Yes, we do use prelink.  I think our use case primarily benefits from CoW memory savings, rather than load times.  Of course, GCCPIE can be overridden in the distro layer, but seeing as image-prelink.bbclass still exists upstream, the default definition should support configurations that choose to enable it. 

I think we pretty much abandoned prelink at this point, are you using it and do you see the benefits?

 

Alex

 

On Thu, 20 Jan 2022 at 04:30, <bkylerussell@gmail.com> wrote:

Since a prelinked rootfs is in conflict with PIE, don't attempt the latter
if the image enables prelink.
---
 meta/conf/distro/include/security_flags.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index e469eadca1..be6feb9e5f 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -5,7 +5,7 @@
 # From a Yocto Project perspective, this file is included and tested
 # in the DISTRO="poky" configuration.

-GCCPIE ?= "--enable-default-pie"
+GCCPIE ?= "${@bb.utils.contains('USER_CLASSES', 'image-prelink', '--disable-default-pie', '--enable-default-pie', d)}"
 # If static PIE is known to work well, GLIBCPIE="--enable-static-pie" can be set

 # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they use
--
2.25.1