gcc: Harden this package
This is a major rewrite of this package which should probably be broken
down into several commits, but since GCC takes many hours to build, this
has now been mushed into one to keep us moving forward.
This patch re-introduces a full bootstrap of GCC.
We also build GCC with our own compiler flags and make it pass our
hardening checks which includes patching the build system to build GCC
itself as PIE.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- [DBH] gcc/gcc.nm
- [DBH] gcc/patches/0001-gcc-Build-with-PIE.patch
- [DBH] gcc/patches/0002-libcc1-Export-all-symbols.patch
- [DBH] gcc/patches/a25982ada523689c8745d7fb4b1b93c8f5dab2e7.patch