From patchwork Thu Sep 27 13:53:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Khem Raj X-Patchwork-Id: 147708 Delivered-To: patch@linaro.org Received: by 2002:a2e:8595:0:0:0:0:0 with SMTP id b21-v6csp2038277lji; Thu, 27 Sep 2018 06:54:10 -0700 (PDT) X-Google-Smtp-Source: ACcGV61NvUAk6W2VaE0I5hsOvxjKqa5Fuw4as4A5jJnbHjq/GFn33CYYSnyMrRiZj8kr4JzuSi6h X-Received: by 2002:a63:730c:: with SMTP id o12-v6mr10415550pgc.397.1538056450588; Thu, 27 Sep 2018 06:54:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538056450; cv=none; d=google.com; s=arc-20160816; b=L0nuuWLQKviGLbH+RbiIlTDHWV0ep6RYcVhgR/M7UzTzNUtNtHxDIUZztOoHy9VY0w 0fnLdlyCi2w0ANWnGK3NkeGDHrtPeFG80D0QISBZ3aTS9VvvQ1HztBfWZyQR4PMd61wc ZGw4jSjVBaa5YRk4yCaHXj2M4vUaLZ1PWkRbZNXvUFIiPT/7e6o94yCpFWxCx43ax8av VoEzxw6AIpBBfLspJgHiLFn/qmaQz7ZL/hs8bqJeLSgy/1qdfGs3c/pY7zXUXAnMZ1Ig Xy4uk+h0v3ff09v+vqyfASU5lMBhnDqeL/XjECL4gci/BJB9PLzBJDUtgr4odMXRGuRI ukGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:delivered-to; bh=N4GWRqXlcRYxnAhgXkKfIcdihSrHyHAy4lbPfjBVviM=; b=zW+FLQ1eWmFWafVUhOQy/qxewNxFo/Lqh3pLxu+uddgdTRrKn3kJ6Xby/NLRItjIkW AuRnX/sszzE/4zC5/gqpGxePy5ssBHJOmgzSxjGKi/zVqNmqQYu+ayo/5D9S9W9yvOyq wkQxVkcmOjGu+K5Vqxp7S8vWliPzMIk67c8B0ll/a1AaLe36O6u/IhZVw2Ee8zMUA6mJ l/fqvqIGKVSHBU6eEKlmkaap98Mk4UEkvsh2dayQX+08yn/ymyq40pk+IiKWnbbjB3Ru YKWmZZbZ/MGTnk1aLvt0cEpErwNk1b20vi6hVik59sUbdMT5/AJNFfYCbWQeEAbJ39Iu H7Eg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b=l5yvzJRL; spf=pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) smtp.mailfrom=openembedded-core-bounces@lists.openembedded.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from mail.openembedded.org (mail.openembedded.org. [140.211.169.62]) by mx.google.com with ESMTP id u12-v6si2029968pls.234.2018.09.27.06.54.09; Thu, 27 Sep 2018 06:54:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) client-ip=140.211.169.62; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b=l5yvzJRL; spf=pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) smtp.mailfrom=openembedded-core-bounces@lists.openembedded.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from 165.28.230.35.bc.googleusercontent.com (localhost [127.0.0.1]) by mail.openembedded.org (Postfix) with ESMTP id 6885D798D7; Thu, 27 Sep 2018 13:54:06 +0000 (UTC) X-Original-To: openembedded-core@lists.openembedded.org Delivered-To: openembedded-core@lists.openembedded.org Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) by mail.openembedded.org (Postfix) with ESMTP id 10B4774A25 for ; Thu, 27 Sep 2018 13:54:03 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id n31-v6so2022654pgm.7 for ; Thu, 27 Sep 2018 06:54:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=eO11gfj0CrPC7IT5+IT6XtGQesJlrJ0esoVUVYh1TNI=; b=l5yvzJRLcOeuWCANGSiE54mE6i0EEU3ZfxzRv5X2GilF/m2iEuDTXKIu4xfMK29WEB ksjCE2mzcm8l+mWn6NHCt8iOe7RrUm/+20QjJY3fCTiOp2ydNpVsratnWBPLtWDG0skd an8/9NSC8+bd/T6j+KeuKuDlvYi7U9FxtNujPydBrlMIwUgWks5UKLdm8hqSKRXuuVJr +QAPuMkQVDp8yv1L9QwmZnTyiKJSzXXI5Imyq97X/XTd6Og3g67/8/UPYHhYa/beIl3L e2XV0IJCfGwHV3DJtfjZmivV+zm15TPe+dJ8zs63fKn+xPd9b/k81utAJw/ARbC9ZQg5 2U5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=eO11gfj0CrPC7IT5+IT6XtGQesJlrJ0esoVUVYh1TNI=; b=ovceKtF6JRjQ3TSadmPIDzEINYdS2R36mu4gMZYbmve+oGesyllYvbiJ1x1jawcnXI QBQ0waBqT7mlRbD+p8PV0zlYelXLcTftYakyYjCbi7qA9fbPjqt1sNhCtreZOjCNbooT R4wYK1dGq8vBIFLN37lGTvba3siiq+++COoZ2fhxULqedT1N4BbkJkz9QaU5DeOLhoEj 87fnN6gKP5d9IL2Y8FJ/J1qqfK3On7Wz14NeylESgFDiDhW+6fyWJFrXZAM4Jpghe71D 5XFVNI6bnlVG2RE1Ncap37YNWVK9AHFAnwyvNFTc+7V5blX6U5OuhOaU4Y5WrdDSMG3Z P8xA== X-Gm-Message-State: ABuFfoj1gxVE+6mn6IPtPOXKlk/mgyKyVrIdlYjOEmnspLY1DYTKotUl Qqi+rqyhTW2kgBkMTzn20/6nvm9d X-Received: by 2002:a63:c84c:: with SMTP id l12-v6mr10148013pgi.77.1538056444597; Thu, 27 Sep 2018 06:54:04 -0700 (PDT) Received: from localhost.localdomain ([2601:646:877f:9499::b1b1]) by smtp.gmail.com with ESMTPSA id h4-v6sm3357861pfe.49.2018.09.27.06.54.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Sep 2018 06:54:04 -0700 (PDT) From: Khem Raj To: openembedded-core@lists.openembedded.org, akuster808@gmail.com Date: Thu, 27 Sep 2018 06:53:55 -0700 Message-Id: <20180927135355.28172-1-raj.khem@gmail.com> X-Mailer: git-send-email 2.19.0 MIME-Version: 1.0 Subject: [OE-core] [sumo][PATCH] security_flags: disable static PIE in glibc X-BeenThere: openembedded-core@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Patches and discussions about the oe-core layer List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: openembedded-core-bounces@lists.openembedded.org Errors-To: openembedded-core-bounces@lists.openembedded.org From: Ross Burton Static PIE doesn't work entirely right in GCC 7, for example ldconfig on ARM with the flags enabled will something segfault during initialisation. To mitigate this until we have GCC 8 integrated, don't enable static PIE. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie --- meta/conf/distro/include/security_flags.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.19.0 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc index d66dd57649..aaeca6991b 100644 --- a/meta/conf/distro/include/security_flags.inc +++ b/meta/conf/distro/include/security_flags.inc @@ -6,7 +6,7 @@ # in the DISTRO="poky-lsb" configuration. GCCPIE ?= "--enable-default-pie" -GLIBCPIE ?= "--enable-static-pie" +# If static PIE is known to work well, GLIBCPIE="--enable-static-pie" can be set # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they use # -O0 which then results in a compiler warning.