[OE-core] [RESEND PATCH 1/2] security_flags: Remove stack protector flags from LDFLAGS
Junling Zheng
zhengjunling at huawei.com
Tue Mar 3 03:22:32 UTC 2020
On 2020/3/3 2:40, Khem Raj wrote:
>
>
> On 3/2/20 9:17 AM, Junling Zheng wrote:
>> The stack protector flag is a compile option, not a link option, so
>> remove it from LDFLAGS.
>
> we use compiler driver to do linking as well, what does this change fix for you.
>
I know that we use gcc to do linking, and this is just a code cleaning, not a bugfix :)
>>
>> Signed-off-by: Junling Zheng <zhengjunling at huawei.com>
>> ---
>> meta/conf/distro/include/security_flags.inc | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
>> index aaf04e9e59..5b79340be9 100644
>> --- a/meta/conf/distro/include/security_flags.inc
>> +++ b/meta/conf/distro/include/security_flags.inc
>> @@ -26,8 +26,8 @@ SECURITY_STACK_PROTECTOR ?= "-fstack-protector-strong"
>> SECURITY_CFLAGS ?= "${SECURITY_STACK_PROTECTOR} ${SECURITY_PIE_CFLAGS} ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}"
>> SECURITY_NO_PIE_CFLAGS ?= "${SECURITY_STACK_PROTECTOR} ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}"
>> -SECURITY_LDFLAGS ?= "${SECURITY_STACK_PROTECTOR} -Wl,-z,relro,-z,now"
>> -SECURITY_X_LDFLAGS ?= "${SECURITY_STACK_PROTECTOR} -Wl,-z,relro"
>> +SECURITY_LDFLAGS ?= "-Wl,-z,relro,-z,now"
>> +SECURITY_X_LDFLAGS ?= "-Wl,-z,relro"
>> # powerpc does not get on with pie for reasons not looked into as yet
>> GCCPIE_powerpc = ""
>>
>
>
More information about the Openembedded-core
mailing list