1 |
-fstack-clash-protection suggested by Arfrever. |
2 |
|
3 |
Reported-by: Arfrever Frehtes Taifersar Arahesis <Arfrever@××××××.Org> |
4 |
Signed-off-by: Sam James <sam@g.o> |
5 |
--- |
6 |
eclass/flag-o-matic.eclass | 2 ++ |
7 |
1 file changed, 2 insertions(+) |
8 |
|
9 |
diff --git a/eclass/flag-o-matic.eclass b/eclass/flag-o-matic.eclass |
10 |
index 7ac4f4a7791d1..062bd04e2e0bd 100644 |
11 |
--- a/eclass/flag-o-matic.eclass |
12 |
+++ b/eclass/flag-o-matic.eclass |
13 |
@@ -53,6 +53,8 @@ _setup-allowed-flags() { |
14 |
# Hardening flags |
15 |
'-fstack-protector*' |
16 |
'-fstack-check*' -fno-stack-check |
17 |
+ -fstack-clash-protection |
18 |
+ '-fcf-protection=*' |
19 |
-fbounds-check -fbounds-checking |
20 |
-fno-PIE -fno-pie -nopie -no-pie |
21 |
# Spectre mitigations, bug #646076 |
22 |
-- |
23 |
2.34.1 |