From: Fred Morcos <fred.morcos@open-xchange.com>
Date: Wed, 12 Jul 2023 11:43:10 +0000 (+0200)
Subject: Meson: Refactor some compiler hardening features
X-Git-Tag: rec-5.1.0-alpha1~80^2~339
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e5eaade00e7d0fb2787a14bdfe6fa3599b7ed2d;p=thirdparty%2Fpdns.git

Meson: Refactor some compiler hardening features
---

diff --git a/meson/hardening/fortify-source/meson.build b/meson/hardening/fortify-source/meson.build
index 9be7d5ea4b..1d9b61f6dc 100644
--- a/meson/hardening/fortify-source/meson.build
+++ b/meson/hardening/fortify-source/meson.build
@@ -1,5 +1,5 @@
 # Fortify Source
-# Inputs: hardening_features
+# Inputs: hardening_features deps
 
 fortify_source_opt = get_option('fortify-source')
 
@@ -16,7 +16,8 @@ if fortify_source_opt != 'disabled'
     variant_str = variant.to_string()
     if fortify_source_level == variant
       if cxx.has_argument('-D_FORTIFY_SOURCE=' + variant_str)
-        add_project_arguments('-U_FORTIFY_SOURCE', '-D_FORTIFY_SOURCE=' + variant_str, language: 'cpp')
+        dep_fortify = declare_dependency(compile_args: ['-U_FORTIFY_SOURCE', '-D_FORTIFY_SOURCE=' + variant_str])
+        deps += dep_fortify
         break
       else
         fortify_source_level = fortify_source_level - 1
diff --git a/meson/hardening/global-offset-table/meson.build b/meson/hardening/global-offset-table/meson.build
index a1330095dd..bef947ae80 100644
--- a/meson/hardening/global-offset-table/meson.build
+++ b/meson/hardening/global-offset-table/meson.build
@@ -1,5 +1,5 @@
 # Read-only Global Offset Table
-# Inputs: hardening_features
+# Inputs: hardening_features deps
 
 ld_help = run_command(cxx, '-Wl,-help', '2>&1', check: true).stdout().strip()
 variants = ['relro', 'now']
@@ -7,7 +7,8 @@ found_variant = false
 foreach variant: variants
   if ld_help.contains('-z ' + variant)
     found_variant = true
-    add_project_link_arguments('-Wl,-z', '-Wl,' + variant, language: 'cpp')
+    dep_relro = declare_dependency(link_args: ['-Wl,-z', '-Wl,' + variant])
+    deps += dep_relro
   endif
 endforeach
 
diff --git a/meson/hardening/pie/meson.build b/meson/hardening/pie/meson.build
index 5f4b827a64..1f0ffd2ea7 100644
--- a/meson/hardening/pie/meson.build
+++ b/meson/hardening/pie/meson.build
@@ -1,5 +1,5 @@
 # PIE
-# Inputs: hardening_features conf
+# Inputs: hardening_features conf deps
 
 prog = '''
 #include <pthread.h>
@@ -23,10 +23,11 @@ else
   foreach variant: pie_variants
     cflags = variant[0]
     ldflags = variant[1]
+    dep_pie = declare_dependency(compile_args: cflags, link_args: ldflags)
 
+    # if cxx.links(prog, dependencies: dep_pie, name: 'compiler can build Position Independent Executables')   # TODO Meson 0.57
     if cxx.links(prog, args: cflags + ldflags, name: 'compiler can build Position Independent Executables')
-      add_project_arguments(cflags, language: 'cpp')
-      add_project_link_arguments(ldflags, language: 'cpp')
+      deps += dep_pie
       found_variant = true
       break
     endif
diff --git a/meson/hardening/stack-prot/meson.build b/meson/hardening/stack-prot/meson.build
index 648da003a2..a6dd8780c6 100644
--- a/meson/hardening/stack-prot/meson.build
+++ b/meson/hardening/stack-prot/meson.build
@@ -1,10 +1,11 @@
 # Stack Protector
-# Inputs: hardening_features
+# Inputs: hardening_features deps
 
 support_stack_protector = cxx.has_argument('-fstack-protector')
 
 if support_stack_protector
-  add_project_arguments('-fstack-protector', language: ['c', 'cpp'])
+  dep_sp = declare_dependency(compile_args: ['-fstack-protector'])
+  deps += dep_sp
 endif
 
 hardening_features += [[support_stack_protector, 'Stack Protector']]