mirror of
https://git.yoctoproject.org/poky
synced 2026-07-02 08:13:38 +02:00
security_flags.inc: remove obsolete workarounds for curl
The curl configure script contains sanity checks for unexpected
options being passed via CFLAGS, LDFLAGS, etc. environment variables.
These sanity checks catch -Dxxx options in CFLAGS, which clashes with
OE's approach of using CFLAGS to pass -D_FORTIFY_SOURCE (curl's
configure script suggests, quite correctly, that -Dxxx options should
be passed via CPPFLAGS instead).
These sanity checks previously generated fatal errors, but have been
downgraded to warnings since curl v7.32. Therefore the workaround of
avoiding -D_FORTIFY_SOURCE for curl is obsolete and can be removed.
5d3cbde72e
(From OE-Core rev: d0dfd7bf9b2d6fb269f4d9b62263fd7ccc805fde)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
committed by
Richard Purdie
parent
31ce0271e6
commit
77fde15551
@@ -28,11 +28,7 @@ SECURITY_CFLAGS_pn-aspell = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-beecrypt = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-blktrace = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-coreutils = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
# Curl seems to check for FORTIFY_SOURCE in CFLAGS, but even assigned
|
||||
# to CPPFLAGS it gets picked into CFLAGS in bitbake.
|
||||
#TARGET_CPPFLAGS_pn-curl += "-D_FORTIFY_SOURCE=2"
|
||||
SECURITY_CFLAGS_pn-cups = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-curl = "-fstack-protector-all -pie -fpie"
|
||||
SECURITY_CFLAGS_pn-db = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-directfb = "${SECURITY_NO_PIE_CFLAGS}"
|
||||
SECURITY_CFLAGS_pn-glibc = ""
|
||||
|
||||
Reference in New Issue
Block a user