[yocto] Using prelink in Thud and subsequent
Burton, Ross
ross.burton at intel.com
Fri Jan 4 07:51:57 PST 2019
Don't use Poky? Your own distro configuration doesn't have to include
security_flags.inc.
Ross
On Fri, 4 Jan 2019 at 15:50, Matt Hoosier <matt.hoosier at gmail.com> wrote:
>
> Hi all,
>
> With the following change, position-independent executables became the default in Poky:
>
> commit 491082c56ce34f3fd644f8d4457ccd52af951087
> Author: Khem Raj <raj.khem at gmail.com>
> Date: Fri Jul 27 19:46:14 2018 -0700
>
> poky.conf: Enable security flags+pie by defaultEnable security flags+pie by
>
> This has been an opt-in for so long, some distributions e.g.
> poky-lsb uses it by default however, since most of linux
> distros have started to default to these settings for security
> enhancements, time has come for OE to make it default too
>
> This carries the consequence that prelinking no longer really works. What's the recommendation for users that want to keep applying whole-system prelink optimizations (that is, image-prelink.bbclass)? Manually resetting SECURITY_CFLAGS to the empty string after including poky.conf will come close to undoing the effect of security_flags.inc, but there are a few places its effects will still leak out.
>
> -Matt
> --
> _______________________________________________
> yocto mailing list
> yocto at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto
More information about the yocto
mailing list