diff options
author | Andre McCurdy <armccurdy@gmail.com> | 2016-01-13 19:35:09 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-19 17:37:34 +0000 |
commit | 77fde15551e76a8473b19ed3cd032bd15c493615 (patch) | |
tree | 2d1ac12581f3e960f92797ea6867c86e3952985c /meta | |
parent | 31ce0271e66e17d981fec1a372b531af5f2d021e (diff) | |
download | poky-77fde15551e76a8473b19ed3cd032bd15c493615.tar.gz |
security_flags.inc: remove obsolete workarounds for curl
The curl configure script contains sanity checks for unexpected
options being passed via CFLAGS, LDFLAGS, etc. environment variables.
These sanity checks catch -Dxxx options in CFLAGS, which clashes with
OE's approach of using CFLAGS to pass -D_FORTIFY_SOURCE (curl's
configure script suggests, quite correctly, that -Dxxx options should
be passed via CPPFLAGS instead).
These sanity checks previously generated fatal errors, but have been
downgraded to warnings since curl v7.32. Therefore the workaround of
avoiding -D_FORTIFY_SOURCE for curl is obsolete and can be removed.
https://github.com/bagder/curl/commit/5d3cbde72ece7d83c280492957a26e26ab4e5cca
(From OE-Core rev: d0dfd7bf9b2d6fb269f4d9b62263fd7ccc805fde)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/conf/distro/include/security_flags.inc | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc index 1795750fb3..ac4fc65a6f 100644 --- a/meta/conf/distro/include/security_flags.inc +++ b/meta/conf/distro/include/security_flags.inc | |||
@@ -28,11 +28,7 @@ SECURITY_CFLAGS_pn-aspell = "${SECURITY_NO_PIE_CFLAGS}" | |||
28 | SECURITY_CFLAGS_pn-beecrypt = "${SECURITY_NO_PIE_CFLAGS}" | 28 | SECURITY_CFLAGS_pn-beecrypt = "${SECURITY_NO_PIE_CFLAGS}" |
29 | SECURITY_CFLAGS_pn-blktrace = "${SECURITY_NO_PIE_CFLAGS}" | 29 | SECURITY_CFLAGS_pn-blktrace = "${SECURITY_NO_PIE_CFLAGS}" |
30 | SECURITY_CFLAGS_pn-coreutils = "${SECURITY_NO_PIE_CFLAGS}" | 30 | SECURITY_CFLAGS_pn-coreutils = "${SECURITY_NO_PIE_CFLAGS}" |
31 | # Curl seems to check for FORTIFY_SOURCE in CFLAGS, but even assigned | ||
32 | # to CPPFLAGS it gets picked into CFLAGS in bitbake. | ||
33 | #TARGET_CPPFLAGS_pn-curl += "-D_FORTIFY_SOURCE=2" | ||
34 | SECURITY_CFLAGS_pn-cups = "${SECURITY_NO_PIE_CFLAGS}" | 31 | SECURITY_CFLAGS_pn-cups = "${SECURITY_NO_PIE_CFLAGS}" |
35 | SECURITY_CFLAGS_pn-curl = "-fstack-protector-all -pie -fpie" | ||
36 | SECURITY_CFLAGS_pn-db = "${SECURITY_NO_PIE_CFLAGS}" | 32 | SECURITY_CFLAGS_pn-db = "${SECURITY_NO_PIE_CFLAGS}" |
37 | SECURITY_CFLAGS_pn-directfb = "${SECURITY_NO_PIE_CFLAGS}" | 33 | SECURITY_CFLAGS_pn-directfb = "${SECURITY_NO_PIE_CFLAGS}" |
38 | SECURITY_CFLAGS_pn-glibc = "" | 34 | SECURITY_CFLAGS_pn-glibc = "" |