Fix missing user-space hardening and most warnings from blhc (!440) · Merge requests · Debian kernel team / linux

Ben Hutchings requested to merge benh/hardening into master Jan 16, 2022

blhc found missing hardening flags for many things we build from the tools/ directory. We need to pass those flags in different ways for different places, and we got that wrong in some places. This also fixes some upstream bugs where flags variables just weren't used.

Finally this tells blhc to ignore command lines where the standard build flags aren't appropriate:

all code in the kernel
perf-read-vdso programs, which are built for a different architecture

With these changes, 'blhc --debian' still complains about some non-verbose builds of tools used during the kernel build, but is otherwise satisfied.

Fix missing user-space hardening and most warnings from blhc

Merge request reports