configure: Provide an hardened toolchain option

author Luca Barbato <lu_zero@gentoo.org>

Mon, 28 Oct 2013 12:22:52 +0000 (13:22 +0100)

committer Luca Barbato <lu_zero@gentoo.org>

Tue, 29 Oct 2013 10:36:00 +0000 (11:36 +0100)
author Luca Barbato <lu_zero@gentoo.org>
Mon, 28 Oct 2013 12:22:52 +0000 (13:22 +0100)
committer Luca Barbato <lu_zero@gentoo.org>
Tue, 29 Oct 2013 10:36:00 +0000 (11:36 +0100)
diff --git a/configure b/configure

index 34a3650..ebd21b2 100755 (executable)
--- a/configure
+++ b/configure
@@ -2288,6 +2288,10 @@ case "$toolchain" in
          add_cflags  -fprofile-arcs -ftest-coverage
          add_ldflags -fprofile-arcs -ftest-coverage
      ;;
+    hardened)
+        add_cflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fno-strict-overflow -fstack-protector-all
+        add_ldflags -Wl,-z,relro -Wl,-z,now
+    ;;
      ?*)
          die "Unknown toolchain $toolchain"
      ;;
author	Luca Barbato <lu_zero@gentoo.org>
	Mon, 28 Oct 2013 12:22:52 +0000 (13:22 +0100)
committer	Luca Barbato <lu_zero@gentoo.org>
	Tue, 29 Oct 2013 10:36:00 +0000 (11:36 +0100)