* [sumo][PATCH] security_flags: disable static PIE in glibc
@ 2018-09-27 13:53 Khem Raj
0 siblings, 0 replies; only message in thread
From: Khem Raj @ 2018-09-27 13:53 UTC (permalink / raw)
To: openembedded-core, akuster808
From: Ross Burton <ross.burton@intel.com>
Static PIE doesn't work entirely right in GCC 7, for example ldconfig on ARM
with the flags enabled will something segfault during initialisation.
To mitigate this until we have GCC 8 integrated, don't enable static PIE.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
meta/conf/distro/include/security_flags.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index d66dd57649..aaeca6991b 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -6,7 +6,7 @@
# in the DISTRO="poky-lsb" configuration.
GCCPIE ?= "--enable-default-pie"
-GLIBCPIE ?= "--enable-static-pie"
+# If static PIE is known to work well, GLIBCPIE="--enable-static-pie" can be set
# _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they use
# -O0 which then results in a compiler warning.
--
2.19.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2018-09-27 13:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-09-27 13:53 [sumo][PATCH] security_flags: disable static PIE in glibc Khem Raj
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox