From patchwork Thu Dec 28 21:43:33 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Stefan_Fr=C3=B6berg?=
 <stefan.froberg@petroprogram.com>
X-Patchwork-Id: 853576
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.137; helo=fraxinus.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3z73FB34XBz9sPt
	for <incoming@patchwork.ozlabs.org>;
	Fri, 29 Dec 2017 08:46:05 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id E93E586F71;
	Thu, 28 Dec 2017 21:46:01 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Hvkr3iUoXvU1; Thu, 28 Dec 2017 21:46:00 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 8C1E086F5C;
	Thu, 28 Dec 2017 21:46:00 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	by ash.osuosl.org (Postfix) with ESMTP id 94BDE1C059B
	for <buildroot@lists.busybox.net>;
	Thu, 28 Dec 2017 21:45:58 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id 9198A8761A
	for <buildroot@lists.busybox.net>;
	Thu, 28 Dec 2017 21:45:58 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 2sPsYVZCCCEA for <buildroot@lists.busybox.net>;
	Thu, 28 Dec 2017 21:45:57 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail.petroprogram.com (mail.petroprogram.com [194.89.34.74])
	by hemlock.osuosl.org (Postfix) with ESMTPS id EB56A87603
	for <buildroot@buildroot.org>; Thu, 28 Dec 2017 21:45:56 +0000 (UTC)
Received: from localhost.localdomain (85-76-107-175-nat.elisa-mobile.fi
	[85.76.107.175])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	(Authenticated sender: stefan.froberg@petroprogram.com)
	by mail.petroprogram.com (Postfix) with ESMTPSA id E796242F21;
	Fri, 29 Dec 2017 00:49:25 +0200 (EET)
From: =?utf-8?q?Stefan_Fr=C3=B6berg?= <stefan.froberg@petroprogram.com>
To: buildroot@buildroot.org
Date: Thu, 28 Dec 2017 23:43:33 +0200
Message-Id: <20171228214333.8340-1-stefan.froberg@petroprogram.com>
X-Mailer: git-send-email 2.13.6
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/1 v2] gcc: Add support for
	--enable-default-pie configure option.
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: thomas.petazzoni@free-electrons.com, =?utf-8?q?Stefan_Fr=C3=B6berg?=
	<stefan.froberg@petroprogram.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

By default, buildroot produces insecure binaries.

GCC 6.x added build time configuration option "--enable-default-pie".
With that enabled, GCC will produce PIE 
(Position-independent executables) binaries.

PIE is a requirement for ASLR (Address space layout randomization)
that will make exploits like return-to-libc attack impossible. 

If you want to have a modern, secure system then enable this option.

To override this default behaviour, you can use -no-pie
with your CFLAGS/CXXFLAGS.

https://gcc.gnu.org/onlinedocs/gcc-6.2.0/gcc/Link-Options.html

Signed-off-by: Stefan Fröberg <stefan.froberg@petroprogram.com>
---
 package/gcc/Config.in.host | 10 ++++++++++
 package/gcc/gcc.mk         |  4 ++++
 2 files changed, 14 insertions(+)

diff --git a/package/gcc/Config.in.host b/package/gcc/Config.in.host
index 70cce0a5c5..bf646fa07b 100644
--- a/package/gcc/Config.in.host
+++ b/package/gcc/Config.in.host
@@ -152,3 +152,13 @@ config BR2_GCC_ENABLE_GRAPHITE
 
 comment "graphite support needs gcc >= 5.x"
 	depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_5
+
+config BR2_GCC_ENABLE_DEFAULT_PIE
+	bool "Enable default PIE support"
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6
+	help
+	  This option enables the GCC to make PIE
+	  binaries by default.
+
+comment "default PIE support needs gcc >= 6.x"
+	depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_6
diff --git a/package/gcc/gcc.mk b/package/gcc/gcc.mk
index 27fc1e987c..0910fb3932 100644
--- a/package/gcc/gcc.mk
+++ b/package/gcc/gcc.mk
@@ -183,6 +183,10 @@ else
 HOST_GCC_COMMON_CONF_OPTS += --without-isl --without-cloog
 endif
 
+ifeq ($(BR2_GCC_ENABLE_DEFAULT_PIE),y)
+HOST_GCC_COMMON_CONF_OPTS += --enable-default-pie
+endif
+
 ifeq ($(BR2_arc)$(BR2_or1k),y)
 HOST_GCC_COMMON_DEPENDENCIES += host-flex host-bison
 endif