From 1d3b23e6bdbf53eb74161c37d8c355c2ec858a19 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 14 Apr 2024 15:58:36 +0200
Subject: Adding debian version 14-20240201-3.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/patches/gcc-distro-specs.diff | 326 +++++++++++++++++++++++++++++++++++
 1 file changed, 326 insertions(+)
 create mode 100644 debian/patches/gcc-distro-specs.diff

(limited to 'debian/patches/gcc-distro-specs.diff')

diff --git a/debian/patches/gcc-distro-specs.diff b/debian/patches/gcc-distro-specs.diff
new file mode 100644
index 0000000..098d181
--- /dev/null
+++ b/debian/patches/gcc-distro-specs.diff
@@ -0,0 +1,326 @@
+# DP: Add empty distro and hardening specs
+
+--- a/src/gcc/gcc.cc
++++ b/src/gcc/gcc.cc
+@@ -27,6 +27,11 @@ CC recognizes how to compile each input
+ Once it knows which kind of compilation to perform, the procedure for
+ compilation is specified by a string called a "spec".  */
+ 
++/* Inject some default compilation flags which are used as the default.
++   Done by the packaging build system.  Should that be done in the headers
++   gcc/config/<arch>/*.h instead?  */
++#include "distro-defaults.h"
++
+ #define INCLUDE_STRING
+ #include "config.h"
+ #include "system.h"
+@@ -984,6 +989,90 @@ proper position among the other output f
+ #define LINK_GCC_C_SEQUENCE_SPEC "%G %{!nolibc:%L %G}"
+ #endif
+ 
++/* Generate full unwind information covering all program points.
++   Only needed for some architectures.  */
++#ifndef ASYNC_UNWIND_SPEC
++# ifdef DIST_DEFAULT_ASYNC_UNWIND
++#  define ASYNC_UNWIND_SPEC "%{!fno-asynchronous-unwind-tables:-fasynchronous-unwind-tables}"
++# else
++#  define ASYNC_UNWIND_SPEC ""
++# endif
++#endif
++
++/* Turn on stack protector.
++ */
++#ifndef SSP_DEFAULT_SPEC
++# ifdef DIST_DEFAULT_SSP
++#   ifdef DIST_DEFAULT_SSP_STRONG
++#    define SSP_DEFAULT_SPEC " %{!fno-stack-protector:%{!fstack-protector-all:%{!ffreestanding:%{!nostdlib:%{!fstack-protector:-fstack-protector-strong}}}}}"
++#   else
++#    define SSP_DEFAULT_SPEC " %{!fno-stack-protector:%{!fstack-protector-all:%{!ffreestanding:%{!nostdlib:-fstack-protector}}}}"
++#   endif
++# else
++#  define SSP_DEFAULT_SPEC ""
++# endif
++#endif
++
++/* Turn on -Wformat -Wformat-security by  default for C, C++,
++   ObjC, ObjC++.  */
++#ifndef FORMAT_SECURITY_SPEC
++# ifdef DIST_DEFAULT_FORMAT_SECURITY
++#  define FORMAT_SECURITY_SPEC " %{!Wformat:%{!Wformat=2:%{!Wformat=0:%{!Wall:-Wformat} %{!Wno-format-security:-Wformat-security}}}}"
++# else
++#  define FORMAT_SECURITY_SPEC ""
++# endif
++#endif
++
++/* Enable -fstack-clash-protection by default. Only available
++   on some targets.  */
++#ifndef STACK_CLASH_SPEC
++# ifdef DIST_DEFAULT_STACK_CLASH
++#  define STACK_CLASH_SPEC " %{!fno-stack-clash-protection:-fstack-clash-protection}"
++# else
++#  define STACK_CLASH_SPEC ""
++# endif
++#endif
++
++/* Enable code instrumentation of control-flow transfers.
++   Available on x86 and x86_64.  */
++#ifndef CF_PROTECTION_SPEC
++# ifdef DIST_DEFAULT_CF_PROTECTION
++#  define CF_PROTECTION_SPEC " %{!m16:%{!m32:%{!fcf-protection*:%{!fno-cf-protection:-fcf-protection}}}}"
++# else
++#  define CF_PROTECTION_SPEC ""
++# endif
++#endif
++
++#ifndef BIND_NOW_SPEC
++# if defined(DIST_DEFAULT_BIND_NOW) && !defined(ACCEL_COMPILER)
++#  define BIND_NOW_SPEC " -z now"
++# else
++#  define BIND_NOW_SPEC ""
++# endif
++#endif
++
++#ifndef RELRO_SPEC
++# ifdef DIST_DEFAULT_RELRO
++#  define RELRO_SPEC " -z relro "
++# else
++#  define RELRO_SPEC ""
++# endif
++#endif
++
++/* Don't enable any of those for the offload compilers,
++   unsupported.  */
++#if !defined(DISTRO_DEFAULT_SPEC) && !defined(ACCEL_COMPILER)
++# define DISTRO_DEFAULT_SPEC ASYNC_UNWIND_SPEC SSP_DEFAULT_SPEC \
++		FORMAT_SECURITY_SPEC STACK_CLASH_SPEC CF_PROTECTION_SPEC
++#else
++# define DISTRO_DEFAULT_SPEC ""
++#endif
++#if !defined(DISTRO_DEFAULT_LINK_SPEC) && !defined(ACCEL_COMPILER)
++# define DISTRO_DEFAULT_LINK_SPEC RELRO_SPEC
++#else
++# define DISTRO_DEFAULT_LINK_SPEC ""
++#endif
++
+ #ifndef LINK_SSP_SPEC
+ #ifdef TARGET_LIBC_PROVIDES_SSP
+ #define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
+@@ -1040,7 +1129,7 @@ proper position among the other output f
+ #ifndef LINK_PIE_SPEC
+ #ifdef HAVE_LD_PIE
+ #ifndef LD_PIE_SPEC
+-#define LD_PIE_SPEC "-pie"
++#define LD_PIE_SPEC "-pie" BIND_NOW_SPEC
+ #endif
+ #else
+ #define LD_PIE_SPEC ""
+@@ -1157,6 +1246,7 @@ proper position among the other output f
+    "%{flto|flto=*:%<fcompare-debug*} \
+     %{flto} %{fno-lto} %{flto=*} %l " LINK_PIE_SPEC \
+    "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \
++    DISTRO_DEFAULT_LINK_SPEC \
+    "%X %{o*} %{e*} %{N} %{n} %{r}\
+     %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!r:%{!nostartfiles:%S}}} \
+     %{static|no-pie|static-pie:} %@{L*} %(link_libgcc) " \
+@@ -1201,6 +1291,7 @@ static const char *cpp_spec = CPP_SPEC;
+ static const char *cc1_spec = CC1_SPEC OS_CC1_SPEC;
+ static const char *cc1plus_spec = CC1PLUS_SPEC;
+ static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC;
++static const char *distro_default_spec = DISTRO_DEFAULT_SPEC;
+ static const char *link_ssp_spec = LINK_SSP_SPEC;
+ static const char *asm_spec = ASM_SPEC;
+ static const char *asm_final_spec = ASM_FINAL_SPEC;
+@@ -1261,7 +1352,7 @@ static const char *cpp_options =
+ "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\
+  %{f*} %{g*:%{%:debug-level-gt(0):%{g*}\
+  %{!fno-working-directory:-fworking-directory}}} %{O*}\
+- %{undef} %{save-temps*:-fpch-preprocess}";
++ %{undef} %{save-temps*:-fpch-preprocess} %(distro_defaults)";
+ 
+ /* Pass -d* flags, possibly modifying -dumpdir, -dumpbase et al.
+ 
+@@ -1455,9 +1546,9 @@ static const struct compiler default_com
+       %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \
+ 	  %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\
+ 	    cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \
+-	  %(cc1_options)}\
++	  %(cc1_options)%(distro_defaults)}\
+       %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\
+-	  cc1 %(cpp_unique_options) %(cc1_options)}}}\
++	  cc1 %(cpp_unique_options) %(cc1_options) %(distro_defaults)}}}\
+       %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1},
+   {"-",
+    "%{!E:%e-E or -x required when input is from standard input}\
+@@ -1471,18 +1562,18 @@ static const struct compiler default_com
+ 	  %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \
+ 		%(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\
+ 		    cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \
+-			%(cc1_options)\
++			%(cc1_options) %(distro_defaults)\
+ 			%{!fsyntax-only:%{!S:-o %g.s} \
+ 			    %{!fdump-ada-spec*:%{!o*:--output-pch %w%i.gch}\
+ 					       %W{o*:--output-pch %w%*}}%{!S:%V}}}\
+ 	  %{!save-temps*:%{!traditional-cpp:%{!no-integrated-cpp:\
+-		cc1 %(cpp_unique_options) %(cc1_options)\
++		cc1 %(cpp_unique_options) %(cc1_options) %(distro_defaults)\
+ 		    %{!fsyntax-only:%{!S:-o %g.s} \
+ 		        %{!fdump-ada-spec*:%{!o*:--output-pch %w%i.gch}\
+ 					   %W{o*:--output-pch %w%*}}%{!S:%V}}}}}}}}", 0, 0, 0},
+   {".i", "@cpp-output", 0, 0, 0},
+   {"@cpp-output",
+-   "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
++   "%{!M:%{!MM:%{!E:cc1 -fpreprocessed %i %(cc1_options) %(distro_defaults) %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {".s", "@assembler", 0, 0, 0},
+   {"@assembler",
+    "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0},
+@@ -1714,6 +1805,7 @@ static struct spec_list static_specs[] =
+   INIT_STATIC_SPEC ("cc1_options",		&cc1_options),
+   INIT_STATIC_SPEC ("cc1plus",			&cc1plus_spec),
+   INIT_STATIC_SPEC ("link_gcc_c_sequence",	&link_gcc_c_sequence_spec),
++  INIT_STATIC_SPEC ("distro_defaults",		&distro_default_spec),
+   INIT_STATIC_SPEC ("link_ssp",			&link_ssp_spec),
+   INIT_STATIC_SPEC ("endfile",			&endfile_spec),
+   INIT_STATIC_SPEC ("link",			&link_spec),
+--- a/src/gcc/cp/lang-specs.h
++++ b/src/gcc/cp/lang-specs.h
+@@ -51,7 +51,7 @@ along with GCC; see the file COPYING3.
+       " 	   %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}"
+       "  %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}"
+       "  %{fmodules-ts:-fmodule-header %{fpreprocessed:-fdirectives-only}}"
+-      "  %(cc1_options) %2"
++      "  %(cc1_options) %(distro_defaults) %2"
+       "  %{!fsyntax-only:"
+       "    %{!S:-o %g.s}"
+       "    %{!fmodule-*:%{!fmodules-*:%{!fdump-ada-spec*:"
+@@ -72,7 +72,7 @@ along with GCC; see the file COPYING3.
+       "  %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}"
+       "  %{fmodules-ts:-fmodule-header=system"
+       "    %{fpreprocessed:-fdirectives-only}}"
+-      "  %(cc1_options) %2"
++      "	 %(cc1_options) %(distro_defaults) %2"
+       "  %{!fsyntax-only:"
+       "    %{!S:-o %g.s}"
+       "    %{!fmodule-*:%{!fmodules-*:%{!fdump-ada-spec*:"
+@@ -92,7 +92,7 @@ along with GCC; see the file COPYING3.
+       " 	   %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}"
+       "  %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}"
+       "  %{fmodules-ts:-fmodule-header=user %{fpreprocessed:-fdirectives-only}}"
+-      "  %(cc1_options) %2"
++      "  %(cc1_options) %(distro_defaults) %2"
+       "  %{!fsyntax-only:"
+       "    %{!S:-o %g.s}"
+       "    %{!fmodule-*:%{!fmodules-*:%{!fdump-ada-spec*:"
+@@ -107,7 +107,7 @@ along with GCC; see the file COPYING3.
+       "  cc1plus %{save-temps*|no-integrated-cpp:-fpreprocessed"
+       " 	   %{save-temps*:%b.ii} %{!save-temps*:%g.ii}}"
+       "  %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}"
+-      "  %(cc1_options) %2"
++      "  %(cc1_options) %(distro_defaults) %2"
+       "  %{!fsyntax-only:"
+       "    %{fmodule-only:%{!S:-o %g.s%V}}"
+       "    %{!fmodule-only:%(invoke_as)}}"
+@@ -116,7 +116,7 @@ along with GCC; see the file COPYING3.
+   {".ii", "@c++-cpp-output", 0, 0, 0},
+   {"@c++-cpp-output",
+       "%{!E:%{!M:%{!MM:"
+-      "  cc1plus -fpreprocessed %i %(cc1_options) %2"
++      "  cc1plus -fpreprocessed %i %(cc1_options) %(distro_defaults) %2"
+       "  %{!fsyntax-only:"
+       "    %{fmodule-only:%{!S:-o %g.s%V}}"
+       "    %{!fmodule-only:%{!fmodule-header*:%(invoke_as)}}}"
+--- a/src/gcc/objc/lang-specs.h
++++ b/src/gcc/objc/lang-specs.h
+@@ -29,9 +29,9 @@ along with GCC; see the file COPYING3.
+ 	%{traditional|traditional-cpp:\
+ %eGNU Objective C no longer supports traditional compilation}\
+ 	%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
+-	    cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}\
++	    cc1obj -fpreprocessed %{save-temps*:%b.mi} %{!save-temps*:%g.mi} %(cc1_options) %(distro_defaults) %{print-objc-runtime-info} %{gen-decls}}\
+ 	%{!save-temps*:%{!no-integrated-cpp:\
+-	    cc1obj %(cpp_unique_options) %(cc1_options) %{print-objc-runtime-info} %{gen-decls}}}\
++	    cc1obj %(cpp_unique_options) %(cc1_options) %(distro_defaults) %{print-objc-runtime-info} %{gen-decls}}}\
+         %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objective-c-header",
+      "%{E|M|MM:cc1obj -E %{traditional|traditional-cpp:-traditional-cpp}\
+@@ -40,7 +40,7 @@ along with GCC; see the file COPYING3.
+ 	%{traditional|traditional-cpp:\
+ %eGNU Objective C no longer supports traditional compilation}\
+ 	%{save-temps*|no-integrated-cpp:cc1obj -E %(cpp_options) -o %{save-temps*:%b.mi} %{!save-temps*:%g.mi} \n\
+-	    cc1obj -fpreprocessed %b.mi %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++	    cc1obj -fpreprocessed %b.mi %(cc1_options) %(distro_defaults) %{print-objc-runtime-info} %{gen-decls}\
+                         -o %g.s %{!o*:--output-pch %i.gch}\
+                         %W{o*:--output-pch %*}%V}\
+ 	%{!save-temps*:%{!no-integrated-cpp:\
+@@ -49,9 +49,9 @@ along with GCC; see the file COPYING3.
+                         %W{o*:--output-pch %*}%V}}}}}", 0, 0, 0},
+   {".mi", "@objective-c-cpp-output", 0, 0, 0},
+   {"@objective-c-cpp-output",
+-     "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++     "%{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(distro_defaults) %{print-objc-runtime-info} %{gen-decls}\
+ 			     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objc-cpp-output",
+       "%nobjc-cpp-output is deprecated; please use objective-c-cpp-output instead\n\
+-       %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %{print-objc-runtime-info} %{gen-decls}\
++       %{!M:%{!MM:%{!E:cc1obj -fpreprocessed %i %(cc1_options) %(distro_defaults) %{print-objc-runtime-info} %{gen-decls}\
+ 			     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+--- a/src/gcc/objcp/lang-specs.h
++++ b/src/gcc/objcp/lang-specs.h
+@@ -36,7 +36,7 @@ along with GCC; see the file COPYING3.
+ 		%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
+       cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(distro_defaults) %2\
+         -o %g.s %{!o*:--output-pch %i.gch} %W{o*:--output-pch %*}%V}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+   {"@objective-c++",
+@@ -46,16 +46,16 @@ along with GCC; see the file COPYING3.
+ 		%(cpp_options) %2 -o %{save-temps*:%b.mii} %{!save-temps*:%g.mii} \n}\
+       cc1objplus %{save-temps*|no-integrated-cpp:-fpreprocessed %{save-temps*:%b.mii} %{!save-temps*:%g.mii}}\
+ 	      %{!save-temps*:%{!no-integrated-cpp:%(cpp_unique_options)}}\
+-	%(cc1_options) %2\
++	%(cc1_options) %(distro_defaults) %2\
+        %{!fsyntax-only:%(invoke_as)}}}}",
+      CPLUSPLUS_CPP_SPEC, 0, 0},
+   {".mii", "@objective-c++-cpp-output", 0, 0, 0},
+   {"@objective-c++-cpp-output",
+    "%{!M:%{!MM:%{!E:\
+-    cc1objplus -fpreprocessed %i %(cc1_options) %2\
++    cc1objplus -fpreprocessed %i %(cc1_options) %(distro_defaults) %2\
+     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+   {"@objc++-cpp-output",
+    "%nobjc++-cpp-output is deprecated; please use objective-c++-cpp-output instead\n\
+     %{!M:%{!MM:%{!E:\
+-    cc1objplus -fpreprocessed %i %(cc1_options) %2\
++    cc1objplus -fpreprocessed %i %(cc1_options) %(distro_defaults) %2\
+     %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0},
+--- a/src/gcc/c-family/c-cppbuiltin.cc
++++ b/src/gcc/c-family/c-cppbuiltin.cc
+@@ -34,6 +34,11 @@ along with GCC; see the file COPYING3.
+ #include "cppbuiltin.h"
+ #include "configargs.h"
+ 
++/* Inject some default compilation flags which are used as the default.
++   Done by the packaging build system.  Should that be done in the headers
++   in gcc/config/<arch>/ instead?  */
++#include "distro-defaults.h"
++
+ #ifndef TARGET_OS_CPP_BUILTINS
+ # define TARGET_OS_CPP_BUILTINS()
+ #endif
+@@ -1578,6 +1583,15 @@ c_cpp_builtins (cpp_reader *pfile)
+   builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0);
+   builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0);
+ 
++#ifdef DIST_DEFAULT_FORTIFY_SOURCE
++  /* Fortify Source enabled by default for optimization levels > 0 */
++  if (optimize &&
++      !cpp_defined(parse_in,
++		   (const unsigned char *) "_FORTIFY_SOURCE",
++		   strlen("_FORTIFY_SOURCE")))
++    builtin_define_with_int_value ("_FORTIFY_SOURCE", DIST_DEFAULT_FORTIFY_SOURCE);
++#endif
++
+   /* Misc.  */
+   if (flag_gnu89_inline)
+     cpp_define (pfile, "__GNUC_GNU_INLINE__");
-- 
cgit v1.2.3