Re: [PATCH] configure: Implement --enable-host-pie

[Marek Polacek <polacek@redhat.com>]

On Sun, Nov 20, 2022 at 08:06:55AM -0700, Jeff Law wrote:
> 
> On 11/10/22 19:52, Marek Polacek via Gcc-patches wrote:
> > This is a rebased version of the patch I posted in March:
> > <https://gcc.gnu.org/pipermail/gcc-patches/2022-March/591239.html>
> > which Alex sort of approved here:
> > <https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592360.html>
> > but it was too late to commit the patch in GCC 12.
> > 
> > There are no changes except that I've converted the documentation
> > part into the ReST format, and of course regenerated configure.
> > 
> > With --enable-host-pie enabled:
> > $ file ./gcc/cc1 ./gcc/cc1plus
> > ./gcc/cc1:     ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not stripped
> > ./gcc/cc1plus: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not stripped
> > 
> > Bootstrapped/regtested on x86_64-pc-linux-gnu w/ and w/o --enable-host-pie,
> > ok for trunk?
> > 
> > -- >8 --
> > 
> > This patch implements the --enable-host-pie configure option which
> > makes the compiler executables PIE.  This can be used to enhance
> > protection against ROP attacks, and can be viewed as part of a wider
> > trend to harden binaries.
> > 
> > It is similar to the option --enable-host-shared, except that --e-h-s
> > won't add -shared to the linker flags whereas --e-h-p will add -pie.
> > It is different from --enable-default-pie because that option just
> > adds an implicit -fPIE/-pie when the compiler is invoked, but the
> > compiler itself isn't PIE.
> > 
> > Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH
> > regressions.
> > 
> > When building the compiler, the build process may use various in-tree
> > libraries; these need to be built with -fPIE so that it's possible to
> > use them when building a PIE.  For instance, when --with-included-gettext
> > is in effect, intl object files must be compiled with -fPIE.  Similarly,
> > when building in-tree gmp, isl, mpfr and mpc, they must be compiled with
> > -fPIE.
> > 
> > I plan to add an option to link with -Wl,-z,now.
> > 
> > ChangeLog:
> > 
> > 	* Makefile.def: Pass $(PICFLAG) to AM_CFLAGS for gmp, mpfr, mpc, and
> > 	isl.
> > 	* Makefile.in: Regenerate.
> > 	* Makefile.tpl: Set PICFLAG.
> > 	* configure.ac (--enable-host-pie): New check.  Set PICFLAG after this
> > 	check.
> > 	* configure: Regenerate.
> > 
> > c++tools/ChangeLog:
> > 
> > 	* Makefile.in: Rename PIEFLAG to PICFLAG.  Set LD_PICFLAG.  Use it.
> > 	Use pic/libiberty.a if PICFLAG is set.
> > 	* configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG.
> > 	(--enable-host-pie): New check.
> > 	* configure: Regenerate.
> > 
> > fixincludes/ChangeLog:
> > 
> > 	* Makefile.in: Set and use PICFLAG and LD_PICFLAG.  Use the "pic"
> > 	build of libiberty if PICFLAG is set.
> > 	* configure.ac:
> > 	* configure: Regenerate.
> > 
> > gcc/ChangeLog:
> > 
> > 	* Makefile.in: Set LD_PICFLAG.  Use it.  Set enable_host_pie.
> > 	Remove NO_PIE_CFLAGS and NO_PIE_FLAG.  Pass LD_PICFLAG to
> > 	ALL_LINKERFLAGS.  Use the "pic" build of libiberty if --enable-host-pie.
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
> > 	check.
> > 	* configure: Regenerate.
> > 	* doc/install/configuration.rst: Document --enable-host-pie.
> > 
> > gcc/d/ChangeLog:
> > 
> > 	* Make-lang.in: Remove NO_PIE_CFLAGS.
> > 
> > intl/ChangeLog:
> > 
> > 	* Makefile.in: Use @PICFLAG@ in COMPILE as well.
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG after this check.
> > 	* configure: Regenerate.
> > 
> > libcody/ChangeLog:
> > 
> > 	* Makefile.in: Pass LD_PICFLAG to LDFLAGS.
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
> > 	check.
> > 	* configure: Regenerate.
> > 
> > libcpp/ChangeLog:
> > 
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG after this check.
> > 	* configure: Regenerate.
> > 
> > libdecnumber/ChangeLog:
> > 
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG after this check.
> > 	* configure: Regenerate.
> > 
> > libiberty/ChangeLog:
> > 
> > 	* configure.ac: Also set shared when enable_host_pie.
> > 	* configure: Regenerate.
> > 
> > zlib/ChangeLog:
> > 
> > 	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
> > 	(--enable-host-pie): New check.  Set PICFLAG after this check.
> > 	* configure: Regenerate.
> 
> OK.

Thanks!  Unfortunately, even though I'd retested the patch before pushing,
it seemed to break the build on gcc-debian-amd64:
https://builder.sourceware.org/buildbot/#/builders/154/builds/2160/steps/4/logs/stdio
so I've reverted both patches.  Sigh.

Marek