On Fri, 2017-06-09 at 13:07 +0000, Khem Raj wrote: > On Fri, Jun 9, 2017 at 5:56 AM Burton, Ross <[email protected]> wrote: > > > > > On 9 June 2017 at 04:41, Khem Raj <[email protected]> wrote: > > > > > +SECURITY_CFLAGS = "${SECURITY_NO_PIE_CFLAGS}" > > > > > > > These tend to go into security-flags.inc, not the recipe. > > > > I know that's been the case but I think having a global file is error > prone > its better to have it in recipe context since it can get attention at > upgrade time to test if this has been fixed in new release etc
Isn't one of the main root causes really that bitbake passes -fpie -pie even when the recipe is building a shared library? (Maybe not in this case here, though). Obviously, bitbake doesn't really know about shared libraries, and yes, each recipe's build system could filter out pie flags for shared library targets, but that's probably better done at libtool level: http://lists.openembedded.org/pipermail/openembedded-devel/2016-November/110048.html Cheers, Andre' -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
