[OE-core] [PATCH 2/3] pulseaudio: disable PIE flags when hardened flags are enabled
Khem Raj
raj.khem at gmail.com
Mon Apr 22 20:28:39 UTC 2019
On Mon, Apr 22, 2019 at 6:33 AM Tanu Kaskinen <tanuk at iki.fi> wrote:
> On Fri, 2017-06-09 at 10:10 -0700, Khem Raj wrote:
> > On Fri, Jun 9, 2017 at 9:38 AM, Tanu Kaskinen <tanuk at iki.fi> wrote:
> > > On Fri, 2017-06-09 at 13:07 +0000, Khem Raj wrote:
> > > > On Fri, Jun 9, 2017 at 5:56 AM Burton, Ross <ross.burton at intel.com>
> wrote:
> > > >
> > > > > On 9 June 2017 at 04:41, Khem Raj <raj.khem at gmail.com> wrote:
> > > > >
> > > > > > +SECURITY_CFLAGS = "${SECURITY_NO_PIE_CFLAGS}"
> > > > > >
> > > > >
> > > > > These tend to go into security-flags.inc, not the recipe.
> > > > >
> > > >
> > > > I know that's been the case but I think having a global file is
> error prone
> > > > its better to have it in recipe context since it can get attention at
> > > > upgrade time to test if this has been fixed in new release etc
> > >
> > > Do you mean that there's some bug in pulseaudio, and this is a
> > > workaround for it? Is the bug that there are textrels? Ross saw
> > > textrels in pulseaudio before (see the discussion starting at [1]), but
> > > I was unable to reproduce that. If you give instructions for
> > > reproducing the problem, I'll see if I can fix pulseaudio (until then
> > > I'm fine with having a workaround).
> > >
> >
> > yes there is a bug lurking when compiling with hardening flags are
> turned on
> > so you can do something like
> >
> > in local.conf
> >
> > require conf/distro/include/security_flags.inc
> >
> > then
> >
> > MACHINE=qemux86 bitbake pulseaudio
> >
> > it also happens on arm so qemuarm will reproduce it too.
> >
> > some assembly code is probably missing using GOT relative accesses
>
> Resurrecting this ancient thread... I finally tried to reproduce this
> problem with the given instructions. No success. Have you still been
> running into this issue?
I don’t know for sure if this still exists but we did disable assembly in
few packages which addresses this issue since in assembly PIC has to be
respected
In hand written code
You might have to check if we did something similar for pulseaudio
>
>
> --
> Tanu
>
> https://www.patreon.com/tanuk
> https://liberapay.com/tanuk
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20190422/06ac437e/attachment.html>
More information about the Openembedded-core
mailing list