2024 -> 2025

2023 -> 2024

[ This is my third attempt to add this configure option.  The first
version was approved but it came too late in the development cycle.
The second version was also approved, but I had to revert it:
<https://gcc.gnu.org/pipermail/gcc-patches/2022-November/607082.html>.
I've fixed the problem (by moving $(PICFLAG) from INTERNAL_CFLAGS to
ALL_COMPILERFLAGS).  Another change is that since r13-4536 I no longer
need to touch Makefile.def, so this patch is simplified. ]

This patch implements the --enable-host-pie configure option which
makes the compiler executables PIE.  This can be used to enhance
protection against ROP attacks, and can be viewed as part of a wider
trend to harden binaries.

It is similar to the option --enable-host-shared, except that --e-h-s
won't add -shared to the linker flags whereas --e-h-p will add -pie.
It is different from --enable-default-pie because that option just
adds an implicit -fPIE/-pie when the compiler is invoked, but the
compiler itself isn't PIE.

Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH
regressions.

When building the compiler, the build process may use various in-tree
libraries; these need to be built with -fPIE so that it's possible to
use them when building a PIE.  For instance, when --with-included-gettext
is in effect, intl object files must be compiled with -fPIE.  Similarly,
when building in-tree gmp, isl, mpfr and mpc, they must be compiled with
-fPIE.

With this patch and --enable-host-pie used to configure gcc:

$ file gcc/cc1{,plus,obj,gm2} gcc/f951 gcc/lto1 gcc/cpp gcc/go1 gcc/rust1 gcc/gnat1
gcc/cc1:     ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=98e22cde129d304aa6f33e61b1c39e144aeb135e, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/cc1plus: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=859d1ea37e43dfe50c18fd4e3dd9a34bb1db8f77, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/cc1obj:  ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1964f8ecee6163182bc26134e2ac1f324816e434, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/cc1gm2:  ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a396672c7ff913d21855829202e7b02ecf42ff4c, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/f951:    ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=59c523db893186547ac75c7a71f48be0a461c06b, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/lto1:    ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=084a7b77df7be2d63c2d4c655b5bbc3fcdb6038d, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/cpp:     ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3503bf8390d219a10d6653b8560aa21158132168, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/go1:     ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=988cc673af4fba5dcb482f4b34957b99050a68c5, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/rust1:   ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b6a5d3d514446c4dcdee0707f086ab9b274a8a3c, for GNU/Linux 3.2.0, with debug_info, not stripped
gcc/gnat1:   ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=bb11ccdc2c366fe3fe0980476bcd8ca19b67f9dc, for GNU/Linux 3.2.0, with debug_info, not stripped

I plan to add an option to link with -Wl,-z,now.

Bootstrapped on x86_64-pc-linux-gnu with --with-included-gettext
--enable-host-pie as well as without --enable-host-pie.  Also tested
on a Debian system where the system gcc was configured with
--enable-default-pie.

Co-Authored by: Iain Sandoe  <iain@sandoe.co.uk>

ChangeLog:

	* configure.ac (--enable-host-pie): New check.  Set PICFLAG after this
	check.
	* configure: Regenerate.

c++tools/ChangeLog:

	* Makefile.in: Rename PIEFLAG to PICFLAG.  Set LD_PICFLAG.  Use it.
	Use pic/libiberty.a if PICFLAG is set.
	* configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG.
	(--enable-host-pie): New check.
	* configure: Regenerate.

fixincludes/ChangeLog:

	* Makefile.in: Set and use PICFLAG and LD_PICFLAG.  Use the "pic"
	build of libiberty if PICFLAG is set.
	* configure.ac:
	* configure: Regenerate.

gcc/ChangeLog:

	* Makefile.in: Set LD_PICFLAG.  Use it.  Set enable_host_pie.
	Remove NO_PIE_CFLAGS and NO_PIE_FLAG.  Pass LD_PICFLAG to
	ALL_LINKERFLAGS.  Use the "pic" build of libiberty if --enable-host-pie.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.
	* doc/install.texi: Document --enable-host-pie.

gcc/ada/ChangeLog:

	* gcc-interface/Make-lang.in (ALL_ADAFLAGS): Remove NO_PIE_CFLAGS.  Add
	PICFLAG.  Use PICFLAG when building ada/b_gnat1.o and ada/b_gnatb.o.
	* gcc-interface/Makefile.in: Use pic/libiberty.a if PICFLAG is set.
	Remove NO_PIE_FLAG.

gcc/m2/ChangeLog:

	* Make-lang.in: New var, GM2_PICFLAGS.  Use it.

gcc/d/ChangeLog:

	* Make-lang.in: Remove NO_PIE_CFLAGS.

intl/ChangeLog:

	* Makefile.in: Use @PICFLAG@ in COMPILE as well.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libcody/ChangeLog:

	* Makefile.in: Pass LD_PICFLAG to LDFLAGS.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.

libcpp/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libdecnumber/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libiberty/ChangeLog:

	* configure.ac: Also set shared when enable_host_pie.
	* configure: Regenerate.

zlib/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

2022 -> 2023

This reverts commit 251c72a6.

This patch implements the --enable-host-pie configure option which
makes the compiler executables PIE.  This can be used to enhance
protection against ROP attacks, and can be viewed as part of a wider
trend to harden binaries.

It is similar to the option --enable-host-shared, except that --e-h-s
won't add -shared to the linker flags whereas --e-h-p will add -pie.
It is different from --enable-default-pie because that option just
adds an implicit -fPIE/-pie when the compiler is invoked, but the
compiler itself isn't PIE.

Since r12-5768-gfe7c3ecf, PCH works well with PIE, so there are no PCH
regressions.

When building the compiler, the build process may use various in-tree
libraries; these need to be built with -fPIE so that it's possible to
use them when building a PIE.  For instance, when --with-included-gettext
is in effect, intl object files must be compiled with -fPIE.  Similarly,
when building in-tree gmp, isl, mpfr and mpc, they must be compiled with
-fPIE.

I plan to add an option to link with -Wl,-z,now.

ChangeLog:

	* Makefile.def: Pass $(PICFLAG) to AM_CFLAGS for gmp, mpfr, mpc, and
	isl.
	* Makefile.in: Regenerate.
	* Makefile.tpl: Set PICFLAG.
	* configure.ac (--enable-host-pie): New check.  Set PICFLAG after this
	check.
	* configure: Regenerate.

c++tools/ChangeLog:

	* Makefile.in: Rename PIEFLAG to PICFLAG.  Set LD_PICFLAG.  Use it.
	Use pic/libiberty.a if PICFLAG is set.
	* configure.ac (--enable-default-pie): Set PICFLAG instead of PIEFLAG.
	(--enable-host-pie): New check.
	* configure: Regenerate.

fixincludes/ChangeLog:

	* Makefile.in: Set and use PICFLAG and LD_PICFLAG.  Use the "pic"
	build of libiberty if PICFLAG is set.
	* configure.ac:
	* configure: Regenerate.

gcc/ChangeLog:

	* Makefile.in: Set LD_PICFLAG.  Use it.  Set enable_host_pie.
	Remove NO_PIE_CFLAGS and NO_PIE_FLAG.  Pass LD_PICFLAG to
	ALL_LINKERFLAGS.  Use the "pic" build of libiberty if --enable-host-pie.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.
	* doc/install.texi: Document --enable-host-pie.

gcc/d/ChangeLog:

	* Make-lang.in: Remove NO_PIE_CFLAGS.

intl/ChangeLog:

	* Makefile.in: Use @PICFLAG@ in COMPILE as well.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libcody/ChangeLog:

	* Makefile.in: Pass LD_PICFLAG to LDFLAGS.
	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG and LD_PICFLAG after this
	check.
	* configure: Regenerate.

libcpp/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libdecnumber/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

libiberty/ChangeLog:

	* configure.ac: Also set shared when enable_host_pie.
	* configure: Regenerate.

zlib/ChangeLog:

	* configure.ac (--enable-host-shared): Don't set PICFLAG here.
	(--enable-host-pie): New check.  Set PICFLAG after this check.
	* configure: Regenerate.

Two non-portable shell constructs have been long present in libcody's
build rule for revision.stamp: $() instead of ``, and += to append to
a shell variable.  The former seems to work even when bash is
operating as /bin/sh, but += doesn't, and it ends up trying to run
revision+=M as a command name, and issuing an error as that command is
(hopefully) not found.

This patch replaces both constructs with more portable ones.


for  libcody/ChangeLog

	* Makefile.in (revision.stamp): Replace $() and += with more
	portable shell constructs.

the getaddrinfo() requires either a non-null name for the server or
a port service / number.  In the code that opens a connection we have
been calling this with a dummy port number of "0".  Unfortunately this
triggers a bug in some BSD versions and OSes importing that code.

In this part of the code we do not really need a port number, since it
is not reasonable to open a connection to an unspecified host.

Setting hints info field to 0, and the servname parm to nullptr works
around the BSD bug in this case.

Signed-off-by: Iain Sandoe <iain@sandoe.co.uk>

libcody/ChangeLog:

	* netclient.cc (OpenInet6): Do not provide a dummy port number
	in the getaddrinfo() call.

Do this separately from all other Copyright updates, as ChangeLog files
can be modified only separately.

	PR other/102657

libcody/ChangeLog:

	* Makefile.in: Add mostlyclean Makefile target.

If the listen call fails then 'goto fail' will jump to that label and
use freeaddrinfo again. Set the pointer to null to prevent that.

libcody/ChangeLog:

	* netserver.cc (ListenInet6): Set pointer to null after
	deallocation.

Apparently this was never needed.

	libcody/
	* LICENSE.gcc: Delete.

Libcody's configurey was overly 'clever'.  That didn't play well with
GCC's structure.  This removes lots of that overengineering, using
libcpp as an example.

	libcody/
	* Makefile.in: Remove auto parallelize, swallow Makesub.in. Don't
	check compiler name here.
	* Makesub.in: Delete.
	* build-aux/config.guess: Delete.
	* build-aux/config.sub: Delete.
	* build-aux/install-sh: Delete.
	* dox.cfg.in: Delete.
	* gdbinit.in: Delete.
	* internal.hh (BuildNote): Delete.
	* fatal.cc (BuildNote): Delete.
	* config.m4: Remove unneeded fns.
	* configure.ac: Remove unneccessary checks and configures.
	* configure: Rebuilt.
	* config.h.in: Rebuilt.

2021-01-06  John David Anglin  <danglin@gcc.gnu.org>

libcody/ChangeLog:

	PR bootstrap/98506
	* resolver.cc: Only use fstatat when _POSIX_C_SOURCE >= 200809L.

Compiling on clang showed a couple of pessimizations.  Fixed thusly.

	libcody/
	* client.cc (Client::ProcessResponse): Remove std::move
	inside ?:
	c++tools/
	* resolver.cc (module_resolver::cmi_response): Remove
	std::move of temporary.

An obvious thinko in dirve name check :(

	libcody/
	* resolver.cc (IsAbsDir): Fix string indexing.

Signed-off-by: Nathan Sidwell <nathan@acm.org>

Do this separately from all other Copyright updates, as ChangeLog files
can be modified only separately.

libcody's testsuite is not very portable, and is testing a host
library, so will do weird things on cross compiling, I think.  Let's
just drop it.

	libcody/
	* Makefile.in (LDFLAGS): Drop -L..
	* tests/01-serialize/connect.cc: Delete.
	* tests/01-serialize/decoder.cc: Delete.
	* tests/01-serialize/encoder.cc: Delete.
	* tests/02-comms/client-1.cc: Delete.
	* tests/02-comms/pivot-1.cc: Delete.
	* tests/02-comms/server-1.cc: Delete.
	* tests/Makesub.in: Delete.
	* tests/jouster: Delete.

Fix some more system-specific issues.  Not everyone's C++11 is the same :(

	PR bootstrap/98412
	libcody/
	* client.cc: Include cstdlib.
	* server.cc: Include cstdlib.
	gcc/cp/
	* mapper-client.cc: INCLUDE_STRING, INCLUDE_VECTOR.
	(module_client::open_module_client): Avoid std::stoul.
	* mapper-resolver.cc: INCLUDE_STRING, INCLUDE_VECTOR.

libcody as originally added to GCC fail to build on *-unknown-freebsd11.4
and presumably others:

  c++ -std=c++11 -g -include config.h -I ... -MMD -MP -MF netclient.d -c
    -o netclient.o
  .../libcody/netclient.cc:114:3: error: unknown type sockaddr_in6 addr;
                                                      ^~~~~~~~~~~~

sockaddr_in6 is declared in /usr/include/netinet6/in6.h,
which is included by /usr/include/netinet/in.h.

Indeed, per https://man7.org/linux/man-pages/man7/ipv6.7.html

    #include <sys/socket.h>
    #include <netinet/in.h>

should be included, and our own gcc/ada/gsocket.h also has

    #if !(defined (VMS) || defined (__MINGW32__))
    #include <sys/socket.h>
    #include <sys/un.h>
    #include <netinet/in.h>
    :
    #endif

libcody/ChangeLog:

2020-12-21  Gerald Pfeifer  <gerald@pfeifer.com>

	* netserver.cc: Include <netinet/in.h>.

Add RANLIB.

	libcody/
	* Makefile.in (RANLIB): New var.
	* Makesub.in (libcody.a): Apply RANLIB.
	* configure.ac: Call AC_PROG_RANLIB.
	* configure: Rebuilt.

to_string is not always available, so don't use it.

	libcody/
	* buffer.cc (MessageBuffer::AppendInteger): Workaround
	to_string's non-ubiquity.

We explicitly need to inlude netinet.h, (despite what happened on my test systems)

	libcody/
	* netclient.cc: Add netinet.h.

While this doesn't fix 98324, it was an omission.  Cribbed code from
libcpp to build libcody as PIC.

	libcody/
	* configure.ac: Add --enable-host-shared.
	* Makefile.in: Add FLAGPIC.
	* configure: Regenerated.

This asm was a useful place for gdb to drop a breakpoint and make it
clear where you were when debugging.  I took a punt that 'surely every
arch has a nop instruction'. Well, no, some apparently have nops with
operands (what, do nothing harder? :)

	libcody/
	* fatal.cc (HCF): Remove nop breakpoint lander.

Rather than early-include sys/socket.h, let's allow the includer to
tell cody no networking.

	libcody/
	* cody.hh: Allow user to set CODY_NETWORKING.
	gcc/cp/
	* mapper-resolver.cc: Remove early include of
	sys/socket.h.  Specify no CODY_NETWORKING instead.
	* module.cc: Specify no CODY_NETWORKING.