Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build / 6cc0c334fc8add0d53121ee09993630d804e70fc^! / . / core / combo / TARGET_linux-mips.mk
commit6cc0c334fc8add0d53121ee09993630d804e70fc[log] [tgz]
authorChris Dearman <chris@mips.com>Wed Nov 14 18:45:47 2012 -0800
committerRaghu Gandham <raghu.gandham@imgtec.com>Tue Feb 19 17:04:57 2013 -0800
tree13540ca69db95bc0d3c93b6e38990f6cc4dd47ec
parentcdacb3780667bc8d51032d1fb9388ce10bebb9c3 [diff] [blame]
[MIPS] Update build rules

Add  -D_FORTIFY_SOURCE=1 to the default cflags
Update build rule for executable with PRIVATE_ALL_WHOLE_STATIC_LIBRARIES
Use single dash version of -print-whatever
compile everything with relro / bind_now
Enable NX protections

Some other cleanups to reduce differences between ARM and MIPS config files

Change-Id: I30b4de449e6353b581ef7f9437a3bb9be53d5bbf
Signed-off-by: Chris Dearman <chris@mips.com>

diff --git a/core/combo/TARGET_linux-mips.mk b/core/combo/TARGET_linux-mips.mk
index 6a29564..5e67f3d 100644
--- a/core/combo/TARGET_linux-mips.mk
+++ b/core/combo/TARGET_linux-mips.mk

@@ -91,7 +91,9 @@
 			-ffunction-sections \
 			-fdata-sections \
 			-funwind-tables \
+			-Wa,--noexecstack \
 			-Werror=format-security \
+			-D_FORTIFY_SOURCE=1 \
 			$(arch_variant_cflags)
 
 android_config_h := $(call select-android-config-h,linux-mips)
@@ -121,10 +123,13 @@
 endif
 
 TARGET_GLOBAL_LDFLAGS += \
+			-Wl,-z,noexecstack \
+			-Wl,-z,relro \
+			-Wl,-z,now \
+			-Wl,--warn-shared-textrel \
 			$(arch_variant_ldflags)
 
-TARGET_GLOBAL_CPPFLAGS += -fvisibility-inlines-hidden \
-				-fno-use-cxa-atexit
+TARGET_GLOBAL_CPPFLAGS += -fvisibility-inlines-hidden
 
 # More flags/options can be added here
 TARGET_RELEASE_CFLAGS := \
@@ -160,7 +165,7 @@
 TARGET_FDO_LIB:=
 
 target_libgcov := $(shell $(TARGET_CC) $(TARGET_GLOBAL_CFLAGS) \
-        --print-file-name=libgcov.a)
+        -print-file-name=libgcov.a)
 ifneq ($(strip $(BUILD_FDO_INSTRUMENT)),)
   # Set BUILD_FDO_INSTRUMENT=true to turn on FDO instrumentation.
   # The profile will be generated on /data/local/tmp/profile on the device.
@@ -224,7 +229,7 @@
 $(hide) $(PRIVATE_CXX) \
 	-nostdlib -Wl,-soname,$(notdir $@) \
 	-Wl,--gc-sections \
-	-shared -Bsymbolic \
+	-Wl,-shared,-Bsymbolic \
 	$(PRIVATE_TARGET_GLOBAL_LD_DIRS) \
 	$(if $(filter true,$(PRIVATE_NO_CRT)),,$(PRIVATE_TARGET_CRTBEGIN_SO_O)) \
 	$(PRIVATE_ALL_OBJECTS) \
@@ -254,6 +259,9 @@
 	$(call normalize-target-libraries,$(PRIVATE_ALL_SHARED_LIBRARIES)) \
 	$(if $(filter true,$(PRIVATE_NO_CRT)),,$(PRIVATE_TARGET_CRTBEGIN_DYNAMIC_O)) \
 	$(PRIVATE_ALL_OBJECTS) \
+	-Wl,--whole-archive \
+	$(call normalize-target-libraries,$(PRIVATE_ALL_WHOLE_STATIC_LIBRARIES)) \
+	-Wl,--no-whole-archive \
 	$(if $(PRIVATE_GROUP_STATIC_LIBRARIES),-Wl$(comma)--start-group) \
 	$(call normalize-target-libraries,$(PRIVATE_ALL_STATIC_LIBRARIES)) \
 	$(if $(PRIVATE_GROUP_STATIC_LIBRARIES),-Wl$(comma)--end-group) \
@@ -273,6 +281,9 @@
 	$(PRIVATE_TARGET_GLOBAL_LDFLAGS) \
 	$(PRIVATE_LDFLAGS) \
 	$(PRIVATE_ALL_OBJECTS) \
+	-Wl,--whole-archive \
+	$(call normalize-target-libraries,$(PRIVATE_ALL_WHOLE_STATIC_LIBRARIES)) \
+	-Wl,--no-whole-archive \
 	$(call normalize-target-libraries,$(filter-out %libc_nomalloc.a,$(filter-out %libc.a,$(PRIVATE_ALL_STATIC_LIBRARIES)))) \
 	-Wl,--start-group \
 	$(call normalize-target-libraries,$(filter %libc.a,$(PRIVATE_ALL_STATIC_LIBRARIES))) \