review.tizen.org Git - platform/upstream/gcc.git/commit

author	Marek Polacek <polacek@redhat.com>
	Wed, 23 Nov 2022 01:46:46 +0000 (20:46 -0500)
committer	Marek Polacek <polacek@redhat.com>
	Wed, 23 Nov 2022 01:47:49 +0000 (20:47 -0500)
commit	258d7149f92f19380c9f7763618d62408c064e60
tree	9549da576a7db4013d5352370daa4d3ab39269f4	tree \| snapshot
parent	251c72a68af3a8b0638705b73ef120ffdf0053eb	commit \| diff

configure: Implement --enable-host-bind-now

As promised in the --enable-host-pie patch, this patch adds another
configure option, --enable-host-bind-now, which adds -z now when linking
the compiler executables in order to extend hardening.  BIND_NOW with RELRO
allows the GOT to be marked RO; this prevents GOT modification attacks.

This option does not affect linking of target libraries; you can use
LDFLAGS_FOR_TARGET=-Wl,-z,relro,-z,now to enable RELRO/BIND_NOW.

c++tools/ChangeLog:

* configure.ac (--enable-host-bind-now): New check.
* configure: Regenerate.

gcc/ChangeLog:

* configure.ac (--enable-host-bind-now): New check.  Add
-Wl,-z,now to LD_PICFLAG if --enable-host-bind-now.
* configure: Regenerate.
* doc/install.texi: Document --enable-host-bind-now.

lto-plugin/ChangeLog:

* configure.ac (--enable-host-bind-now): New check.  Link with
-z,now.
* configure: Regenerate.

c++tools/configure		diff \| blob \| history
c++tools/configure.ac		diff \| blob \| history
gcc/configure		diff \| blob \| history
gcc/configure.ac		diff \| blob \| history
gcc/doc/install.texi		diff \| blob \| history
lto-plugin/configure		diff \| blob \| history
lto-plugin/configure.ac		diff \| blob \| history