| Message ID | 20260504-glibc-fix-stackprot-v1-1-fbfd0f22ddd2@sonos.com |
|---|---|
| State | Accepted, archived |
| Commit | 43f0602ede37428f3c35cf665bba934b84355240 |
| Headers | show |
| Series | glibc: Fix recipe bug that disabled stack protector | expand |
The patch is fine, but there was interest on the patch review in finding out where and why these lines were introduced. The earliest commit is this one: https://git.openembedded.org/openembedded-core/commit/?h=master-next&id=bddc141e7cec18744902787ab53c21bf28e71f78 Alex On Mon, 4 May 2026 at 23:28, Ivan Nestlerode via lists.openembedded.org <ivan.nestlerode=sonos.com@lists.openembedded.org> wrote: > > From: Ivan Nestlerode <ivan.nestlerode@sonos.com> > > Fixes [YOCTO #16265] > > The glibc recipe is supposed to be building with > --enable-stack-protector=strong, but some CACHED_CONFIGVARS values are > actually breaking this, causing glibc to be built with no stack > protector at all. > > Remove these CACHED_CONFIGVARS values so that stack protector support is > detected properly in do_configure and then enabled properly during > do_compile. > > Full details are here: > https://bugzilla.yoctoproject.org/show_bug.cgi?id=16265 > > Signed-off-by: Ivan Nestlerode <ivan.nestlerode@sonos.com> > --- > The glibc recipe is supposed to be building with > --enable-stack-protector=strong, but some CACHED_CONFIGVARS values > are actually breaking this, causing glibc to be built with no stack > protector at all. > > Full details are here: > https://bugzilla.yoctoproject.org/show_bug.cgi?id=16265 > --- > meta/recipes-core/glibc/glibc.inc | 3 --- > 1 file changed, 3 deletions(-) > > diff --git a/meta/recipes-core/glibc/glibc.inc b/meta/recipes-core/glibc/glibc.inc > index 30d93bca77..dae087d53f 100644 > --- a/meta/recipes-core/glibc/glibc.inc > +++ b/meta/recipes-core/glibc/glibc.inc > @@ -21,9 +21,6 @@ CACHED_CONFIGUREVARS += " \ > libc_cv_slibdir=${base_libdir} \ > libc_cv_rootsbindir=${base_sbindir} \ > libc_cv_localedir=${localedir} \ > - libc_cv_ssp_strong=no \ > - libc_cv_ssp_all=no \ > - libc_cv_ssp=no \ > libc_cv_include_x86_isa_level=no \ > " > > > --- > base-commit: 9ca41405e6bca276468a3b6f67eaa328b8016485 > change-id: 20260504-glibc-fix-stackprot-47134ada0b7f > > Best regards, > -- > Ivan Nestlerode <ivan.nestlerode@sonos.com> > > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#236458): https://lists.openembedded.org/g/openembedded-core/message/236458 > Mute This Topic: https://lists.openembedded.org/mt/119151502/1686489 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alex.kanavin@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
In olden days we had to solve bootstrap issues and there were chicken egg issues between glibc and gcc which we do not have today. I think this patch is fine. Please apply On Thu, May 7, 2026, 3:37 PM Alexander Kanavin via lists.openembedded.org <alex.kanavin=gmail.com@lists.openembedded.org> wrote: > The patch is fine, but there was interest on the patch review in > finding out where and why these lines were introduced. The earliest > commit is this one: > > https://git.openembedded.org/openembedded-core/commit/?h=master-next&id=bddc141e7cec18744902787ab53c21bf28e71f78 > > Alex > > On Mon, 4 May 2026 at 23:28, Ivan Nestlerode via > lists.openembedded.org > <ivan.nestlerode=sonos.com@lists.openembedded.org> wrote: > > > > From: Ivan Nestlerode <ivan.nestlerode@sonos.com> > > > > Fixes [YOCTO #16265] > > > > The glibc recipe is supposed to be building with > > --enable-stack-protector=strong, but some CACHED_CONFIGVARS values are > > actually breaking this, causing glibc to be built with no stack > > protector at all. > > > > Remove these CACHED_CONFIGVARS values so that stack protector support is > > detected properly in do_configure and then enabled properly during > > do_compile. > > > > Full details are here: > > https://bugzilla.yoctoproject.org/show_bug.cgi?id=16265 > > > > Signed-off-by: Ivan Nestlerode <ivan.nestlerode@sonos.com> > > --- > > The glibc recipe is supposed to be building with > > --enable-stack-protector=strong, but some CACHED_CONFIGVARS values > > are actually breaking this, causing glibc to be built with no stack > > protector at all. > > > > Full details are here: > > https://bugzilla.yoctoproject.org/show_bug.cgi?id=16265 > > --- > > meta/recipes-core/glibc/glibc.inc | 3 --- > > 1 file changed, 3 deletions(-) > > > > diff --git a/meta/recipes-core/glibc/glibc.inc > b/meta/recipes-core/glibc/glibc.inc > > index 30d93bca77..dae087d53f 100644 > > --- a/meta/recipes-core/glibc/glibc.inc > > +++ b/meta/recipes-core/glibc/glibc.inc > > @@ -21,9 +21,6 @@ CACHED_CONFIGUREVARS += " \ > > libc_cv_slibdir=${base_libdir} \ > > libc_cv_rootsbindir=${base_sbindir} \ > > libc_cv_localedir=${localedir} \ > > - libc_cv_ssp_strong=no \ > > - libc_cv_ssp_all=no \ > > - libc_cv_ssp=no \ > > libc_cv_include_x86_isa_level=no \ > > " > > > > > > --- > > base-commit: 9ca41405e6bca276468a3b6f67eaa328b8016485 > > change-id: 20260504-glibc-fix-stackprot-47134ada0b7f > > > > Best regards, > > -- > > Ivan Nestlerode <ivan.nestlerode@sonos.com> > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#236571): > https://lists.openembedded.org/g/openembedded-core/message/236571 > Mute This Topic: https://lists.openembedded.org/mt/119151502/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-core/glibc/glibc.inc b/meta/recipes-core/glibc/glibc.inc index 30d93bca77..dae087d53f 100644 --- a/meta/recipes-core/glibc/glibc.inc +++ b/meta/recipes-core/glibc/glibc.inc @@ -21,9 +21,6 @@ CACHED_CONFIGUREVARS += " \ libc_cv_slibdir=${base_libdir} \ libc_cv_rootsbindir=${base_sbindir} \ libc_cv_localedir=${localedir} \ - libc_cv_ssp_strong=no \ - libc_cv_ssp_all=no \ - libc_cv_ssp=no \ libc_cv_include_x86_isa_level=no \ "