[OE-core] [sumo][PATCH] security_flags: disable static PIE in glibc
Khem Raj
raj.khem at gmail.com
Thu Sep 27 13:53:55 UTC 2018
From: Ross Burton <ross.burton at intel.com>
Static PIE doesn't work entirely right in GCC 7, for example ldconfig on ARM
with the flags enabled will something segfault during initialisation.
To mitigate this until we have GCC 8 integrated, don't enable static PIE.
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
meta/conf/distro/include/security_flags.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index d66dd57649..aaeca6991b 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -6,7 +6,7 @@
# in the DISTRO="poky-lsb" configuration.
GCCPIE ?= "--enable-default-pie"
-GLIBCPIE ?= "--enable-static-pie"
+# If static PIE is known to work well, GLIBCPIE="--enable-static-pie" can be set
# _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they use
# -O0 which then results in a compiler warning.
--
2.19.0
More information about the Openembedded-core
mailing list