2016-01-18 15:44:13 +01:00
|
|
|
From 9abda1bb380bdbef1affaec381742ced394ca118 Mon Sep 17 00:00:00 2001
|
|
|
|
From: Lada Trimasova <ltrimas@synopsys.com>
|
|
|
|
Date: Mon, 18 Jan 2016 15:58:19 +0300
|
|
|
|
Subject: [PATCH] Check if the compiler understands pie and relro options
|
|
|
|
|
|
|
|
-pie and -fpie enable the building of position-independent
|
|
|
|
executables, and -Wl,-z,relro turns on read-only relocation support in gcc.
|
|
|
|
Add checks to ensure that the compiler and linker understand these options.
|
|
|
|
|
|
|
|
Signed-off-by: Lada Trimasova <ltrimas@synopsys.com>
|
2018-08-20 07:47:34 +02:00
|
|
|
[Bernd: Rebased for version 0.3.14]
|
|
|
|
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
|
2016-01-18 15:44:13 +01:00
|
|
|
---
|
2018-08-20 07:47:34 +02:00
|
|
|
configure.ac | 5 +++
|
2016-01-18 15:44:13 +01:00
|
|
|
m4/ax_check_compile_flag.m4 | 72 ++++++++++++++++++++++++++++++++++++
|
|
|
|
m4/ax_check_link_flag.m4 | 71 +++++++++++++++++++++++++++++++++++
|
|
|
|
src/tcsd/Makefile.am | 4 +-
|
|
|
|
4 files changed, 150 insertions(+), 2 deletions(-)
|
|
|
|
create mode 100644 m4/ax_check_compile_flag.m4
|
|
|
|
create mode 100644 m4/ax_check_link_flag.m4
|
|
|
|
|
|
|
|
diff --git a/configure.in b/configure.in
|
|
|
|
index add23dc..9603353 100644
|
2018-08-20 07:47:34 +02:00
|
|
|
--- a/configure.ac
|
|
|
|
+++ b/configure.ac
|
2016-01-18 15:44:13 +01:00
|
|
|
@@ -12,6 +12,7 @@ TSS_VER_MINOR=3
|
|
|
|
# compute $target
|
|
|
|
AC_CANONICAL_TARGET
|
2018-08-20 07:47:34 +02:00
|
|
|
AM_INIT_AUTOMAKE([foreign subdir-objects 1.6])
|
2016-01-18 15:44:13 +01:00
|
|
|
+AC_CONFIG_MACRO_DIR([m4])
|
|
|
|
|
|
|
|
# Debugging support
|
|
|
|
AC_ARG_ENABLE([debug],
|
|
|
|
@@ -383,6 +384,10 @@ elif test x"${prefix}" = x"NONE"; then
|
|
|
|
localstatedir="/usr/local/var"
|
|
|
|
fi
|
|
|
|
|
|
|
|
+AX_CHECK_COMPILE_FLAG([-fPIE -DPIE], [PIE_CFLAGS="-fPIE -DPIE"])
|
|
|
|
+AX_CHECK_LINK_FLAG([-pie], [PIE_LDFLAGS="$PIE_LDFLAGS -pie"])
|
|
|
|
+AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"])
|
|
|
|
+
|
|
|
|
AC_OUTPUT(dist/tcsd.conf \
|
|
|
|
dist/fedora/trousers.spec \
|
|
|
|
dist/trousers.spec \
|
|
|
|
diff --git a/m4/ax_check_compile_flag.m4 b/m4/ax_check_compile_flag.m4
|
|
|
|
new file mode 100644
|
|
|
|
index 0000000..c3a8d69
|
|
|
|
--- /dev/null
|
|
|
|
+++ b/m4/ax_check_compile_flag.m4
|
|
|
|
@@ -0,0 +1,72 @@
|
|
|
|
+# ===========================================================================
|
|
|
|
+# http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
|
|
|
|
+# ===========================================================================
|
|
|
|
+#
|
|
|
|
+# SYNOPSIS
|
|
|
|
+#
|
|
|
|
+# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
|
|
|
|
+#
|
|
|
|
+# DESCRIPTION
|
|
|
|
+#
|
|
|
|
+# Check whether the given FLAG works with the current language's compiler
|
|
|
|
+# or gives an error. (Warnings, however, are ignored)
|
|
|
|
+#
|
|
|
|
+# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
|
|
|
|
+# success/failure.
|
|
|
|
+#
|
|
|
|
+# If EXTRA-FLAGS is defined, it is added to the current language's default
|
|
|
|
+# flags (e.g. CFLAGS) when the check is done. The check is thus made with
|
|
|
|
+# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to
|
|
|
|
+# force the compiler to issue an error when a bad flag is given.
|
|
|
|
+#
|
|
|
|
+# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
|
|
|
|
+# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
|
|
|
|
+#
|
|
|
|
+# LICENSE
|
|
|
|
+#
|
|
|
|
+# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
|
|
|
|
+# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
|
|
|
|
+#
|
|
|
|
+# This program is free software: you can redistribute it and/or modify it
|
|
|
|
+# under the terms of the GNU General Public License as published by the
|
|
|
|
+# Free Software Foundation, either version 3 of the License, or (at your
|
|
|
|
+# option) any later version.
|
|
|
|
+#
|
|
|
|
+# This program is distributed in the hope that it will be useful, but
|
|
|
|
+# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
|
|
|
|
+# Public License for more details.
|
|
|
|
+#
|
|
|
|
+# You should have received a copy of the GNU General Public License along
|
|
|
|
+# with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+#
|
|
|
|
+# As a special exception, the respective Autoconf Macro's copyright owner
|
|
|
|
+# gives unlimited permission to copy, distribute and modify the configure
|
|
|
|
+# scripts that are the output of Autoconf when processing the Macro. You
|
|
|
|
+# need not follow the terms of the GNU General Public License when using
|
|
|
|
+# or distributing such scripts, even though portions of the text of the
|
|
|
|
+# Macro appear in them. The GNU General Public License (GPL) does govern
|
|
|
|
+# all other use of the material that constitutes the Autoconf Macro.
|
|
|
|
+#
|
|
|
|
+# This special exception to the GPL applies to versions of the Autoconf
|
|
|
|
+# Macro released by the Autoconf Archive. When you make and distribute a
|
|
|
|
+# modified version of the Autoconf Macro, you may extend this special
|
|
|
|
+# exception to the GPL to apply to your modified version as well.
|
|
|
|
+
|
|
|
|
+#serial 2
|
|
|
|
+
|
|
|
|
+AC_DEFUN([AX_CHECK_COMPILE_FLAG],
|
|
|
|
+[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
|
|
|
|
+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
|
|
|
|
+AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
|
|
|
|
+ ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
|
|
|
|
+ _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
|
|
|
|
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM()],
|
|
|
|
+ [AS_VAR_SET(CACHEVAR,[yes])],
|
|
|
|
+ [AS_VAR_SET(CACHEVAR,[no])])
|
|
|
|
+ _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
|
|
|
|
+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
|
|
|
|
+ [m4_default([$2], :)],
|
|
|
|
+ [m4_default([$3], :)])
|
|
|
|
+AS_VAR_POPDEF([CACHEVAR])dnl
|
|
|
|
+])dnl AX_CHECK_COMPILE_FLAGS
|
|
|
|
diff --git a/m4/ax_check_link_flag.m4 b/m4/ax_check_link_flag.m4
|
|
|
|
new file mode 100644
|
|
|
|
index 0000000..e2d0d36
|
|
|
|
--- /dev/null
|
|
|
|
+++ b/m4/ax_check_link_flag.m4
|
|
|
|
@@ -0,0 +1,71 @@
|
|
|
|
+# ===========================================================================
|
|
|
|
+# http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html
|
|
|
|
+# ===========================================================================
|
|
|
|
+#
|
|
|
|
+# SYNOPSIS
|
|
|
|
+#
|
|
|
|
+# AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
|
|
|
|
+#
|
|
|
|
+# DESCRIPTION
|
|
|
|
+#
|
|
|
|
+# Check whether the given FLAG works with the linker or gives an error.
|
|
|
|
+# (Warnings, however, are ignored)
|
|
|
|
+#
|
|
|
|
+# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
|
|
|
|
+# success/failure.
|
|
|
|
+#
|
|
|
|
+# If EXTRA-FLAGS is defined, it is added to the linker's default flags
|
|
|
|
+# when the check is done. The check is thus made with the flags: "LDFLAGS
|
|
|
|
+# EXTRA-FLAGS FLAG". This can for example be used to force the linker to
|
|
|
|
+# issue an error when a bad flag is given.
|
|
|
|
+#
|
|
|
|
+# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
|
|
|
|
+# macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG.
|
|
|
|
+#
|
|
|
|
+# LICENSE
|
|
|
|
+#
|
|
|
|
+# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
|
|
|
|
+# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
|
|
|
|
+#
|
|
|
|
+# This program is free software: you can redistribute it and/or modify it
|
|
|
|
+# under the terms of the GNU General Public License as published by the
|
|
|
|
+# Free Software Foundation, either version 3 of the License, or (at your
|
|
|
|
+# option) any later version.
|
|
|
|
+#
|
|
|
|
+# This program is distributed in the hope that it will be useful, but
|
|
|
|
+# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
|
|
|
|
+# Public License for more details.
|
|
|
|
+#
|
|
|
|
+# You should have received a copy of the GNU General Public License along
|
|
|
|
+# with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
+#
|
|
|
|
+# As a special exception, the respective Autoconf Macro's copyright owner
|
|
|
|
+# gives unlimited permission to copy, distribute and modify the configure
|
|
|
|
+# scripts that are the output of Autoconf when processing the Macro. You
|
|
|
|
+# need not follow the terms of the GNU General Public License when using
|
|
|
|
+# or distributing such scripts, even though portions of the text of the
|
|
|
|
+# Macro appear in them. The GNU General Public License (GPL) does govern
|
|
|
|
+# all other use of the material that constitutes the Autoconf Macro.
|
|
|
|
+#
|
|
|
|
+# This special exception to the GPL applies to versions of the Autoconf
|
|
|
|
+# Macro released by the Autoconf Archive. When you make and distribute a
|
|
|
|
+# modified version of the Autoconf Macro, you may extend this special
|
|
|
|
+# exception to the GPL to apply to your modified version as well.
|
|
|
|
+
|
|
|
|
+#serial 2
|
|
|
|
+
|
|
|
|
+AC_DEFUN([AX_CHECK_LINK_FLAG],
|
|
|
|
+[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl
|
|
|
|
+AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [
|
|
|
|
+ ax_check_save_flags=$LDFLAGS
|
|
|
|
+ LDFLAGS="$LDFLAGS $4 $1"
|
|
|
|
+ AC_LINK_IFELSE([AC_LANG_PROGRAM()],
|
|
|
|
+ [AS_VAR_SET(CACHEVAR,[yes])],
|
|
|
|
+ [AS_VAR_SET(CACHEVAR,[no])])
|
|
|
|
+ LDFLAGS=$ax_check_save_flags])
|
|
|
|
+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
|
|
|
|
+ [m4_default([$2], :)],
|
|
|
|
+ [m4_default([$3], :)])
|
|
|
|
+AS_VAR_POPDEF([CACHEVAR])dnl
|
|
|
|
+])dnl AX_CHECK_LINK_FLAGS
|
|
|
|
diff --git a/src/tcsd/Makefile.am b/src/tcsd/Makefile.am
|
|
|
|
index 2210734..6640ab2 100644
|
|
|
|
--- a/src/tcsd/Makefile.am
|
|
|
|
+++ b/src/tcsd/Makefile.am
|
|
|
|
@@ -1,8 +1,8 @@
|
|
|
|
sbin_PROGRAMS=tcsd
|
|
|
|
|
|
|
|
-tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE
|
|
|
|
+tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include $(PIE_CFLAGS)
|
|
|
|
tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@
|
2018-08-20 07:47:34 +02:00
|
|
|
-tcsd_LDFLAGS=@TCSD_LDFLAGS@
|
2016-01-18 15:44:13 +01:00
|
|
|
+tcsd_LDFLAGS=$(PIE_LDFLAGS) $(RELRO_LDFLAGS)
|
|
|
|
tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c
|
|
|
|
|
2018-08-20 07:47:34 +02:00
|
|
|
if TSS_BUILD_PS
|