Inferencium/cfg
1
0
Fork 0
Code Issues Activity

Add Clang integer overflow and undefined behaviour compilation hardening flags.

Browse Source
This commit is contained in:
inference 2022-08-24 14:34:40 +01:00
parent c8499b1ac2
commit 9c059272af
5 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
portage/env/nolto-nopie.conf vendored
View File

@ -20,7 +20,7 @@ OBJDUMP="llvm-objdump"
# Flags. # Flags.
## Hardening flags. ## Hardening flags.
C_HARDENING="-fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2" C_HARDENING="-fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2 -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang -fwrapv"
LD_HARDENING="-Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro" LD_HARDENING="-Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro"
## Common flags. ## Common flags.

2
portage/env/nolto.conf vendored
View File

@ -20,7 +20,7 @@ OBJDUMP="llvm-objdump"
# Flags. # Flags.
## Hardening flags. ## Hardening flags.
C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2" C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2 -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang -fwrapv"
LD_HARDENING="-Wl,-pie -Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro" LD_HARDENING="-Wl,-pie -Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro"
## Common flags. ## Common flags.

2
portage/env/nopie.conf vendored
View File

@ -20,7 +20,7 @@ OBJDUMP="llvm-objdump"
# Flags. # Flags.
## Hardening flags. ## Hardening flags.
C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2" C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2 -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang -fwrapv"
LD_HARDENING="-Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro" LD_HARDENING="-Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro"
## Common flags. ## Common flags.

2
portage/env/werror.conf vendored
View File

@ -20,7 +20,7 @@ OBJDUMP="llvm-objdump"
# Flags. # Flags.
## Hardening flags. ## Hardening flags.
C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2" C_HARDENING="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2 -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang -fwrapv"
LD_HARDENING="-Wl,-z,now -Wl,-z,relro -pie -Wl,--strip-all" LD_HARDENING="-Wl,-z,now -Wl,-z,relro -pie -Wl,--strip-all"
## Common flags. ## Common flags.

2
portage/make.conf
View File

@ -20,7 +20,7 @@ STRIP="llvm-strip"
# Flags. # Flags.
## Hardening flags. ## Hardening flags.
C_SEC="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2" C_SEC="-fPIE -fPIC -fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=2 -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang -fwrapv"
LD_SEC="-Wl,-pie -Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro" LD_SEC="-Wl,-pie -Wl,--strip-all -Wl,-z,defs -Wl,-z,now -Wl,-z,relro"
## Common flags. ## Common flags.