rpms/gcc
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Apply tsan fix. Harden more libraries.

Browse Source 
Resolves: #1988450
This commit is contained in:
Marek Polacek 2021-08-12 15:13:40 -04:00
parent 0672596344
commit 3f374d472d
3 changed files with 63 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
gcc.spec
View File

@ -118,7 +118,7 @@
Summary: Various compilers (C, C++, Objective-C, ...) Summary: Various compilers (C, C++, Objective-C, ...)
Name: gcc Name: gcc
Version: %{gcc_version} Version: %{gcc_version}
Release: %{gcc_release}.1%{?dist} Release: %{gcc_release}.2%{?dist}
# libgcc, libgfortran, libgomp, libstdc++ and crtstuff have # libgcc, libgfortran, libgomp, libstdc++ and crtstuff have
# GCC Runtime Exception. # GCC Runtime Exception.
License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD
@ -263,6 +263,8 @@ Patch9: gcc11-foffload-default.patch
Patch10: gcc11-Wno-format-security.patch Patch10: gcc11-Wno-format-security.patch
Patch11: gcc11-rh1574936.patch Patch11: gcc11-rh1574936.patch
Patch12: gcc11-d-shared-libphobos.patch Patch12: gcc11-d-shared-libphobos.patch
Patch13: gcc11-libgcc-hardened.patch
Patch14: gcc11-tsan-sigstksz.patch
Patch100: gcc11-fortran-fdec-duplicates.patch Patch100: gcc11-fortran-fdec-duplicates.patch
Patch101: gcc11-fortran-flogical-as-integer.patch Patch101: gcc11-fortran-flogical-as-integer.patch
@ -785,6 +787,8 @@ to NVidia PTX capable devices if available.
%patch11 -p0 -b .rh1574936~ %patch11 -p0 -b .rh1574936~
%endif %endif
%patch12 -p0 -b .d-shared-libphobos~ %patch12 -p0 -b .d-shared-libphobos~
%patch13 -p0 -b .libgcc-hardened~
%patch14 -p1 -b .tsan-sigstksz~
%if 0%{?rhel} >= 9 %if 0%{?rhel} >= 9
%patch100 -p1 -b .fortran-fdec-duplicates~ %patch100 -p1 -b .fortran-fdec-duplicates~
@ -1089,9 +1093,9 @@ CC="$CC" CXX="$CXX" CFLAGS="$OPT_FLAGS" \
$CONFIGURE_OPTS $CONFIGURE_OPTS
%ifarch sparc sparcv9 sparc64 %ifarch sparc sparcv9 sparc64
make %{?_smp_mflags} BOOT_CFLAGS="$OPT_FLAGS" bootstrap make %{?_smp_mflags} BOOT_CFLAGS="$OPT_FLAGS" LDFLAGS_FOR_TARGET="-Wl,-z,relro,-z,now" bootstrap
%else %else
make %{?_smp_mflags} BOOT_CFLAGS="$OPT_FLAGS" profiledbootstrap make %{?_smp_mflags} BOOT_CFLAGS="$OPT_FLAGS" LDFLAGS_FOR_TARGET="-Wl,-z,relro,-z,now" profiledbootstrap
%endif %endif
CC="`%{gcc_target_platform}/libstdc++-v3/scripts/testsuite_flags --build-cc`" CC="`%{gcc_target_platform}/libstdc++-v3/scripts/testsuite_flags --build-cc`"
@ -3130,6 +3134,10 @@ end
%endif %endif
%changelog %changelog
* Thu Aug 12 2021 Marek Polacek <polacek@redhat.com> 11.2.1-2.2
- bootstrap with -Wl,-z,relro,-z,now, apply libgcc hardening patch (#1988450)
- fix libsanitizer with non-constant SIGSTKSZ (#1992727)
* Fri Jul 30 2021 Marek Polacek <polacek@redhat.com> 11.2.1-2.1 * Fri Jul 30 2021 Marek Polacek <polacek@redhat.com> 11.2.1-2.1
- enable LTO profiledbootstrap on all arches (#1986141) - enable LTO profiledbootstrap on all arches (#1986141)

14
gcc11-libgcc-hardened.patch Normal file
View File

@ -0,0 +1,14 @@
--- libgcc/config/t-slibgcc.mp 2018-10-03 16:07:00.336990246 -0400
+++ libgcc/config/t-slibgcc 2018-10-03 16:06:26.719946740 -0400
@@ -30,9 +30,10 @@ SHLIB_LC = -lc
SHLIB_MAKE_SOLINK = $(LN_S) $(SHLIB_SONAME) $(SHLIB_DIR)/$(SHLIB_SOLINK)
SHLIB_INSTALL_SOLINK = $(LN_S) $(SHLIB_SONAME) \
$(DESTDIR)$(slibdir)$(SHLIB_SLIBDIR_QUAL)/$(SHLIB_SOLINK)
+SHLIB_EXTRA_LDFLAGS = -Wl,-z,relro -Wl,-z,now
SHLIB_LINK = $(CC) $(LIBGCC2_CFLAGS) -shared -nodefaultlibs \
- $(SHLIB_LDFLAGS) \
+ $(SHLIB_LDFLAGS) $(SHLIB_EXTRA_LDFLAGS) \
-o $(SHLIB_DIR)/$(SHLIB_SONAME).tmp @multilib_flags@ \
$(SHLIB_OBJS) $(SHLIB_LC) && \
rm -f $(SHLIB_DIR)/$(SHLIB_SOLINK) && \

38
gcc11-tsan-sigstksz.patch Normal file
View File

@ -0,0 +1,38 @@
From 91f8a7a34cf29ae7c465603a801326767f1cc7e9 Mon Sep 17 00:00:00 2001
From: Martin Liska <mliska@suse.cz>
Date: Thu, 5 Aug 2021 10:43:17 +0200
Subject: [PATCH] sanitizer: cherry pick
414482751452e54710f16bae58458c66298aaf69
The patch is needed in order to support recent glibc (2.34).
libsanitizer/ChangeLog:
PR sanitizer/101749
* sanitizer_common/sanitizer_posix_libcdep.cpp: Prevent
generation of dependency on _cxa_guard for static
initialization.
---
libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp b/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
index 7ff48c35851..a65b16f5290 100644
--- a/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
+++ b/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
@@ -166,9 +166,10 @@ bool SupportsColoredOutput(fd_t fd) {
#if !SANITIZER_GO
// TODO(glider): different tools may require different altstack size.
static uptr GetAltStackSize() {
- // SIGSTKSZ is not enough.
- static const uptr kAltStackSize = SIGSTKSZ * 4;
- return kAltStackSize;
+ // Note: since GLIBC_2.31, SIGSTKSZ may be a function call, so this may be
+ // more costly that you think. However GetAltStackSize is only call 2-3 times
+ // per thread so don't cache the evaluation.
+ return SIGSTKSZ * 4;
}
void SetAlternateSignalStack() {
--
2.27.0