Import propolice (http://www.trl.ibm.com/projects/security/ssp), a stack

attack protection scheme, into gcc.

This protection is enabled by default. It can be turned off by using the
-fno-stack-protector flag.

Code by Hiroaki Etoh (etoh at jp dot ibm dot com); work on openbsd-specific
integration by fgsch@, deraadt@ and myself; tests by fgsch@, naddy@ and
myself; beer drinking by myself.

Please note that system upgrades with this new code will require a new
libc and ld.so to be build and installed before the propolice-enabled
compiler can be installed.

1 files changed, 15 insertions, 0 deletions

diff --git a/gnu/egcs/gcc/explow.c b/gnu/egcs/gcc/explow.c
index f06d99214e1..603a8d7c594 100644
--- a/gnu/egcs/gcc/explow.c
+++ b/gnu/egcs/gcc/explow.c
@@ -473,6 +473,21 @@ memory_address (mode, x)
 	 in certain cases.  This is not necessary since the code
 	 below can handle all possible cases, but machine-dependent
 	 transformations can make better code.  */
+      if (flag_propolice_protection)
+	{
+#define FRAMEADDR_P(X) (GET_CODE (X) == PLUS				\
+			&& XEXP (X, 0) == virtual_stack_vars_rtx	\
+			&& GET_CODE (XEXP (X, 1)) == CONST_INT)
+	  rtx y;
+	  if (FRAMEADDR_P (x)) goto win;
+	  for (y=x; y!=0 && GET_CODE (y)==PLUS; y = XEXP (y, 0))
+	    {
+	      if (FRAMEADDR_P (XEXP (y, 0)))
+		XEXP (y, 0) = force_reg (GET_MODE (XEXP (y, 0)), XEXP (y, 0));
+	      if (FRAMEADDR_P (XEXP (y, 1)))
+		XEXP (y, 1) = force_reg (GET_MODE (XEXP (y, 1)), XEXP (y, 1));
+	    }
+	}
       LEGITIMIZE_ADDRESS (x, oldx, mode, win);
 
       /* PLUS and MULT can appear in special ways