From 3c9814742710b313feea04b0b0cfcd038056a292 Mon Sep 17 00:00:00 2001 From: Ilya Fedin Date: Wed, 5 Oct 2022 14:24:09 +0400 Subject: [PATCH] Set hardening flags only for non-packaged/special target builds --- options_linux.cmake | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) diff --git a/options_linux.cmake b/options_linux.cmake index 0065750..457a79e 100644 --- a/options_linux.cmake +++ b/options_linux.cmake @@ -6,14 +6,8 @@ target_compile_options(common_options INTERFACE - $,,-fno-strict-aliasing> -) - -target_compile_options_if_exists(common_options -INTERFACE - -fstack-protector-all - -fstack-clash-protection -fPIC + $<$>:-fno-strict-aliasing> -pipe -Wall -Wextra @@ -26,12 +20,6 @@ INTERFACE -Wno-deprecated-declarations # TODO: Remove when there will be no Qt 5 support ) -target_compile_definitions(common_options -INTERFACE - $,,_FORTIFY_SOURCE=2> - _GLIBCXX_ASSERTIONS -) - target_link_options_if_exists(common_options INTERFACE -pthread @@ -41,17 +29,16 @@ INTERFACE if (DESKTOP_APP_SPECIAL_TARGET) target_compile_options(common_options INTERFACE - $,,-Ofast> + $<$>:-Ofast> -Werror + $<$>:-g> + $<$>:-flto> ) - target_link_options(common_options INTERFACE - $,,-Ofast> + $<$>:-flto> + $<$>:-fuse-linker-plugin> ) - - target_compile_options(common_options INTERFACE $,,-g -flto>) - target_link_options(common_options INTERFACE $,,-g -flto -fuse-linker-plugin>) endif() if (NOT DESKTOP_APP_USE_PACKAGED) @@ -76,10 +63,26 @@ if (NOT DESKTOP_APP_USE_PACKAGED) INTERFACE -rdynamic -fwhole-program + ) +endif() + +if (NOT DESKTOP_APP_USE_PACKAGED OR DESKTOP_APP_SPECIAL_TARGET) + target_compile_options_if_exists(common_options + INTERFACE + -fstack-protector-all + -fstack-clash-protection + ) + target_link_options(common_options + INTERFACE -Wl,-z,relro -Wl,-z,now # -pie # https://gitlab.gnome.org/GNOME/nautilus/-/issues/1601 ) + target_compile_definitions(common_options + INTERFACE + $<$>:_FORTIFY_SOURCE=2> + _GLIBCXX_ASSERTIONS + ) endif() if (NOT DESKTOP_APP_DISABLE_JEMALLOC)