macros/cflags.macro

   1 build
   2         # Export CFLAGS
   3         export CFLAGS =
   4
   5         # Export CXXFLAGS
   6         export CXXFLAGS = %{CFLAGS}
   7
   8         # Export LDFLAGS
   9         export LDFLAGS =
  10
  11         # Enable optimisation and compile in debugging information
  12         CFLAGS = -O2 -g
  13
  14         # Enable all compiler warnings
  15         CFLAGS += -Wall
  16
  17         # Fail on any string format security issues
  18         STRING_FORMAT_SECURITY_CFLAGS = -Werror=format-security
  19         CFLAGS += %{STRING_FORMAT_SECURITY_CFLAGS}
  20
  21         # Fortify Source
  22         CFLAGS += -Wp,-U_FORTIFY_SOURCE -Wp,-D_FORTIFY_SOURCE=3
  23
  24         # libstc++ Assertions
  25         CFLAGS += -D_GLIBCXX_ASSERTIONS
  26
  27         # Build Position Independent Code
  28         CFLAGS += -fPIC
  29
  30         # Enable Stack Smashing Protection
  31         CFLAGS += -fstack-protector-all
  32
  33         # Enable unwind tables
  34         CFLAGS += -funwind-tables -fasynchronous-unwind-tables
  35
  36         # Enable Stack Clash Protection
  37         CFLAGS += -fstack-clash-protection
  38
  39         # Tell the compiler where the source will be put
  40         CFLAGS += -fdebug-prefix-map=%{DIR_SRC}=%{debugsourcedir}
  41
  42         # Avoid creating temporary files
  43         CFLAGS += -pipe
  44
  45         # Arch: x86_64
  46         CFLAGS_x86_64 = -m64 -march=x86-64-v2 -mtune=generic
  47
  48         # Enable Control Flow Technology (CET)
  49         CFLAGS_x86_64 += -fcf-protection=full
  50
  51         # Arch: aarch64
  52         CFLAGS_aarch64 = -mbranch-protection=standard
  53
  54         # Append architecture optimisations
  55         CFLAGS += %{CFLAGS_%{DISTRO_ARCH}}
  56
  57         # Enable LTO
  58         LTO_CFLAGS = -flto=auto -ffat-lto-objects
  59         CFLAGS += %{LTO_CFLAGS}
  60
  61         # Optimise linked binaries https://lwn.net/Articles/192624/
  62         LDFLAGS += -Wl,-O1
  63
  64         # Only link what we actually need
  65         LDFLAGS += -Wl,--as-needed
  66
  67         # Create an ELF "PT_GNU_RELRO" segment header in the object
  68         LDFLAGS += -Wl,-z,relro
  69
  70         # When generating an executable or shared library, mark it to tell the
  71         # dynamic linker to resolve all symbols when the program is started,
  72         # or when the shared library is linked to using dlopen, instead of
  73         # deferring function call resolution to the point when the function is
  74         # first called.
  75         LDFLAGS += -Wl,-z,now
  76
  77         # Export default compilers
  78         export CC  = gcc
  79         export CXX = g++
  80
  81         # Show libtool where to find any libraries
  82         export LT_SYS_LIBRARY_PATH = %{libdir}:
  83 end