1 |
No functional change. |
2 |
|
3 |
Signed-off-by: Sam James <sam@g.o> |
4 |
--- |
5 |
eclass/flag-o-matic.eclass | 15 +++++++++++---- |
6 |
1 file changed, 11 insertions(+), 4 deletions(-) |
7 |
|
8 |
diff --git a/eclass/flag-o-matic.eclass b/eclass/flag-o-matic.eclass |
9 |
index 38ad14d8f5fe8..37577209281a1 100644 |
10 |
--- a/eclass/flag-o-matic.eclass |
11 |
+++ b/eclass/flag-o-matic.eclass |
12 |
@@ -49,13 +49,20 @@ setup-allowed-flags() { |
13 |
_setup-allowed-flags() { |
14 |
ALLOWED_FLAGS=( |
15 |
-pipe -O '-O[12sg]' '-mcpu=*' '-march=*' '-mtune=*' |
16 |
+ |
17 |
+ # Hardening flags |
18 |
'-fstack-protector*' |
19 |
- '-fsanitize*' '-fno-sanitize*' |
20 |
'-fstack-check*' -fno-stack-check |
21 |
- -fbounds-check -fbounds-checking -fno-strict-overflow |
22 |
- -fno-PIE -fno-pie -nopie -no-pie -fno-unit-at-a-time |
23 |
+ -fbounds-check -fbounds-checking |
24 |
+ -fno-PIE -fno-pie -nopie -no-pie |
25 |
+ |
26 |
+ # Misc |
27 |
+ -fno-unit-at-a-time -fno-strict-overflow |
28 |
+ |
29 |
+ # Sanitizers |
30 |
+ '-fsanitize*' '-fno-sanitize*' |
31 |
|
32 |
- # debugging symbols should generally be very safe to add |
33 |
+ # Debugging symbols should generally be very safe to add |
34 |
-g '-g[0-9]' |
35 |
-ggdb '-ggdb[0-9]' |
36 |
-gdwarf '-gdwarf-*' |
37 |
-- |
38 |
2.34.1 |