CVS commit: pkgsrc/mk

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/mk
From: "Pierre Pronchery" <khorben%netbsd.org@localhost>
Date: Fri, 25 Aug 2017 01:43:17 +0000

Module Name:    pkgsrc
Committed By:   khorben
Date:           Fri Aug 25 01:43:17 UTC 2017

Modified Files:
        pkgsrc/mk: cwrappers.mk
        pkgsrc/mk/compiler: gcc.mk

Log Message:
Add support for PKGSRC_MKPIE with cwrappers

This is based on a patch submitted on 16/04/2017 on tech-pkg@ and
adapted by joerg@ for pkgtools/cwrappers. It only consists in the
missing part to actually generate PIE executables with cwrappers if
configured to do so (currently disabled by default). The aim is really
to produce safer binaries where ASLR is in use.

This part in pkgsrc is only supported on NetBSD (x86) with GCC at the
moment.

Tested on NetBSD/amd64, with and without cwrappers, with and without
PKGSRC_MKPIE (all four combinations).


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 pkgsrc/mk/cwrappers.mk
cvs rdiff -u -r1.182 -r1.183 pkgsrc/mk/compiler/gcc.mk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/mk/cwrappers.mk
diff -u pkgsrc/mk/cwrappers.mk:1.28 pkgsrc/mk/cwrappers.mk:1.29
--- pkgsrc/mk/cwrappers.mk:1.28 Thu May  4 18:30:56 2017
+++ pkgsrc/mk/cwrappers.mk      Fri Aug 25 01:43:17 2017
@@ -1,4 +1,4 @@
-# $NetBSD: cwrappers.mk,v 1.28 2017/05/04 18:30:56 joerg Exp $
+# $NetBSD: cwrappers.mk,v 1.29 2017/08/25 01:43:17 khorben Exp $
 #
 # This Makefile fragment implements integration of pkgtools/cwrappers.
 
@@ -88,6 +88,9 @@ generate-cwrappers:
 .  for alias in ${CWRAPPERS_ALIASES.${wrappee}}
        ${RUN}ln -s ${CWRAPPERS_SRC_DIR}/${CWRAPPERS_CONFIG.${wrappee}}-wrapper ${WRAPPER_BINDIR}/${alias}
 .  endfor
+. if ${_PKGSRC_MKPIE} == "yes"
+       ${RUN}echo append_executable=${_MKPIE_LDFLAGS.gcc} >> ${CWRAPPERS_CONFIG_DIR}/${CWRAPPERS_CONFIG.${wrappee}}
+. endif
 .endfor
 
 PREPEND_PATH+=         ${WRAPPER_BINDIR}

Index: pkgsrc/mk/compiler/gcc.mk
diff -u pkgsrc/mk/compiler/gcc.mk:1.182 pkgsrc/mk/compiler/gcc.mk:1.183
--- pkgsrc/mk/compiler/gcc.mk:1.182     Fri Aug  4 08:53:33 2017
+++ pkgsrc/mk/compiler/gcc.mk   Fri Aug 25 01:43:17 2017
@@ -1,4 +1,4 @@
-# $NetBSD: gcc.mk,v 1.182 2017/08/04 08:53:33 jperkin Exp $
+# $NetBSD: gcc.mk,v 1.183 2017/08/25 01:43:17 khorben Exp $
 #
 # This is the compiler definition for the GNU Compiler Collection.
 #
@@ -336,14 +336,14 @@ _MKPIE_CFLAGS.gcc=        -fPIC
 # XXX for executables it should be:
 #_MKPIE_CFLAGS.gcc=    -fPIE
 # XXX for libraries a sink wrapper around gcc is required and used instead
-#_MKPIE_LDFLAGS.gcc=   -pie
+_MKPIE_LDFLAGS.gcc=    -pie
 .endif
 
 .if ${_PKGSRC_MKPIE} == "yes"
 _GCC_CFLAGS+=          ${_MKPIE_CFLAGS.gcc}
-_GCC_LDFLAGS+=         ${_MKPIE_LDFLAGS.gcc}
+#_GCC_LDFLAGS+=                ${_MKPIE_LDFLAGS.gcc}
 CWRAPPERS_APPEND.cc+=  ${_MKPIE_CFLAGS.gcc}
-# XXX this differs for libraries and executables
+# this differs for libraries and executables (handled in mk/cwrappers.mk)
 # CWRAPPERS_APPEND.ld+=        ${_MKPIE_LDFLAGS.gcc}
 .endif

Prev by Date: CVS commit: pkgsrc/emulators/gxemul
Next by Date: CVS commit: pkgsrc/devel/py-boost
Previous by Thread: CVS commit: pkgsrc/emulators/gxemul
Next by Thread: CVS commit: pkgsrc/devel/py-boost
Indexes:

Home | Main Index | Thread Index | Old Index