[arch-dev-public] Arch Monthly Report - November
Allan McRae
allan at archlinux.org
Thu Nov 18 02:19:30 UTC 2021
On 18/11/21 00:08, Levente Polyak via arch-dev-public wrote:
> On 11/17/21 13:27, Allan McRae via arch-dev-public wrote:
>> On 17/11/21 22:03, Jelle van der Waa via arch-dev-public wrote:
>>> ## Devtools
>>>
>>> * pacman's makepkg.conf is synced with new hardening CFLAGS such as
>>> `-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security
>>> -fstack-clash-protection -fcf-protection`
>>
>> Any chance we enable LTO too. This was not added by default to the
>> pacman package - my opinion is the build resources for LTO are a bit
>> high, so the user should enable it if wanted in the system
>> makepkg.conf. But we did agree to enable it for system packages, and
>> thus needs added to devtools makepkg.conf:
>>
>> https://gitlab.archlinux.org/archlinux/rfcs/-/blob/master/rfcs/0004-lto-by-default.rst
>>
>>
>
> The idea so far was to release LTO in a second iteration as some
> concerns were raised to do both set of changes at the very same time.
My concerns about this are rather limited, as other distros use many
(all?) of the new build flags and LTO. And compiler/linker errors
should make it clear which is the issue.
Can we have a timeline for when it will be acceptable to also add LTO?
For example, after a certain proportion of packages have been rebuilt?
Is there plans for a distro-wide rebuild to get the benefits of the
added flags, and bulk fix any issues?
Allan
More information about the arch-dev-public
mailing list