[OE-core] [PATCH 2/2] security_flags.inc: disable PIE for bash due to issues in mkbuiltins
Richard Purdie
richard.purdie at linuxfoundation.org
Wed Apr 8 09:59:53 UTC 2015
On Tue, 2015-04-07 at 16:53 -0400, Denys Dmytriyenko wrote:
> From: Denys Dmytriyenko <denys at ti.com>
>
> As bash builds a native tool called mkbuiltins, it fails with PIE flags:
>
> ld: mkbuiltins.o: relocation R_X86_64_32 against `.rodata.str1.8' can not be used when making a shared object; recompile with -fPIC
>
> Affects at least version 3.2 of bash.
I am a little worried about this one. Which architecture were you
building for and is this just 3.x of bash or 4.x as well? I'd like to
understand why we haven't seen this before...
Cheers,
Richard
> Signed-off-by: Denys Dmytriyenko <denys at ti.com>
> ---
> meta/conf/distro/include/security_flags.inc | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
> index 21e1a53..3401c4b 100644
> --- a/meta/conf/distro/include/security_flags.inc
> +++ b/meta/conf/distro/include/security_flags.inc
> @@ -16,6 +16,7 @@ SECURITY_CFLAGS_pn-lttng-tools_arm = "${SECURITY_NO_PIE_CFLAGS}"
> SECURITY_CFLAGS_pn-elfutils_arm = "${SECURITY_NO_PIE_CFLAGS}"
>
> SECURITY_CFLAGS_pn-aspell = "${SECURITY_NO_PIE_CFLAGS}"
> +SECURITY_CFLAGS_pn-bash = "${SECURITY_NO_PIE_CFLAGS}"
> SECURITY_CFLAGS_pn-beecrypt = "${SECURITY_NO_PIE_CFLAGS}"
> SECURITY_CFLAGS_pn-blktrace = "${SECURITY_NO_PIE_CFLAGS}"
> # Curl seems to check for FORTIFY_SOURCE in CFLAGS, but even assigned
> --
> 2.2.0
>
More information about the Openembedded-core
mailing list