1From 9abda1bb380bdbef1affaec381742ced394ca118 Mon Sep 17 00:00:00 2001
2From: Lada Trimasova <ltrimas@synopsys.com>
3Date: Mon, 18 Jan 2016 15:58:19 +0300
4Subject: [PATCH] Check if the compiler understands pie and relro options
5
6-pie and -fpie enable the building of position-independent
7executables, and -Wl,-z,relro turns on read-only relocation support in gcc.
8Add checks to ensure that the compiler and linker understand these options.
9
10Signed-off-by: Lada Trimasova <ltrimas@synopsys.com>
11[Bernd: Rebased for version 0.3.14]
12Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
13---
14 configure.ac                |  5 +++
15 m4/ax_check_compile_flag.m4 | 72 ++++++++++++++++++++++++++++++++++++
16 m4/ax_check_link_flag.m4    | 71 +++++++++++++++++++++++++++++++++++
17 src/tcsd/Makefile.am        |  4 +-
18 4 files changed, 150 insertions(+), 2 deletions(-)
19 create mode 100644 m4/ax_check_compile_flag.m4
20 create mode 100644 m4/ax_check_link_flag.m4
21
22diff --git a/configure.in b/configure.in
23index add23dc..9603353 100644
24--- a/configure.ac
25+++ b/configure.ac
26@@ -12,6 +12,7 @@ TSS_VER_MINOR=3
27 # compute $target
28 AC_CANONICAL_TARGET
29 AM_INIT_AUTOMAKE([foreign subdir-objects 1.6])
30+AC_CONFIG_MACRO_DIR([m4])
31
32 # Debugging support
33 AC_ARG_ENABLE([debug],
34@@ -383,6 +384,10 @@ elif test x"${prefix}" = x"NONE"; then
35 	localstatedir="/usr/local/var"
36 fi
37
38+AX_CHECK_COMPILE_FLAG([-fPIE -DPIE], [PIE_CFLAGS="-fPIE -DPIE"])
39+AX_CHECK_LINK_FLAG([-pie], [PIE_LDFLAGS="$PIE_LDFLAGS -pie"])
40+AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"])
41+
42 AC_OUTPUT(dist/tcsd.conf \
43 	  dist/fedora/trousers.spec \
44 	  dist/trousers.spec \
45diff --git a/m4/ax_check_compile_flag.m4 b/m4/ax_check_compile_flag.m4
46new file mode 100644
47index 0000000..c3a8d69
48--- /dev/null
49+++ b/m4/ax_check_compile_flag.m4
50@@ -0,0 +1,72 @@
51+# ===========================================================================
52+#   http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
53+# ===========================================================================
54+#
55+# SYNOPSIS
56+#
57+#   AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
58+#
59+# DESCRIPTION
60+#
61+#   Check whether the given FLAG works with the current language's compiler
62+#   or gives an error.  (Warnings, however, are ignored)
63+#
64+#   ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
65+#   success/failure.
66+#
67+#   If EXTRA-FLAGS is defined, it is added to the current language's default
68+#   flags (e.g. CFLAGS) when the check is done.  The check is thus made with
69+#   the flags: "CFLAGS EXTRA-FLAGS FLAG".  This can for example be used to
70+#   force the compiler to issue an error when a bad flag is given.
71+#
72+#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
73+#   macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
74+#
75+# LICENSE
76+#
77+#   Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
78+#   Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
79+#
80+#   This program is free software: you can redistribute it and/or modify it
81+#   under the terms of the GNU General Public License as published by the
82+#   Free Software Foundation, either version 3 of the License, or (at your
83+#   option) any later version.
84+#
85+#   This program is distributed in the hope that it will be useful, but
86+#   WITHOUT ANY WARRANTY; without even the implied warranty of
87+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
88+#   Public License for more details.
89+#
90+#   You should have received a copy of the GNU General Public License along
91+#   with this program. If not, see <http://www.gnu.org/licenses/>.
92+#
93+#   As a special exception, the respective Autoconf Macro's copyright owner
94+#   gives unlimited permission to copy, distribute and modify the configure
95+#   scripts that are the output of Autoconf when processing the Macro. You
96+#   need not follow the terms of the GNU General Public License when using
97+#   or distributing such scripts, even though portions of the text of the
98+#   Macro appear in them. The GNU General Public License (GPL) does govern
99+#   all other use of the material that constitutes the Autoconf Macro.
100+#
101+#   This special exception to the GPL applies to versions of the Autoconf
102+#   Macro released by the Autoconf Archive. When you make and distribute a
103+#   modified version of the Autoconf Macro, you may extend this special
104+#   exception to the GPL to apply to your modified version as well.
105+
106+#serial 2
107+
108+AC_DEFUN([AX_CHECK_COMPILE_FLAG],
109+[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
110+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
111+AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
112+  ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
113+  _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
114+  AC_COMPILE_IFELSE([AC_LANG_PROGRAM()],
115+    [AS_VAR_SET(CACHEVAR,[yes])],
116+    [AS_VAR_SET(CACHEVAR,[no])])
117+  _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
118+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
119+  [m4_default([$2], :)],
120+  [m4_default([$3], :)])
121+AS_VAR_POPDEF([CACHEVAR])dnl
122+])dnl AX_CHECK_COMPILE_FLAGS
123diff --git a/m4/ax_check_link_flag.m4 b/m4/ax_check_link_flag.m4
124new file mode 100644
125index 0000000..e2d0d36
126--- /dev/null
127+++ b/m4/ax_check_link_flag.m4
128@@ -0,0 +1,71 @@
129+# ===========================================================================
130+#    http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html
131+# ===========================================================================
132+#
133+# SYNOPSIS
134+#
135+#   AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
136+#
137+# DESCRIPTION
138+#
139+#   Check whether the given FLAG works with the linker or gives an error.
140+#   (Warnings, however, are ignored)
141+#
142+#   ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
143+#   success/failure.
144+#
145+#   If EXTRA-FLAGS is defined, it is added to the linker's default flags
146+#   when the check is done.  The check is thus made with the flags: "LDFLAGS
147+#   EXTRA-FLAGS FLAG".  This can for example be used to force the linker to
148+#   issue an error when a bad flag is given.
149+#
150+#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
151+#   macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG.
152+#
153+# LICENSE
154+#
155+#   Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
156+#   Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
157+#
158+#   This program is free software: you can redistribute it and/or modify it
159+#   under the terms of the GNU General Public License as published by the
160+#   Free Software Foundation, either version 3 of the License, or (at your
161+#   option) any later version.
162+#
163+#   This program is distributed in the hope that it will be useful, but
164+#   WITHOUT ANY WARRANTY; without even the implied warranty of
165+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
166+#   Public License for more details.
167+#
168+#   You should have received a copy of the GNU General Public License along
169+#   with this program. If not, see <http://www.gnu.org/licenses/>.
170+#
171+#   As a special exception, the respective Autoconf Macro's copyright owner
172+#   gives unlimited permission to copy, distribute and modify the configure
173+#   scripts that are the output of Autoconf when processing the Macro. You
174+#   need not follow the terms of the GNU General Public License when using
175+#   or distributing such scripts, even though portions of the text of the
176+#   Macro appear in them. The GNU General Public License (GPL) does govern
177+#   all other use of the material that constitutes the Autoconf Macro.
178+#
179+#   This special exception to the GPL applies to versions of the Autoconf
180+#   Macro released by the Autoconf Archive. When you make and distribute a
181+#   modified version of the Autoconf Macro, you may extend this special
182+#   exception to the GPL to apply to your modified version as well.
183+
184+#serial 2
185+
186+AC_DEFUN([AX_CHECK_LINK_FLAG],
187+[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl
188+AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [
189+  ax_check_save_flags=$LDFLAGS
190+  LDFLAGS="$LDFLAGS $4 $1"
191+  AC_LINK_IFELSE([AC_LANG_PROGRAM()],
192+    [AS_VAR_SET(CACHEVAR,[yes])],
193+    [AS_VAR_SET(CACHEVAR,[no])])
194+  LDFLAGS=$ax_check_save_flags])
195+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
196+  [m4_default([$2], :)],
197+  [m4_default([$3], :)])
198+AS_VAR_POPDEF([CACHEVAR])dnl
199+])dnl AX_CHECK_LINK_FLAGS
200diff --git a/src/tcsd/Makefile.am b/src/tcsd/Makefile.am
201index 2210734..6640ab2 100644
202--- a/src/tcsd/Makefile.am
203+++ b/src/tcsd/Makefile.am
204@@ -1,8 +1,8 @@
205 sbin_PROGRAMS=tcsd
206
207-tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE
208+tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include $(PIE_CFLAGS)
209 tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@
210-tcsd_LDFLAGS=@TCSD_LDFLAGS@
211+tcsd_LDFLAGS=$(PIE_LDFLAGS) $(RELRO_LDFLAGS)
212 tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c
213
214 if TSS_BUILD_PS
215