summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Kanavin <alex.kanavin@gmail.com>2021-07-31 16:01:53 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-08-05 08:54:18 +0100
commitb205abd2aee89910cc676e25825182822b02a091 (patch)
treeb441fda0067e9e450dd67bad6b9c4b8a661057a5
parent382e70c724760d2441dd530e83e4403c98287268 (diff)
downloadpoky-b205abd2aee89910cc676e25825182822b02a091.tar.gz
local.conf.sample: disable prelink
Recent tests have shown that prelinking works only when PIE is not enabled [0], and as PIE is both a desirable security feature, and the only configuration provided and tested by Yocto, there is simply no sense in continuing to enable prelink. There's also a concern that no one is maintaining the code, and there are open bugs (including serious ones such as [1]). Given that prelink does intricate address arithmetic and rewriting of binaries the best option is to disable the feature. [0] https://rlbl.me/prelink-1 https://rlbl.me/prelink-2 [1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=14429 (From meta-yocto rev: f712b495ce6362d50db3c5c565245535429d6419) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta-poky/conf/local.conf.sample3
1 files changed, 1 insertions, 2 deletions
diff --git a/meta-poky/conf/local.conf.sample b/meta-poky/conf/local.conf.sample
index 3ef25a2a89..f1f6d690fb 100644
--- a/meta-poky/conf/local.conf.sample
+++ b/meta-poky/conf/local.conf.sample
@@ -148,8 +148,7 @@ EXTRA_IMAGE_FEATURES ?= "debug-tweaks"
148# enable extra features. Some available options which can be included in this variable 148# enable extra features. Some available options which can be included in this variable
149# are: 149# are:
150# - 'buildstats' collect build statistics 150# - 'buildstats' collect build statistics
151# - 'image-prelink' in order to prelink the filesystem image 151USER_CLASSES ?= "buildstats"
152USER_CLASSES ?= "buildstats image-prelink"
153 152
154# 153#
155# Runtime testing of images 154# Runtime testing of images