new gzip patch

Robert Connolly robert at linuxfromscratch.org
Sat Oct 23 21:29:14 PDT 2004


Hello. The two attached patches add four new --with switches to configure to 
take advantage of new toolchain features in gcc-3.4+ and binutils-2.15+. They 
are all turned off by default. Use:
./configure --with-ssp --with-now --with-pie --with-relro
at your discretion. Whether or not your toolchain or architecture supports the
features will be tested for during configure. All of these features are 
security enhancements. From ./configure --help the following has been added:
--with-ssp              use -fstack-protector-all if available (default=no)
--with-now              mark gzip with non-lazy runtime binding (default=no)
--with-pie              build gzip as a position independent executable 
(default=no)
--with-relro            create relocation read-only header for gzip 
(default=no)

And during configure you should see something like this if all the switches 
are used:
checking whether gcc accepts -fstack-protector-all... yes
checking whether linker accepts "-z now"... yes
checking whether gcc accepts -fPIE... yes
checking whether linker accepts "-z relro"... yes

This patch has been submitted upstream and is mainly usefull for LFS-6.0+. 
Note if you add -static to CFLAGS or LDFLAGS then -fPIE will fail its test 
and will not be built; otherwise it should act independently of environment 
flags and spec file settings. Comments and suggestions are welcome, I plan to 
make many more of these patches, if they can be improved its best to know 
early.

Gzip should now be fully equipped {&:-]

Best regards
Robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gzip-1.3.5-with_ssp_pie_now_relro-1.patch
Type: text/x-diff
Size: 6765 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20041024/04f86ee3/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gzip-1.3.5-with_ssp_pie_now_relro-autoconf_version-1.patch
Type: text/x-diff
Size: 4152 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20041024/04f86ee3/attachment-0001.patch>


More information about the hlfs-dev mailing list