| 1 |
No functional change. |
| 2 |
|
| 3 |
Signed-off-by: Sam James <sam@g.o> |
| 4 |
--- |
| 5 |
eclass/flag-o-matic.eclass | 15 +++++++++++---- |
| 6 |
1 file changed, 11 insertions(+), 4 deletions(-) |
| 7 |
|
| 8 |
diff --git a/eclass/flag-o-matic.eclass b/eclass/flag-o-matic.eclass |
| 9 |
index 38ad14d8f5fe8..37577209281a1 100644 |
| 10 |
--- a/eclass/flag-o-matic.eclass |
| 11 |
+++ b/eclass/flag-o-matic.eclass |
| 12 |
@@ -49,13 +49,20 @@ setup-allowed-flags() { |
| 13 |
_setup-allowed-flags() { |
| 14 |
ALLOWED_FLAGS=( |
| 15 |
-pipe -O '-O[12sg]' '-mcpu=*' '-march=*' '-mtune=*' |
| 16 |
+ |
| 17 |
+ # Hardening flags |
| 18 |
'-fstack-protector*' |
| 19 |
- '-fsanitize*' '-fno-sanitize*' |
| 20 |
'-fstack-check*' -fno-stack-check |
| 21 |
- -fbounds-check -fbounds-checking -fno-strict-overflow |
| 22 |
- -fno-PIE -fno-pie -nopie -no-pie -fno-unit-at-a-time |
| 23 |
+ -fbounds-check -fbounds-checking |
| 24 |
+ -fno-PIE -fno-pie -nopie -no-pie |
| 25 |
+ |
| 26 |
+ # Misc |
| 27 |
+ -fno-unit-at-a-time -fno-strict-overflow |
| 28 |
+ |
| 29 |
+ # Sanitizers |
| 30 |
+ '-fsanitize*' '-fno-sanitize*' |
| 31 |
|
| 32 |
- # debugging symbols should generally be very safe to add |
| 33 |
+ # Debugging symbols should generally be very safe to add |
| 34 |
-g '-g[0-9]' |
| 35 |
-ggdb '-ggdb[0-9]' |
| 36 |
-gdwarf '-gdwarf-*' |
| 37 |
-- |
| 38 |
2.34.1 |
Archives