toolchain: add gcc configure default PIE and SSP

GCC supports starting version 5 --enable-default-ssp and starting version 6 --enable-default-pie. It produces hardened binaries by default without dealing with package compilation flags. Signed-off-by: Julien Dusser <julien.dusser@free.fr>
author: Julien Dusser <julien.dusser@free.fr> 2018-01-07 17:41:35 +0100
committer: Hauke Mehrtens <hauke@hauke-m.de> 2018-01-27 19:02:47 +0100
commit: 55779569eb817361222d653accd929a752b8327d (patch)
tree: 7a9bf11f138f57a0303eda7bee72f5e3233487f3 /toolchain/gcc/common.mk
parent: df0bd42fdeb76c9bc51b816c3df699db123c0024 (diff)
download: upstream-55779569eb817361222d653accd929a752b8327d.tar.gz
upstream-55779569eb817361222d653accd929a752b8327d.tar.bz2
upstream-55779569eb817361222d653accd929a752b8327d.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/toolchain/gcc/common.mk b/toolchain/gcc/common.mk
index 7c4e773a0f..ece71ef028 100644
--- a/toolchain/gcc/common.mk
+++ b/toolchain/gcc/common.mk
@@ -133,6 +133,16 @@ ifndef GCC_VERSION_4_8
   GCC_CONFIGURE += --with-diagnostics-color=auto-if-env
 endif
 
+ifneq ($(CONFIG_GCC_DEFAULT_PIE),)
+  GCC_CONFIGURE+= \
+		--enable-default-pie
+endif
+
+ifneq ($(CONFIG_GCC_DEFAULT_SSP),)
+  GCC_CONFIGURE+= \
+		--enable-default-ssp
+endif
+
 ifneq ($(CONFIG_SSP_SUPPORT),)
   GCC_CONFIGURE+= \
 		--enable-libssp
author	Julien Dusser <julien.dusser@free.fr>	2018-01-07 17:41:35 +0100
committer	Hauke Mehrtens <hauke@hauke-m.de>	2018-01-27 19:02:47 +0100
commit	55779569eb817361222d653accd929a752b8327d (patch)
tree	7a9bf11f138f57a0303eda7bee72f5e3233487f3 /toolchain/gcc/common.mk
parent	df0bd42fdeb76c9bc51b816c3df699db123c0024 (diff)
download	upstream-55779569eb817361222d653accd929a752b8327d.tar.gz upstream-55779569eb817361222d653accd929a752b8327d.tar.bz2 upstream-55779569eb817361222d653accd929a752b8327d.zip