From 5b544a3bce46f5ff5f42a43468eef3cb80095678 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 27 Sep 2018 06:53:55 -0700
Subject: security_flags: disable static PIE in glibc

Static PIE doesn't work entirely right in GCC 7, for example ldconfig on ARM
with the flags enabled will something segfault during initialisation.

To mitigate this until we have GCC 8 integrated, don't enable static PIE.

(From OE-Core rev: 502de6f5db232a104eb269782a690f52fd665ef4)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/conf/distro/include/security_flags.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'meta/conf')

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index d66dd57649..aaeca6991b 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -6,7 +6,7 @@
 # in the DISTRO="poky-lsb" configuration.
 
 GCCPIE ?= "--enable-default-pie"
-GLIBCPIE ?= "--enable-static-pie"
+# If static PIE is known to work well, GLIBCPIE="--enable-static-pie" can be set
 
 # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they use
 # -O0 which then results in a compiler warning.
-- 
cgit v1.2.3-54-g00ecf