StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Force -fno-exceptions compiler option.

Browse Source 
Add hardening compiler options (enabled via SAPI_HARDENED_SOURCE)

PiperOrigin-RevId: 347081406
Change-Id: I6c293a95a3bb05ea3b581bd9497381847c7aa510
This commit is contained in:
Sandboxed API Team 2020-12-11 14:58:01 -08:00 committed by Copybara-Service
parent 13ff7a42da
commit d172411d7b
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CMakeLists.txt
View File

@ -55,6 +55,13 @@ if (SAPI_FORCE_COLOR_OUTPUT)
endif() endif()
endif() endif()
# TODO(cblichmann): Only apply this to SAPI and its dependencies
add_compile_options(-fno-exceptions)
if(SAPI_HARDENED_SOURCE)
add_compile_options(-fstack-protector -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2)
endif()
# Make Bazel-style includes work # Make Bazel-style includes work
configure_file(cmake/libcap_capability.h.in configure_file(cmake/libcap_capability.h.in
libcap/include/sys/capability.h libcap/include/sys/capability.h

2
cmake/SapiOptions.cmake
View File

@ -36,4 +36,6 @@ option(SAPI_DOWNLOAD_ZLIB "Download zlib at config time (only if SAPI_ENABLE_EXA
option(SAPI_ENABLE_TESTS "Build unit tests" ON) option(SAPI_ENABLE_TESTS "Build unit tests" ON)
option(SAPI_ENABLE_GENERATOR "Build Clang based code generator from source" OFF) option(SAPI_ENABLE_GENERATOR "Build Clang based code generator from source" OFF)
option(SAPI_HARDENED_SOURCE "Build with hardening compiler options" OFF)
option(SAPI_FORCE_COLOR_OUTPUT "Force colored compiler diagnostics when using Ninja" ON) option(SAPI_FORCE_COLOR_OUTPUT "Force colored compiler diagnostics when using Ninja" ON)