Message ID | PR0P264MB3595982976989FEC3ED89B43F8622@PR0P264MB3595.FRAP264.PROD.OUTLOOK.COM |
---|---|
State | New |
Headers | show |
Series | security-flags: Re-enable pie for power pc | expand |
Thanks for the patch. Overall it seems ok, would be great if you mentioned how you tested it On Tue, Sep 17, 2024 at 10:45 PM GROSSSCHARTNER Benjamin via lists.openembedded.org <benjamin.grossschartner=urbanandmainlines.com@lists.openembedded.org> wrote: > > Classified as: {Hitachi Rail - Public} > > From f04017bf8bc0a4325de9e51251cd4d6dcdc1ecf0 Mon Sep 17 00:00:00 2001 > From: Benjamin Grossschartner <benjamin.grossschartner@urbanandmainlines.com> > Date: Wed, 18 Sep 2024 07:11:16 +0200 > Subject: [PATCH] security-flags: Re-enable pie for power pc > > pie now works with gcc on powerpc, see: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81170 > > Signed-off-by: Benjamin Grossschartner <benjamin.grossschartner@urbanandmainlines.com> > --- > meta/conf/distro/include/security_flags.inc | 6 ------ > 1 file changed, 6 deletions(-) > > diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc > index d97a6edb0f..f713a99465 100644 > --- a/meta/conf/distro/include/security_flags.inc > +++ b/meta/conf/distro/include/security_flags.inc > @@ -31,12 +31,6 @@ SECURITY_NO_PIE_CFLAGS ?= "${SECURITY_STACK_PROTECTOR} ${lcl_maybe_fortify} ${SE > SECURITY_LDFLAGS ?= "-Wl,-z,relro,-z,now" > SECURITY_X_LDFLAGS ?= "-Wl,-z,relro" > > -# powerpc does not get on with pie for reasons not looked into as yet > -GCCPIE:powerpc = "" > -GLIBCPIE:powerpc = "" > -SECURITY_CFLAGS:remove:powerpc = "${SECURITY_PIE_CFLAGS}" > -SECURITY_CFLAGS:pn-libgcc:powerpc = "" > - > SECURITY_CFLAGS:pn-glibc = "" > SECURITY_CFLAGS:pn-glibc-testsuite = "" > SECURITY_CFLAGS:pn-gcc-runtime = "" > -- > 2.34.1 > > > {Hitachi Rail - Public} > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#204632): https://lists.openembedded.org/g/openembedded-core/message/204632 > Mute This Topic: https://lists.openembedded.org/mt/108515753/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
Classified as: {Hitachi Rail – Public} Tested by building "core-image-full-cmdline" for qemuppc and we are using a toolchain with pie enabled for building our own custom images for powerpc. Best regards Benjamin {Hitachi Rail – Public} -----Original Message----- From: Khem Raj <raj.khem@gmail.com> Sent: Mittwoch, 18. September 2024 08:31 To: GROSSSCHARTNER Benjamin <benjamin.grossschartner@urbanandmainlines.com> Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [PATCH] security-flags: Re-enable pie for power pc [You don't often get email from raj.khem@gmail.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] Thanks for the patch. Overall it seems ok, would be great if you mentioned how you tested it On Tue, Sep 17, 2024 at 10:45 PM GROSSSCHARTNER Benjamin via lists.openembedded.org <benjamin.grossschartner=urbanandmainlines.com@lists.openembedded.org> wrote: > > Classified as: {Hitachi Rail - Public} > > From f04017bf8bc0a4325de9e51251cd4d6dcdc1ecf0 Mon Sep 17 00:00:00 2001 > From: Benjamin Grossschartner > <benjamin.grossschartner@urbanandmainlines.com> > Date: Wed, 18 Sep 2024 07:11:16 +0200 > Subject: [PATCH] security-flags: Re-enable pie for power pc > > pie now works with gcc on powerpc, see: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81170 > > Signed-off-by: Benjamin Grossschartner > <benjamin.grossschartner@urbanandmainlines.com> > --- > meta/conf/distro/include/security_flags.inc | 6 ------ > 1 file changed, 6 deletions(-) > > diff --git a/meta/conf/distro/include/security_flags.inc > b/meta/conf/distro/include/security_flags.inc > index d97a6edb0f..f713a99465 100644 > --- a/meta/conf/distro/include/security_flags.inc > +++ b/meta/conf/distro/include/security_flags.inc > @@ -31,12 +31,6 @@ SECURITY_NO_PIE_CFLAGS ?= > "${SECURITY_STACK_PROTECTOR} ${lcl_maybe_fortify} ${SE SECURITY_LDFLAGS ?= "-Wl,-z,relro,-z,now" > SECURITY_X_LDFLAGS ?= "-Wl,-z,relro" > > -# powerpc does not get on with pie for reasons not looked into as yet > -GCCPIE:powerpc = "" > -GLIBCPIE:powerpc = "" > -SECURITY_CFLAGS:remove:powerpc = "${SECURITY_PIE_CFLAGS}" > -SECURITY_CFLAGS:pn-libgcc:powerpc = "" > - > SECURITY_CFLAGS:pn-glibc = "" > SECURITY_CFLAGS:pn-glibc-testsuite = "" > SECURITY_CFLAGS:pn-gcc-runtime = "" > -- > 2.34.1 > > > {Hitachi Rail - Public} > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#204632): > https://lists.openembedded.org/g/openembedded-core/message/204632 > Mute This Topic: https://lists.openembedded.org/mt/108515753/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub > [raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc index d97a6edb0f..f713a99465 100644 --- a/meta/conf/distro/include/security_flags.inc +++ b/meta/conf/distro/include/security_flags.inc @@ -31,12 +31,6 @@ SECURITY_NO_PIE_CFLAGS ?= "${SECURITY_STACK_PROTECTOR} ${lcl_maybe_fortify} ${SE SECURITY_LDFLAGS ?= "-Wl,-z,relro,-z,now" SECURITY_X_LDFLAGS ?= "-Wl,-z,relro" -# powerpc does not get on with pie for reasons not looked into as yet -GCCPIE:powerpc = "" -GLIBCPIE:powerpc = "" -SECURITY_CFLAGS:remove:powerpc = "${SECURITY_PIE_CFLAGS}" -SECURITY_CFLAGS:pn-libgcc:powerpc = "" - SECURITY_CFLAGS:pn-glibc = "" SECURITY_CFLAGS:pn-glibc-testsuite = "" SECURITY_CFLAGS:pn-gcc-runtime = ""