| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
| |
Building powerpc machines with the standard security flags generated numerous
build failures. Use a reduced set of flags for now to avoid linker issues
and other compile failures.
(From OE-Core rev: 4ef8f658874282ead0c46352474fdb03ad1f1038)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: c564bffe7a32470578a22b70e868e7bec2da0a69)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
[YOCTO #5721]
(From OE-Core rev: 0cfe254e7eafed27f512216cccfb7fee76fc0be7)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
[YOCTO #5515]
(From OE-Core rev: 840fd855a47b0a557911ae0542ed24a047af6d7b)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are similar relocation R_X86_64_PC32 issues that are solved by
removing the -pie flags.
[YOCTO #5515]
(From OE-Core rev: cd94dd3d9bba32c3fd55959586128b236d1d4e34)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems we might be stumbling over an obscure linkage issues possibly
similar to http://marc.info/?l=openssl-dev&m=130132183118768&w=2
This issue appears for x86-64 systems with the PIE related compiler flags.
libcrypto.a(cryptlib.o): relocation R_X86_64_PC32 against symbol
`OPENSSL_showfatal' can not be used when making a shared object; recompile with -fPIC
The error suggests recompiling with -fPIC, but it is already compiled that
way.
Disable the PIE flags makes it work for now, I have posted to openssl ML
[YOCTO #5515]
(From OE-Core rev: 55e1c0e66fd16612016b3e415cbfa4e3051e5a8f)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
[YOCTO #5505]
(From OE-Core rev: db628ccad9db49d0e83fb534ddfb05a57132f2fa)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some machines have hardware-specific GL drivers that do EGL and GLES (many ARM
boards). Others have their own EGL/GLES drivers and provide a Mesa DRI driver
(EMGD). Previously adding Mesa, for software GL/GLX rendering in the first case
and hardware GLX in the second, involved bbappends and changing Mesa to be
machine-specific.
By adding a just-GL Mesa the machine definition can combine it with the hardware
drivers cleanly.
(From OE-Core rev: f5a3a4bc33109181c741a2e66c13d0b45566e8fa)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Create a local SECURITY_NO_PIE_CFLAGS to cover the recipes that have
issues with with pic and pie cflags set.
(From OE-Core rev: 4f5009dcbbeb27bdf5dcaebb3b457fecef410ebe)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These flags add addition checks at compile, link and runtime to prevent
stack smashing, checking for buffer overflows, and link at program start
to prevent call spoofing later.
This needs to be explicitly enabled by adding the following line to your
local.conf:
require conf/distro/include/security_flags.inc
[YOCTO #3868]
(From OE-Core rev: ff0e863f2d345c42393a14a193f76d699745a2b9)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|