[OE-core] Run experience with security flags enabled
Andreas Müller
schnitzeltony at gmail.com
Thu Sep 27 18:42:12 UTC 2018
On Thu, Sep 27, 2018 at 2:57 PM, Dan McGregor <danismostlikely at gmail.com> wrote:
> On Wed, Sep 26, 2018, 15:47 Khem Raj <raj.khem at gmail.com> wrote:
>>
>>
>>
>> On Wed, Sep 26, 2018 at 2:25 PM Andreas Müller <schnitzeltony at gmail.com>
>> wrote:
>>>
>>> Hi,
>>>
>>> from oe-core perspective my images are build on sumo (glibc 2.27). To
>>> see what to expect, I enabled security flags (and yes some recipes in
>>> my layers needed rework).
>>>
>>> Now that I have an image, I thought: let's give it a run. Apart of
>>> other issues (maybe later) I get on every startup an error message for
>>> ldconfig.
>>> systemctl ldconfig says:
>>>
>>> ● ldconfig.service - Rebuild Dynamic Linker Cache
>>> Loaded: loaded (/lib/systemd/system/ldconfig.service; static;
>>> vendor preset: enabled)
>>> Active: failed (Result: core-dump) since Mon 2018-09-24 19:05:04
>>> UTC; 2 days ago
>>> Docs: man:ldconfig(8)
>>> Process: 136 ExecStart=/sbin/ldconfig -X (code=dumped, signal=SEGV)
>>> Main PID: 136 (code=dumped, signal=SEGV)
>>>
>>> Sep 24 19:05:04 raspberrypi3 systemd[1]: Starting Rebuild Dynamic
>>> Linker Cache...
>>> Sep 24 19:05:04 raspberrypi3 systemd[1]: ldconfig.service: Main
>>> process exited, code=dumped, status=11/SEGV
>>> Sep 24 19:05:04 raspberrypi3 systemd[1]: ldconfig.service: Failed with
>>> result 'core-dump'.
>>> Sep 24 19:05:04 raspberrypi3 systemd[1]: Failed to start Rebuild
>>> Dynamic Linker Cache.
>>>
>>> Again somebody else seeing similar / remembers a fix?
>>
>>
>> I see similar issue in sumo as well
>> I do use security flags too and was not sure if that was the reason I
>> think its a good data point
>> Sadly I don’t yet have looked into the issue in detail
>
>
> GCC 7 and glibc don't play well together with static PIE. The real solution
> is to use GCC 8, but Ross made a workaround for this issue:
>
> http://git.openembedded.org/openembedded-core/commit/?id=5f64946b8740a5d944f48ec430470265703bfe5e
It seems I can confirm this: Debugging shows that the crash happens in
dl-relocate_static-pie.c _dl_relocate_static_pie line 41.
Will send this to sumo as soon as tested.
Andreas
More information about the Openembedded-core
mailing list