* Fix PR lto/95604, proposed patch.
* Reorganize the distro defaults patches.
Matthias Klose
3 years ago
11 | 11 | PR libfortran/95390, PR libfortran/95104, PR libfortran/95104, |
12 | 12 | PR libfortran/95191, PR libgomp/92854, PR libgomp/92854, |
13 | 13 | PR libstdc++/95322, PR libstdc++/77691. |
14 | * Add the CF_PROTECTION_SPEC to the LINK_COMMAND_SPEC. | |
14 | * Fix PR lto/95604, proposed patch. | |
15 | * Reorganize the distro defaults patches. | |
15 | 16 | |
16 | 17 | -- Matthias Klose <doko@debian.org> Thu, 11 Jun 2020 12:19:06 +0200 |
17 | 18 |
0 | # DP: Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++, | |
1 | # DP: if the optimization level is > 0 | |
2 | ||
3 | --- | |
4 | gcc/doc/invoke.texi | 6 ++++++ | |
5 | gcc/c-family/c-cppbuiltin.c | 3 + | |
6 | 2 files changed, 9 insertions(+), 0 deletions(-) | |
7 | ||
8 | --- a/src/gcc/doc/invoke.texi | |
9 | +++ b/src/gcc/doc/invoke.texi | |
10 | @@ -8322,6 +8322,12 @@ also turns on the following optimization | |
11 | Please note the warning under @option{-fgcse} about | |
12 | invoking @option{-O2} on programs that use computed gotos. | |
13 | ||
14 | +NOTE: In Ubuntu 8.10 and later versions, @option{-D_FORTIFY_SOURCE=2} is | |
15 | +set by default, and is activated when @option{-O} is set to 2 or higher. | |
16 | +This enables additional compile-time and run-time checks for several libc | |
17 | +functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or | |
18 | +@option{-D_FORTIFY_SOURCE=0}. | |
19 | + | |
20 | @item -O3 | |
21 | @opindex O3 | |
22 | Optimize yet more. @option{-O3} turns on all optimizations specified | |
23 | --- a/src/gcc/c-family/c-cppbuiltin.c | |
24 | +++ b/src/gcc/c-family/c-cppbuiltin.c | |
25 | @@ -1357,6 +1357,12 @@ c_cpp_builtins (cpp_reader *pfile) | |
26 | builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0); | |
27 | builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0); | |
28 | ||
29 | +#if !defined(ACCEL_COMPILER) | |
30 | + /* Fortify Source enabled by default for optimization levels > 0 */ | |
31 | + if (optimize) | |
32 | + builtin_define_with_int_value ("_FORTIFY_SOURCE", 2); | |
33 | +#endif | |
34 | + | |
35 | /* Misc. */ | |
36 | if (flag_gnu89_inline) | |
37 | cpp_define (pfile, "__GNUC_GNU_INLINE__"); |
0 | # DP: Turn on -Wl,-z,relro by default. | |
1 | ||
2 | --- | |
3 | gcc/doc/invoke.texi | 3 +++ | |
4 | gcc/gcc.c | 1 + | |
5 | 2 files changed, 4 insertions(+), 0 deletions(-) | |
6 | ||
7 | --- a/src/gcc/doc/invoke.texi | |
8 | +++ b/src/gcc/doc/invoke.texi | |
9 | @@ -13546,6 +13546,9 @@ For example, @option{-Wl,-Map,output.map | |
10 | linker. When using the GNU linker, you can also get the same effect with | |
11 | @option{-Wl,-Map=output.map}. | |
12 | ||
13 | +NOTE: In Ubuntu 8.10 and later versions, for LDFLAGS, the option | |
14 | +@option{-Wl,-z,relro} is used. To disable, use @option{-Wl,-z,norelro}. | |
15 | + | |
16 | @item -u @var{symbol} | |
17 | @opindex u | |
18 | Pretend the symbol @var{symbol} is undefined, to force linking of | |
19 | --- a/src/gcc/gcc.c | |
20 | +++ b/src/gcc/gcc.c | |
21 | @@ -1122,6 +1122,12 @@ proper position among the other output f | |
22 | to understand them. In practice, this means it had better be collect2. */ | |
23 | /* %{e*} includes -export-dynamic; see comment in common.opt. */ | |
24 | ||
25 | +#if defined(ACCEL_COMPILER) | |
26 | +# define RELRO_SPEC "" | |
27 | +#else | |
28 | +# define RELRO_SPEC "-z relro " | |
29 | +#endif | |
30 | + | |
31 | #ifndef LINK_COMMAND_SPEC | |
32 | #define LINK_COMMAND_SPEC "\ | |
33 | %{!fsyntax-only:%{!c:%{!M:%{!MM:%{!E:%{!S:\ | |
34 | @@ -1131,6 +1137,7 @@ proper position among the other output f | |
35 | %{flto} %{fno-lto} %{flto=*} %l " LINK_PIE_SPEC \ | |
36 | "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \ | |
37 | CF_PROTECTION_SPEC \ | |
38 | + RELRO_SPEC \ | |
39 | "%X %{o*} %{e*} %{N} %{n} %{r}\ | |
40 | %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!r:%{!nostartfiles:%S}}} \ | |
41 | %{static|no-pie|static-pie:} %@{L*} %(mfwrap) %(link_libgcc) " \ |
0 | # DP: Document distro specific compiler flags turned on by default | |
1 | ||
2 | --- a/src/gcc/doc/invoke.texi | |
3 | +++ b/src/gcc/doc/invoke.texi | |
4 | @@ -10993,6 +10993,11 @@ branch target registers within any basic | |
5 | Optimize the prologue of variadic argument functions with respect to usage of | |
6 | those arguments. | |
7 | ||
8 | +NOTE: In Ubuntu 14.10 and later versions, | |
9 | +@option{-fstack-protector-strong} is enabled by default for C, | |
10 | +C++, ObjC, ObjC++, if none of @option{-fno-stack-protector}, | |
11 | +@option{-nostdlib}, nor @option{-ffreestanding} are found. | |
12 | + | |
13 | @item -fsection-anchors | |
14 | @opindex fsection-anchors | |
15 | Try to reduce the number of symbolic address calculations by using | |
16 | @@ -11617,6 +11622,9 @@ value of a shared integer constant. | |
17 | The minimum size of buffers (i.e.@: arrays) that receive stack smashing | |
18 | protection when @option{-fstack-protection} is used. | |
19 | ||
20 | +This default before Ubuntu 10.10 was "8". Currently it is "4", to increase | |
21 | +the number of functions protected by the stack protector. | |
22 | + | |
23 | @item min-size-for-stack-sharing | |
24 | The minimum size of variables taking part in stack slot sharing when not | |
25 | optimizing. | |
26 | @@ -12765,6 +12773,10 @@ which functions and calls should be skip | |
27 | Currently the x86 GNU/Linux target provides an implementation based | |
28 | on Intel Control-flow Enforcement Technology (CET). | |
29 | ||
30 | +NOTE: In Ubuntu 19.10 and later versions, @option{-fcf-protection} | |
31 | +is enabled by default for C, C++, ObjC, ObjC++, if none of | |
32 | +@option{-fno-cf-protection} nor @option{-fcf-protection=*} are found. | |
33 | + | |
34 | @item -fstack-protector | |
35 | @opindex fstack-protector | |
36 | Emit extra code to check for buffer overflows, such as stack smashing | |
37 | @@ -12847,6 +12859,10 @@ allocations. @option{-fstack-clash-prot | |
38 | protection for static stack allocations if the target supports | |
39 | @option{-fstack-check=specific}. | |
40 | ||
41 | +NOTE: In Ubuntu 19.10 and later versions, | |
42 | +@option{-fstack-clash-protection} is enabled by default for C, | |
43 | +C++, ObjC, ObjC++, unless @option{-fno-stack-clash-protection} is found. | |
44 | + | |
45 | @item -fstack-limit-register=@var{reg} | |
46 | @itemx -fstack-limit-symbol=@var{sym} | |
47 | @itemx -fno-stack-limit |
0 | # DP: Document distro specific compiler flags turned on by default | |
1 | ||
2 | --- a/src/gcc/doc/invoke.texi | |
3 | +++ b/src/gcc/doc/invoke.texi | |
4 | @@ -8322,6 +8322,12 @@ also turns on the following optimization | |
5 | Please note the warning under @option{-fgcse} about | |
6 | invoking @option{-O2} on programs that use computed gotos. | |
7 | ||
8 | +NOTE: In Ubuntu 8.10 and later versions, @option{-D_FORTIFY_SOURCE=2} is | |
9 | +set by default, and is activated when @option{-O} is set to 2 or higher. | |
10 | +This enables additional compile-time and run-time checks for several libc | |
11 | +functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or | |
12 | +@option{-D_FORTIFY_SOURCE=0}. | |
13 | + | |
14 | @item -O3 | |
15 | @opindex O3 | |
16 | Optimize yet more. @option{-O3} turns on all optimizations specified | |
17 | @@ -10993,6 +10993,11 @@ branch target registers within any basic | |
18 | Optimize the prologue of variadic argument functions with respect to usage of | |
19 | those arguments. | |
20 | ||
21 | +NOTE: In Ubuntu 14.10 and later versions, | |
22 | +@option{-fstack-protector-strong} is enabled by default for C, | |
23 | +C++, ObjC, ObjC++, if none of @option{-fno-stack-protector}, | |
24 | +@option{-nostdlib}, nor @option{-ffreestanding} are found. | |
25 | + | |
26 | @item -fsection-anchors | |
27 | @opindex fsection-anchors | |
28 | Try to reduce the number of symbolic address calculations by using | |
29 | @@ -11617,6 +11622,9 @@ value of a shared integer constant. | |
30 | The minimum size of buffers (i.e.@: arrays) that receive stack smashing | |
31 | protection when @option{-fstack-protection} is used. | |
32 | ||
33 | +This default before Ubuntu 10.10 was "8". Currently it is "4", to increase | |
34 | +the number of functions protected by the stack protector. | |
35 | + | |
36 | @item min-size-for-stack-sharing | |
37 | The minimum size of variables taking part in stack slot sharing when not | |
38 | optimizing. | |
39 | @@ -12765,6 +12773,10 @@ which functions and calls should be skip | |
40 | Currently the x86 GNU/Linux target provides an implementation based | |
41 | on Intel Control-flow Enforcement Technology (CET). | |
42 | ||
43 | +NOTE: In Ubuntu 19.10 and later versions, @option{-fcf-protection} | |
44 | +is enabled by default for C, C++, ObjC, ObjC++, if none of | |
45 | +@option{-fno-cf-protection} nor @option{-fcf-protection=*} are found. | |
46 | + | |
47 | @item -fstack-protector | |
48 | @opindex fstack-protector | |
49 | Emit extra code to check for buffer overflows, such as stack smashing | |
50 | @@ -12847,6 +12859,10 @@ allocations. @option{-fstack-clash-prot | |
51 | protection for static stack allocations if the target supports | |
52 | @option{-fstack-check=specific}. | |
53 | ||
54 | +NOTE: In Ubuntu 19.10 and later versions, | |
55 | +@option{-fstack-clash-protection} is enabled by default for C, | |
56 | +C++, ObjC, ObjC++, unless @option{-fno-stack-clash-protection} is found. | |
57 | + | |
58 | @item -fstack-limit-register=@var{reg} | |
59 | @itemx -fstack-limit-symbol=@var{sym} | |
60 | @itemx -fno-stack-limit | |
61 | @@ -13546,6 +13546,9 @@ For example, @option{-Wl,-Map,output.map | |
62 | linker. When using the GNU linker, you can also get the same effect with | |
63 | @option{-Wl,-Map=output.map}. | |
64 | ||
65 | +NOTE: In Ubuntu 8.10 and later versions, for LDFLAGS, the option | |
66 | +@option{-Wl,-z,relro} is used. To disable, use @option{-Wl,-z,norelro}. | |
67 | + | |
68 | @item -u @var{symbol} | |
69 | @opindex u | |
70 | Pretend the symbol @var{symbol} is undefined, to force linking of |
13 | 13 | #include "config.h" |
14 | 14 | #include "system.h" |
15 | 15 | #include "coretypes.h" |
16 | @@ -874,6 +879,69 @@ proper position among the other output f | |
16 | @@ -874,6 +879,82 @@ proper position among the other output f | |
17 | 17 | #define LINK_GCC_C_SEQUENCE_SPEC "%G %{!nolibc:%L %G}" |
18 | 18 | #endif |
19 | 19 | |
71 | 71 | +# endif |
72 | 72 | +#endif |
73 | 73 | + |
74 | +#ifndef RELRO_SPEC | |
75 | +# ifdef DIST_DEFAULT_RELRO | |
76 | +# define RELRO_SPEC " -z relro " | |
77 | +# else | |
78 | +# define RELRO_SPEC "" | |
79 | +# endif | |
80 | +#endif | |
81 | + | |
74 | 82 | +/* Don't enable any of those for the offload compilers, |
75 | 83 | + unsupported. */ |
76 | 84 | +#if !defined(DISTRO_DEFAULT_SPEC) && !defined(ACCEL_COMPILER) |
79 | 87 | +#else |
80 | 88 | +# define DISTRO_DEFAULT_SPEC "" |
81 | 89 | +#endif |
90 | +#if !defined(DISTRO_DEFAULT_LINK_SPEC) && !defined(ACCEL_COMPILER) | |
91 | +# define DISTRO_DEFAULT_LINK_SPEC RELRO_SPEC | |
92 | +#else | |
93 | +# define DISTRO_DEFAULT_LINK_SPEC "" | |
94 | +#endif | |
82 | 95 | + |
83 | 96 | #ifndef LINK_SSP_SPEC |
84 | 97 | #ifdef TARGET_LIBC_PROVIDES_SSP |
85 | 98 | #define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \ |
86 | @@ -1039,6 +1107,7 @@ proper position among the other output f | |
99 | @@ -1039,6 +1120,7 @@ proper position among the other output f | |
87 | 100 | "%{flto|flto=*:%<fcompare-debug*} \ |
88 | 101 | %{flto} %{fno-lto} %{flto=*} %l " LINK_PIE_SPEC \ |
89 | 102 | "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \ |
90 | + CF_PROTECTION_SPEC \ | |
103 | + DISTRO_DEFAULT_LINK_SPEC \ | |
91 | 104 | "%X %{o*} %{e*} %{N} %{n} %{r}\ |
92 | 105 | %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!r:%{!nostartfiles:%S}}} \ |
93 | 106 | %{static|no-pie|static-pie:} %@{L*} %(mfwrap) %(link_libgcc) " \ |
94 | @@ -1078,6 +1147,7 @@ static const char *cpp_spec = CPP_SPEC; | |
107 | @@ -1078,6 +1160,7 @@ static const char *cpp_spec = CPP_SPEC; | |
95 | 108 | static const char *cc1_spec = CC1_SPEC; |
96 | 109 | static const char *cc1plus_spec = CC1PLUS_SPEC; |
97 | 110 | static const char *link_gcc_c_sequence_spec = LINK_GCC_C_SEQUENCE_SPEC; |
99 | 112 | static const char *link_ssp_spec = LINK_SSP_SPEC; |
100 | 113 | static const char *asm_spec = ASM_SPEC; |
101 | 114 | static const char *asm_final_spec = ASM_FINAL_SPEC; |
102 | @@ -1135,7 +1205,7 @@ static const char *cpp_options = | |
115 | @@ -1135,7 +1218,7 @@ static const char *cpp_options = | |
103 | 116 | "%(cpp_unique_options) %1 %{m*} %{std*&ansi&trigraphs} %{W*&pedantic*} %{w}\ |
104 | 117 | %{f*} %{g*:%{%:debug-level-gt(0):%{g*}\ |
105 | 118 | %{!fno-working-directory:-fworking-directory}}} %{O*}\ |
108 | 121 | |
109 | 122 | /* This contains cpp options which are not passed when the preprocessor |
110 | 123 | output will be used by another program. */ |
111 | @@ -1318,9 +1388,9 @@ static const struct compiler default_com | |
124 | @@ -1318,9 +1401,9 @@ static const struct compiler default_com | |
112 | 125 | %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \ |
113 | 126 | %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\ |
114 | 127 | cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \ |
120 | 133 | %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 1}, |
121 | 134 | {"-", |
122 | 135 | "%{!E:%e-E or -x required when input is from standard input}\ |
123 | @@ -1334,18 +1404,18 @@ static const struct compiler default_com | |
136 | @@ -1334,18 +1417,18 @@ static const struct compiler default_com | |
124 | 137 | %{save-temps*|traditional-cpp|no-integrated-cpp:%(trad_capable_cpp) \ |
125 | 138 | %(cpp_options) -o %{save-temps*:%b.i} %{!save-temps*:%g.i} \n\ |
126 | 139 | cc1 -fpreprocessed %{save-temps*:%b.i} %{!save-temps*:%g.i} \ |
142 | 155 | {".s", "@assembler", 0, 0, 0}, |
143 | 156 | {"@assembler", |
144 | 157 | "%{!M:%{!MM:%{!E:%{!S:as %(asm_debug) %(asm_options) %i %A }}}}", 0, 0, 0}, |
145 | @@ -1576,6 +1646,7 @@ static struct spec_list static_specs[] = | |
158 | @@ -1576,6 +1659,7 @@ static struct spec_list static_specs[] = | |
146 | 159 | INIT_STATIC_SPEC ("cc1_options", &cc1_options), |
147 | 160 | INIT_STATIC_SPEC ("cc1plus", &cc1plus_spec), |
148 | 161 | INIT_STATIC_SPEC ("link_gcc_c_sequence", &link_gcc_c_sequence_spec), |
241 | 254 | - cc1objplus -fpreprocessed %i %(cc1_options) %2\ |
242 | 255 | + cc1objplus -fpreprocessed %i %(cc1_options) %(distro_defaults) %2\ |
243 | 256 | %{!fsyntax-only:%(invoke_as)}}}}", 0, 0, 0}, |
257 | --- a/src/gcc/c-family/c-cppbuiltin.c | |
258 | +++ b/src/gcc/c-family/c-cppbuiltin.c | |
259 | @@ -17,6 +17,11 @@ You should have received a copy of the G | |
260 | along with GCC; see the file COPYING3. If not see | |
261 | <http://www.gnu.org/licenses/>. */ | |
262 | ||
263 | +/* Inject some default compilation flags which are used as the default. | |
264 | + Done by the packaging build system. Should that be done in the headers | |
265 | + gcc/config/<arch>/*.h instead? */ | |
266 | +#include "distro-defaults.h" | |
267 | + | |
268 | #include "config.h" | |
269 | #include "system.h" | |
270 | #include "coretypes.h" | |
271 | @@ -1385,6 +1390,12 @@ c_cpp_builtins (cpp_reader *pfile) | |
272 | builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0); | |
273 | builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0); | |
274 | ||
275 | +#ifdef DIST_DEFAULT_FORTIFY_SOURCE | |
276 | + /* Fortify Source enabled by default for optimization levels > 0 */ | |
277 | + if (optimize) | |
278 | + builtin_define_with_int_value ("_FORTIFY_SOURCE", 2); | |
279 | +#endif | |
280 | + | |
281 | /* Misc. */ | |
282 | if (flag_gnu89_inline) | |
283 | cpp_define (pfile, "__GNUC_GNU_INLINE__"); |
0 | # DP: Fix PR lto/95604, proposed patch | |
1 | ||
2 | PR lto/95604 | |
3 | * lto-wrapper.c (merge_and_complain): Warn about different | |
4 | values for -fcf-protection. | |
5 | (append_compiler_options): Pass -fcf-protection option. | |
6 | * lto-opts.c (lto_write_options): Pass -fcf-protection option. | |
7 | ||
8 | --- a/src/gcc/lto-opts.c | |
9 | +++ b/src/gcc/lto-opts.c | |
10 | @@ -94,6 +94,21 @@ lto_write_options (void) | |
11 | : "-fno-pie"); | |
12 | } | |
13 | ||
14 | + if (!global_options_set.x_flag_cf_protection) | |
15 | + { | |
16 | + append_to_collect_gcc_options ( | |
17 | + &temporary_obstack, &first_p, | |
18 | + global_options.x_flag_cf_protection == CF_NONE | |
19 | + ? "-fcf-protection=none" | |
20 | + : global_options.x_flag_cf_protection == CF_FULL | |
21 | + ? "-fcf-protection=full" | |
22 | + : global_options.x_flag_cf_protection == CF_BRANCH | |
23 | + ? "-fcf-protection=branch" | |
24 | + : global_options.x_flag_cf_protection == CF_RETURN | |
25 | + ? "-fcf-protection=RETURN" | |
26 | + : ""); | |
27 | + } | |
28 | + | |
29 | /* If debug info is enabled append -g. */ | |
30 | if (debug_info_level > DINFO_LEVEL_NONE) | |
31 | append_to_collect_gcc_options (&temporary_obstack, &first_p, "-g"); | |
32 | --- a/src/gcc/lto-wrapper.c | |
33 | +++ b/src/gcc/lto-wrapper.c | |
34 | @@ -287,6 +287,18 @@ | |
35 | foption->orig_option_with_args_text); | |
36 | break; | |
37 | ||
38 | + case OPT_fcf_protection_: | |
39 | + /* Append or check identical. */ | |
40 | + for (j = 0; j < *decoded_options_count; ++j) | |
41 | + if ((*decoded_options)[j].opt_index == foption->opt_index) | |
42 | + break; | |
43 | + if (j == *decoded_options_count) | |
44 | + append_option (decoded_options, decoded_options_count, foption); | |
45 | + else if (strcmp ((*decoded_options)[j].arg, foption->arg)) | |
46 | + warning (input_location, "option %s with different values", | |
47 | + foption->orig_option_with_args_text); | |
48 | + break; | |
49 | + | |
50 | case OPT_O: | |
51 | case OPT_Ofast: | |
52 | case OPT_Og: | |
53 | @@ -645,6 +677,7 @@ | |
54 | case OPT_fopenacc: | |
55 | case OPT_fopenacc_dim_: | |
56 | case OPT_foffload_abi_: | |
57 | + case OPT_fcf_protection_: | |
58 | case OPT_g: | |
59 | case OPT_O: | |
60 | case OPT_Ofast: |
75 | 75 | libgomp-no-werror \ |
76 | 76 | gdc-cross-build \ |
77 | 77 | pr94253 \ |
78 | pr95604 \ | |
78 | 79 | |
79 | 80 | ifneq (,$(filter $(distrelease),wheezy jessie stretch buster lucid precise trusty xenial bionic cosmic disco eoan)) |
80 | 81 | debian_patches += pr85678-revert |
96 | 97 | ifneq (,$(filter $(derivative),Ubuntu)) |
97 | 98 | ifneq (,$(findstring gcc-10, $(PKGSOURCE))) |
98 | 99 | hardening_patches += \ |
99 | gcc-distro-specs-doc \ | |
100 | gcc-default-fortify-source \ | |
101 | gcc-default-relro \ | |
100 | gcc-distro-specs-ubuntu-doc \ | |
102 | 101 | testsuite-hardening-format \ |
103 | 102 | testsuite-hardening-printf-types \ |
104 | 103 | testsuite-hardening-updates \ |
343 | 342 | >> $(srcdir)/gcc/distro-defaults.h |
344 | 343 | endif |
345 | 344 | ifneq (,$(filter $(derivative),Ubuntu)) |
345 | echo '#define DIST_DEFAULT_FORTIFY_SOURCE 1' \ | |
346 | >> $(srcdir)/gcc/distro-defaults.h | |
347 | echo '#define DIST_DEFAULT_RELRO 1' \ | |
348 | >> $(srcdir)/gcc/distro-defaults.h | |
346 | 349 | ifneq (,$(findstring gcc-10, $(PKGSOURCE))) |
347 | 350 | # FIXME: this is directly patched |
348 | 351 | # echo '#define DIST_DEFAULT_FORTIFY_SOURCE 1' \ |