From 77e553ab6a0a98d065884a83490f28eec6df0e23 Mon Sep 17 00:00:00 2001
From: David Gumberg <davidzgumberg@gmail.com>
Date: Fri, 21 Mar 2025 14:10:13 -0700
Subject: [PATCH] build: refactor: hardening flags -> core_interface

---
 CMakeLists.txt | 40 +++++++++++++++++++---------------------
 1 file changed, 19 insertions(+), 21 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b7da687665a..2e14b1f5e8d 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -480,12 +480,10 @@ try_append_cxx_flags("-fmacro-prefix-map=A=B" TARGET core_interface SKIP_LINK
 # -fstack-reuse=none for all gcc builds. (Only gcc understands this flag).
 try_append_cxx_flags("-fstack-reuse=none" TARGET core_interface)
 
-add_library(hardening_interface INTERFACE)
-target_link_libraries(core_interface INTERFACE hardening_interface)
 if(MSVC)
-  try_append_linker_flag("/DYNAMICBASE" TARGET hardening_interface)
-  try_append_linker_flag("/HIGHENTROPYVA" TARGET hardening_interface)
-  try_append_linker_flag("/NXCOMPAT" TARGET hardening_interface)
+  try_append_linker_flag("/DYNAMICBASE" TARGET core_interface)
+  try_append_linker_flag("/HIGHENTROPYVA" TARGET core_interface)
+  try_append_linker_flag("/NXCOMPAT" TARGET core_interface)
 else()
 
   # _FORTIFY_SOURCE requires that there is some level of optimization,
@@ -499,38 +497,38 @@ else()
             }"
   )
   if(cxx_supports_fortify_source)
-    target_compile_options(hardening_interface INTERFACE
+    target_compile_options(core_interface INTERFACE
       -U_FORTIFY_SOURCE
       -D_FORTIFY_SOURCE=3
     )
   endif()
   unset(cxx_supports_fortify_source)
 
-  try_append_cxx_flags("-Wstack-protector" TARGET hardening_interface SKIP_LINK)
-  try_append_cxx_flags("-fstack-protector-all" TARGET hardening_interface)
-  try_append_cxx_flags("-fcf-protection=full" TARGET hardening_interface)
+  try_append_cxx_flags("-Wstack-protector" TARGET core_interface SKIP_LINK)
+  try_append_cxx_flags("-fstack-protector-all" TARGET core_interface)
+  try_append_cxx_flags("-fcf-protection=full" TARGET core_interface)
 
   if(MINGW)
     # stack-clash-protection is a no-op for Windows.
     # See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90458 for more details.
   else()
-    try_append_cxx_flags("-fstack-clash-protection" TARGET hardening_interface)
+    try_append_cxx_flags("-fstack-clash-protection" TARGET core_interface)
   endif()
 
   if(CMAKE_SYSTEM_PROCESSOR STREQUAL "aarch64" OR CMAKE_SYSTEM_PROCESSOR STREQUAL "arm64")
     if(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
-      try_append_cxx_flags("-mbranch-protection=bti" TARGET hardening_interface SKIP_LINK)
+      try_append_cxx_flags("-mbranch-protection=bti" TARGET core_interface SKIP_LINK)
     else()
-      try_append_cxx_flags("-mbranch-protection=standard" TARGET hardening_interface SKIP_LINK)
+      try_append_cxx_flags("-mbranch-protection=standard" TARGET core_interface SKIP_LINK)
     endif()
   endif()
 
-  try_append_linker_flag("-Wl,--enable-reloc-section" TARGET hardening_interface)
-  try_append_linker_flag("-Wl,--dynamicbase" TARGET hardening_interface)
-  try_append_linker_flag("-Wl,--nxcompat" TARGET hardening_interface)
-  try_append_linker_flag("-Wl,--high-entropy-va" TARGET hardening_interface)
-  try_append_linker_flag("-Wl,-z,relro" TARGET hardening_interface)
-  try_append_linker_flag("-Wl,-z,now" TARGET hardening_interface)
+  try_append_linker_flag("-Wl,--enable-reloc-section" TARGET core_interface)
+  try_append_linker_flag("-Wl,--dynamicbase" TARGET core_interface)
+  try_append_linker_flag("-Wl,--nxcompat" TARGET core_interface)
+  try_append_linker_flag("-Wl,--high-entropy-va" TARGET core_interface)
+  try_append_linker_flag("-Wl,-z,relro" TARGET core_interface)
+  try_append_linker_flag("-Wl,-z,now" TARGET core_interface)
   # TODO: This can be dropped once Bitcoin Core no longer supports
   #       NetBSD 10.0 or if upstream fix is backported.
   # NetBSD's dynamic linker ld.elf_so < 11.0 supports exactly 2
@@ -540,12 +538,12 @@ else()
   # - https://github.com/bitcoin/bitcoin/pull/28724#issuecomment-2589347934
   # - https://mail-index.netbsd.org/tech-userlevel/2023/01/05/msg013666.html
   if(CMAKE_SYSTEM_NAME STREQUAL "NetBSD" AND CMAKE_SYSTEM_VERSION VERSION_LESS 11.0)
-    try_append_linker_flag("-Wl,-z,noseparate-code" TARGET hardening_interface)
+    try_append_linker_flag("-Wl,-z,noseparate-code" TARGET core_interface)
   else()
-    try_append_linker_flag("-Wl,-z,separate-code" TARGET hardening_interface)
+    try_append_linker_flag("-Wl,-z,separate-code" TARGET core_interface)
   endif()
   if(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
-    try_append_linker_flag("-Wl,-fixup_chains" TARGET hardening_interface)
+    try_append_linker_flag("-Wl,-fixup_chains" TARGET core_interface)
   endif()
 endif()