From ceb672bf85f99af9290e0576224072ff6c7533c9 Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Thu, 10 Oct 2013 11:17:52 +0200
Subject: Use hardened linker flags if available

This commit reuse several macros from libvirt to test for
support for "-Wl,-z -Wl,relro", "-Wl,-z -Wl,now" and
"-Wl,--no-copy-dt-needed-entries", and use them if available.
---
 m4/virt-linker-no-indirect.m4 | 32 ++++++++++++++++++++++++++++++++
 m4/virt-linker-relro.m4       | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 m4/virt-linker-no-indirect.m4
 create mode 100644 m4/virt-linker-relro.m4

(limited to 'm4')

diff --git a/m4/virt-linker-no-indirect.m4 b/m4/virt-linker-no-indirect.m4
new file mode 100644
index 00000000..b344f708
--- /dev/null
+++ b/m4/virt-linker-no-indirect.m4
@@ -0,0 +1,32 @@
+dnl
+dnl Check for --no-copy-dt-needed-entries
+dnl
+dnl Copyright (C) 2013 Guido Günther <agx@sigxcpu.org>
+dnl
+dnl This library is free software; you can redistribute it and/or
+dnl modify it under the terms of the GNU Lesser General Public
+dnl License as published by the Free Software Foundation; either
+dnl version 2.1 of the License, or (at your option) any later version.
+dnl
+dnl This library is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+dnl Lesser General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU Lesser General Public
+dnl License along with this library.  If not, see
+dnl <http://www.gnu.org/licenses/>.
+dnl
+
+AC_DEFUN([LIBVIRT_LINKER_NO_INDIRECT],[
+    AC_MSG_CHECKING([for how to avoid indirect lib deps])
+
+    NO_INDIRECT_LDFLAGS=
+    case `$LD --help 2>&1` in
+        *"--no-copy-dt-needed-entries"*)
+		NO_INDIRECT_LDFLAGS="-Wl,--no-copy-dt-needed-entries" ;;
+    esac
+    AC_SUBST([NO_INDIRECT_LDFLAGS])
+
+    AC_MSG_RESULT([$NO_INDIRECT_LDFLAGS])
+])
diff --git a/m4/virt-linker-relro.m4 b/m4/virt-linker-relro.m4
new file mode 100644
index 00000000..079a095f
--- /dev/null
+++ b/m4/virt-linker-relro.m4
@@ -0,0 +1,35 @@
+dnl
+dnl Check for -z now and -z relro linker flags
+dnl
+dnl Copyright (C) 2013 Red Hat, Inc.
+dnl
+dnl This library is free software; you can redistribute it and/or
+dnl modify it under the terms of the GNU Lesser General Public
+dnl License as published by the Free Software Foundation; either
+dnl version 2.1 of the License, or (at your option) any later version.
+dnl
+dnl This library is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+dnl Lesser General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU Lesser General Public
+dnl License along with this library.  If not, see
+dnl <http://www.gnu.org/licenses/>.
+dnl
+
+AC_DEFUN([LIBVIRT_LINKER_RELRO],[
+    AC_MSG_CHECKING([for how to force completely read-only GOT table])
+
+    RELRO_LDFLAGS=
+    ld_help=`$LD --help 2>&1`
+    case $ld_help in
+        *"-z relro"*) RELRO_LDFLAGS="-Wl,-z -Wl,relro" ;;
+    esac
+    case $ld_help in
+        *"-z now"*) RELRO_LDFLAGS="$RELRO_LDFLAGS -Wl,-z -Wl,now" ;;
+    esac
+    AC_SUBST([RELRO_LDFLAGS])
+
+    AC_MSG_RESULT([$RELRO_LDFLAGS])
+])
-- 
cgit