* [yocto] [PATCH] SDK environment script doesn't set security options in CC and LDFLAGS variables
@ 2019-11-20 14:19 Antoine Manache
2019-11-20 14:32 ` ✗ patchtest: failure for " Patchwork
0 siblings, 1 reply; 2+ messages in thread
From: Antoine Manache @ 2019-11-20 14:19 UTC (permalink / raw)
To: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 1225 bytes --]
When building a SDK from a DISTRO with security flags enabled, options
added to
CC and LDFLAGS are not replicated in the SDK environment script.
This could lead to some situations where an application compiled with
the SDK and having some security weaknesses correctly runs on target but
crashes once integrated to the core image built with the full Yocto
stack.
Signed-off-by: Antoine Manache <a.manache@gmail.com>
---
meta/conf/distro/include/security_flags.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/conf/distro/include/security_flags.inc
b/meta/conf/distro/include/security_flags.inc
index 620978a8ed..329482bfa3 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -56,7 +56,9 @@ SECURITY_STRINGFORMAT_pn-busybox = ""
SECURITY_STRINGFORMAT_pn-gcc = ""
TARGET_CC_ARCH_append_class-target = " ${SECURITY_CFLAGS}"
+TARGET_CC_ARCH_append_class-cross-canadian = " ${SECURITY_CFLAGS}"
TARGET_LDFLAGS_append_class-target = " ${SECURITY_LDFLAGS}"
+TARGET_LDFLAGS_append_class-cross-canadian = " ${SECURITY_LDFLAGS}"
SECURITY_STACK_PROTECTOR_pn-gcc-runtime = ""
SECURITY_STACK_PROTECTOR_pn-glibc = ""
--
2.11.0
[-- Attachment #2: Type: text/html, Size: 5514 bytes --]
^ permalink raw reply related [flat|nested] 2+ messages in thread
* ✗ patchtest: failure for SDK environment script doesn't set security options in CC and LDFLAGS variables
2019-11-20 14:19 [yocto] [PATCH] SDK environment script doesn't set security options in CC and LDFLAGS variables Antoine Manache
@ 2019-11-20 14:32 ` Patchwork
0 siblings, 0 replies; 2+ messages in thread
From: Patchwork @ 2019-11-20 14:32 UTC (permalink / raw)
To: Antoine Manache; +Cc: openembedded-core
== Series Details ==
Series: SDK environment script doesn't set security options in CC and LDFLAGS variables
Revision: 1
URL : https://patchwork.openembedded.org/series/21252/
State : failure
== Summary ==
Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:
* Patch [yocto] SDK environment script doesn't set security options in CC and LDFLAGS variables
Issue Shortlog does not follow expected format [test_shortlog_format]
Suggested fix Commit shortlog (first line of commit message) should follow the format "<target>: <summary>"
If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).
---
Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-11-20 14:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-11-20 14:19 [yocto] [PATCH] SDK environment script doesn't set security options in CC and LDFLAGS variables Antoine Manache
2019-11-20 14:32 ` ✗ patchtest: failure for " Patchwork
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox