why use a hardened toolchain?

Robert Connolly robert at linuxfromscratch.org
Fri Nov 25 22:57:32 PST 2005


It's mainly for consitancy. So that where possible chapter 5 is compiled with 
the same versions and build type as chapter 6. It's better for bootstrapping 
to compile a pie/pic/ssp system with a pie/pic/ssp toolchain and environment. 
The glibc-ssp and arc4random patches are nescessary in chapter 5, but the 
rest technically isn't.

robert
 
On November 25, 2005 02:00 pm, Sebastian Faulborn wrote:
> Hello everybody!
>
> Can anyone tell me, why HLFS compiles a hardened toolchain?
> ie. things like:
>
> sed -e 's/^CFLAGS\t.*$/& -pie -fpie/' \
>     -i {progs,tack}/Makefile.in
>
>
> in chapter 5.
>
> Is there a need to compile SSP and pic/pie in chapter 5?
> Wouldn't it be enough to use the toolchain from LFS and just patch
> binutils/gcc/glibc so that chapter 6 can be compiled with
> SSP/pic/pie/arc4random/erandom etc?
>
> Thanks a lot!
>
> Sebastian Faulborn



More information about the hlfs-dev mailing list