From: "Alexander Kanavin" <alex.kanavin@gmail.com>
To: poky@lists.yoctoproject.org
Cc: Alexander Kanavin <alex.kanavin@gmail.com>
Subject: [PATCH] local.conf.sample: disable prelink
Date: Sat, 31 Jul 2021 16:01:53 +0200 [thread overview]
Message-ID: <20210731140153.765974-1-alex.kanavin@gmail.com> (raw)
Recent tests have shown that prelinking works only when PIE is not
enabled [0], and as PIE is both a desirable security feature, and the only
configuration provided and tested by Yocto, there is simply no sense
in continuing to enable prelink.
There's also a concern that no one is maintaining the code, and there
are open bugs (including serious ones such as [1]). Given that prelink
does intricate address arithmetic and rewriting of binaries the best
option is to disable the feature.
[0]
https://rlbl.me/prelink-1
https://rlbl.me/prelink-2
[1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=14429
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
meta-poky/conf/local.conf.sample | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/meta-poky/conf/local.conf.sample b/meta-poky/conf/local.conf.sample
index 53766d1a9b..4f5c32af3f 100644
--- a/meta-poky/conf/local.conf.sample
+++ b/meta-poky/conf/local.conf.sample
@@ -148,8 +148,7 @@ EXTRA_IMAGE_FEATURES ?= "debug-tweaks"
# enable extra features. Some available options which can be included in this variable
# are:
# - 'buildstats' collect build statistics
-# - 'image-prelink' in order to prelink the filesystem image
-USER_CLASSES ?= "buildstats image-prelink"
+USER_CLASSES ?= "buildstats"
#
# Runtime testing of images
--
2.31.1
next reply other threads:[~2021-07-31 14:01 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-31 14:01 Alexander Kanavin [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-07-31 14:00 [PATCH] local.conf.sample: disable prelink Alexander Kanavin
2021-07-05 18:36 Alexander Kanavin
2021-06-19 10:19 Alexander Kanavin
2021-06-15 8:12 Alexander Kanavin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210731140153.765974-1-alex.kanavin@gmail.com \
--to=alex.kanavin@gmail.com \
--cc=poky@lists.yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.