From c0d4c01dbbd2508c10e2eeb79001d7f0d100b643 Mon Sep 17 00:00:00 2001
From: Ondrej Fabry <ofabry@cisco.com>
Date: Fri, 14 Sep 2018 14:37:47 +0200
Subject: [PATCH 1/2] Use commit date as build date for more reproducible
 builds

Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 523a0c93e0..2c284fb03a 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ include vpp.env
 
 VERSION	?= $(shell git describe --always --tags --dirty)
 COMMIT	?= $(shell git rev-parse HEAD)
-DATE	:= $(shell date +'%Y-%m-%dT%H:%M%:z')
+DATE	:= $(shell git log -1 --format="%ct" | xargs -I{} date -d @{} +'%Y-%m-%dT%H:%M%:z')
 
 CNINFRA := github.com/ligato/vpp-agent/vendor/github.com/ligato/cn-infra/agent
 LDFLAGS = -X $(CNINFRA).BuildVersion=$(VERSION) -X $(CNINFRA).CommitHash=$(COMMIT) -X $(CNINFRA).BuildDate=$(DATE)

From 702947910feeb9e14471e786998e05c98fa70e58 Mon Sep 17 00:00:00 2001
From: Ondrej Fabry <ofabry@cisco.com>
Date: Fri, 14 Sep 2018 14:38:13 +0200
Subject: [PATCH 2/2] Add option to compile in pie mode for enhanced security

Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
---
 Makefile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Makefile b/Makefile
index 2c284fb03a..0830b1d293 100644
--- a/Makefile
+++ b/Makefile
@@ -11,6 +11,11 @@ ifeq ($(NOSTRIP),)
 LDFLAGS += -w -s
 endif
 
+ifeq ($(BUILDPIE),y)
+GO_BUILD_ARGS += -buildmode=pie
+LDFLAGS += -extldflags=-Wl,-z,now,-z,relro
+endif
+
 ifeq ($(V),1)
 GO_BUILD_ARGS += -v
 endif