[oe-commits] [openembedded-core] 02/69: security_flags.inc: Special flags are needed for RPM
git at git.openembedded.org
git at git.openembedded.org
Mon Mar 7 22:11:52 UTC 2016
rpurdie pushed a commit to branch master-next
in repository openembedded-core.
commit 0628eb7a2be7914a97125afa219568bf4f8b32d4
Author: Mark Hatle <mark.hatle at windriver.com>
AuthorDate: Fri Mar 4 13:03:52 2016 -0600
security_flags.inc: Special flags are needed for RPM
RPM interally has support to build and work with the stack protector.
This is disabled by default in the RPM package, and the proper settings
should be specified in the security_flags. Using the default setting of
stack-protector-strong causes linking problems due to issues with libtool
selecting the wrong GCC objections to link against.
Falling back to the RPM values of stack-protector will permit linking to
work properly, and some level of protection.
Signed-off-by: Mark Hatle <mark.hatle at windriver.com>
---
meta/conf/distro/include/security_flags.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index ed82087..ff5f34e 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -78,6 +78,8 @@ SECURITY_CFLAGS_pn-python-pycurl = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-python-smartpm = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-python-numpy = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-python3 = "${SECURITY_NO_PIE_CFLAGS}"
+# Revert RPM to using internally supported values
+SECURITY_CFLAGS_pn-rpm = "${lcl_maybe_fortify} -fstack-protector"
SECURITY_CFLAGS_pn-syslinux = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-tcl = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-tiff = "${SECURITY_NO_PIE_CFLAGS}"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list