Hi,

On Sun, 27 Mar 2022 at 23:17, Maxim Cournoyer <maxim.courno...@gmail.com> wrote:
> Maxime Devos <maximede...@telenet.be> writes:
>> I think it would be a lot simpler to just add this to the 'standard'
>> gcc configure flags, in (gnu packages gcc), given that probably the
>> idea is to do this hardening for all packages?  Needs a world-rebuild
>> though.
>
> +1.  The whole distribution can probably benefit from this hardening.

(Parenthesis, the initial question is about how to create a custom gcc,
somehow whatever the options are about, and my answers are in this
direction and not in supporting directly in Guix some variants or even
create a new upstream .  To me, that “a lot simpler” is orthogonal. :-)
Closing parenthesis.)


Yes, for sure, it can be a good idea to follow the “Arch Linux” hardened
flags.  The two question I have are:

 1. Is it well-supported for cross-compiling?

 2. Do we introduce the hardened flags for compiling the hardened
 compiler?  Other said, at which bootstrap level in the chain do we
 introduce these hardened options?


Cheers,
simon

  • Hardened toolchai... zimoun
    • Re: Hardened... zimoun
      • Re: Hard... Development of GNU Guix and the GNU System distribution.
        • Re: ... Development of GNU Guix and the GNU System distribution.
          • ... zimoun
            • ... Development of GNU Guix and the GNU System distribution.
              • ... Development of GNU Guix and the GNU System distribution.
              • ... zimoun
    • Re: Hardened... Maxime Devos
      • Re: Hard... Maxim Cournoyer
        • Re: ... zimoun
        • Re: ... Development of GNU Guix and the GNU System distribution.
        • Re: ... Ludovic Courtès
          • ... Development of GNU Guix and the GNU System distribution.
          • ... jbranso
            • ... Zhu Zihao
              • ... raingloom
              • ... Katherine Cox-Buday
              • ... Aurora
              • ... Katherine Cox-Buday
              • ... Aurora

Reply via email to