Add safe compilation options

Add two options when building rust: strip and stack protector.
If set `strip = true`, symbols will be stripped using `-Cstrip=symbols`.
Also can set `stack-protector` and stack protectors will be used.
This commit is contained in:
l00846161 2023-11-16 14:17:54 +08:00
parent da1da3f1a0
commit 3f8487a099
3 changed files with 23 additions and 0 deletions

View File

@ -600,6 +600,16 @@ change-id = 117813
# desired in distributions, for example.
#rpath = true
# Indicates whether symbols should be stripped using `-Cstrip=symbols`.
#strip = false
# Indicates whether stack protectors should be used
# via the unstable option `-Zstack-protector`.
#
# Valid options are : `none`(default),`basic`,`strong`, or `all`.
# `strong` and `basic` options may be buggy and are not recommended, see rust-lang/rust#114903.
#stack-protector = "none"
# Prints each test name as it is executed, to help debug issues in the test harness itself.
#verbose-tests = false

View File

@ -1667,6 +1667,12 @@ pub fn cargo(
}
}
cargo.env(profile_var("STRIP"), self.config.rust_strip.to_string());
if let Some(stack_protector) = &self.config.rust_stack_protector {
rustflags.arg(&format!("-Zstack-protector={stack_protector}"));
}
if let Some(host_linker) = self.linker(compiler.host) {
hostflags.arg(format!("-Clinker={}", host_linker.display()));
}

View File

@ -222,6 +222,8 @@ pub struct Config {
pub rust_debuginfo_level_tests: DebuginfoLevel,
pub rust_split_debuginfo: SplitDebuginfo,
pub rust_rpath: bool,
pub rust_strip: bool,
pub rust_stack_protector: Option<String>,
pub rustc_parallel: bool,
pub rustc_default_linker: Option<String>,
pub rust_optimize_tests: bool,
@ -1001,6 +1003,8 @@ struct Rust {
description: Option<String> = "description",
musl_root: Option<String> = "musl-root",
rpath: Option<bool> = "rpath",
strip: Option<bool> = "strip",
stack_protector: Option<String> = "stack-protector",
verbose_tests: Option<bool> = "verbose-tests",
optimize_tests: Option<bool> = "optimize-tests",
codegen_tests: Option<bool> = "codegen-tests",
@ -1069,6 +1073,7 @@ pub fn default_opts() -> Config {
config.docs = true;
config.docs_minification = true;
config.rust_rpath = true;
config.rust_strip = false;
config.channel = "dev".to_string();
config.codegen_tests = true;
config.rust_dist_src = true;
@ -1422,6 +1427,8 @@ fn get_table(option: &str) -> Result<TomlConfig, toml::de::Error> {
set(&mut config.rust_optimize_tests, rust.optimize_tests);
set(&mut config.codegen_tests, rust.codegen_tests);
set(&mut config.rust_rpath, rust.rpath);
set(&mut config.rust_strip, rust.strip);
config.rust_stack_protector = rust.stack_protector;
set(&mut config.jemalloc, rust.jemalloc);
set(&mut config.test_compare_mode, rust.test_compare_mode);
set(&mut config.backtrace, rust.backtrace);