why does -flto remove stack-protector

Reindl Harald h.reindl at thelounge.net
Tue Apr 28 12:24:45 UTC 2015

Am 28.04.2015 um 14:03 schrieb Florian Weimer:
> On 04/27/2015 09:28 PM, Reindl Harald wrote:
>> why are shared libraries with -flto no longer have stack protection?
> You need to provide details how you perform the final link, otherwise
> this question is impossible to answer

by just add "-flto" at the end of that 4 lines in the SPEC

export CFLAGS="%{optflags} -O3 -fPIC -fPIE -fno-strict-aliasing 
-funroll-loops -funswitch-loops -Wno-pointer-sign"

export CXXFLAGS="%{optflags} -O3 -fPIC -fPIE -fno-strict-aliasing 
-funroll-loops -funswitch-loops -Wno-pointer-sign"

export LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie %{optflags} 
-O3 -fno-strict-aliasing -funroll-loops -funswitch-loops -Wno-pointer-sign"

export SH_LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie 
%{optflags} -O3 -fno-strict-aliasing -funroll-loops -funswitch-loops 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150428/14351b5d/attachment.sig>

More information about the devel mailing list