commit: 438b8a83658946ab18ef459eff68e1aec7fdfeca
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 11 16:00:43 2021 +0000
Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
CommitDate: Sat Dec 11 16:00:43 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=438b8a83
profiles, clang feature: shrink back hardening flags to minimum for now
Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org>
profiles/features/clang/make.defaults | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/profiles/features/clang/make.defaults
b/profiles/features/clang/make.defaults
index a2235ff4a494..7674593179f7 100644
--- a/profiles/features/clang/make.defaults
+++ b/profiles/features/clang/make.defaults
@@ -13,9 +13,14 @@ LD="ld.lld"
# linker flags
LDFLAGS="${LDFLAGS} -fuse-ld=lld -rtlib=compiler-rt -unwindlib=libunwind
-Wl,--as-needed"
-# hardening flags
-SOME_HARDENING_CFLAGS="-fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2"
-SOME_HARDENING_LDFLAGS="-Wl,-z,relro,-z,now -pie"
+## hardening flags
+#SOME_HARDENING_CFLAGS="-fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2"
+#SOME_HARDENING_LDFLAGS="-Wl,-z,relro,-z,now -pie"
+#
+# we need to eventually do this the same way as in gcc, for now let's
+# keep it to a minimum
+SOME_HARDENING_CFLAGS="-D_FORTIFY_SOURCE=2"
+SOME_HARDENING_LDFLAGS=""
# enable hardening by default, cf. gcc[pie,ssp]
CFLAGS="${CFLAGS} ${SOME_HARDENING_FLAGS}"
