]]; then >> shared=3Dyes >> fi >>=20 >> diff --git a/zlib/configure b/zlib/configure >> index e35ac6e7e17..77be6c284e3 100755 >> --- a/zlib/configure >> +++ b/zlib/configure >> @@ -635,6 +635,8 @@ am__EXEEXT_TRUE >> LTLIBOBJS >> LIBOBJS >> PICFLAG >> +enable_host_pie >> +enable_host_shared >> TARGET_LIBRARY_FALSE >> TARGET_LIBRARY_TRUE >> toolexeclibdir >> @@ -778,6 +780,7 @@ with_gnu_ld >> enable_libtool_lock >> with_toolexeclibdir >> enable_host_shared >> +enable_host_pie >> ' >> ac_precious_vars=3D'build_alias >> host_alias >> @@ -1420,6 +1423,7 @@ Optional Features: >> optimize for fast installation = [default=3Dyes] >> --disable-libtool-lock avoid locking (might break parallel builds) >> --enable-host-shared build host code as shared libraries >> + --enable-host-pie build host code as PIE >>=20 >> Optional Packages: >> --with-PACKAGE[=3DARG] use PACKAGE [ARG=3Dyes] >> @@ -10759,7 +10763,7 @@ else >> lt_dlunknown=3D0; lt_dlno_uscore=3D1; lt_dlneed_uscore=3D2 >> lt_status=3D$lt_dlunknown >> cat > conftest.$ac_ext <<_LT_EOF >> -#line 10762 "configure" >> +#line 10778 "configure" >> #include "confdefs.h" >>=20 >> #if HAVE_DLFCN_H >> @@ -10865,7 +10869,7 @@ else >> lt_dlunknown=3D0; lt_dlno_uscore=3D1; lt_dlneed_uscore=3D2 >> lt_status=3D$lt_dlunknown >> cat > conftest.$ac_ext <<_LT_EOF >> -#line 10868 "configure" >> +#line 10884 "configure" >> #include "confdefs.h" >>=20 >> #if HAVE_DLFCN_H >> @@ -11548,15 +11552,31 @@ else >> multilib_arg=3D >> fi >>=20 >> +# Enable --enable-host-shared. >> # Check whether --enable-host-shared was given. >> if test "${enable_host_shared+set}" =3D set; then : >> - enableval=3D$enable_host_shared; PICFLAG=3D-fPIC >> + enableval=3D$enable_host_shared; >> +fi >> + >> + >> + >> +# Enable --enable-host-pie. >> +# Check whether --enable-host-pie was given. >> +if test "${enable_host_pie+set}" =3D set; then : >> + enableval=3D$enable_host_pie; >> +fi >> + >> + >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> else >> PICFLAG=3D >> fi >>=20 >>=20 >> - >> ac_config_files=3D"$ac_config_files Makefile" >>=20 >> cat >confcache <<\_ACEOF >> diff --git a/zlib/configure.ac b/zlib/configure.ac >> index be1cfe29651..adf7aad4e51 100644 >> --- a/zlib/configure.ac >> +++ b/zlib/configure.ac >> @@ -122,11 +122,26 @@ else >> multilib_arg=3D >> fi >>=20 >> +# Enable --enable-host-shared. >> AC_ARG_ENABLE(host-shared, >> [AS_HELP_STRING([--enable-host-shared], >> - [build host code as shared libraries])], >> -[PICFLAG=3D-fPIC], [PICFLAG=3D]) >> -AC_SUBST(PICFLAG) >> + [build host code as shared libraries])]) >> +AC_SUBST(enable_host_shared) >> + >> +# Enable --enable-host-pie. >> +AC_ARG_ENABLE(host-pie, >> +[AS_HELP_STRING([--enable-host-pie], >> + [build host code as PIE])]) >> +AC_SUBST(enable_host_pie) >> + >> +if test x$enable_host_shared =3D xyes; then >> + PICFLAG=3D-fPIC >> +elif test x$enable_host_pie =3D xyes; then >> + PICFLAG=3D-fPIE >> +else >> + PICFLAG=3D >> +fi >>=20 >> +AC_SUBST(PICFLAG) >> AC_CONFIG_FILES([Makefile]) >> AC_OUTPUT >>=20 >> base-commit: bbb6cf926f1732559b3a8aaf2796d34e8651c066 >> --=20 >> 2.40.1 >>=20 >=20 > Marek >=20