* [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default
@ 2018-07-28 2:46 Khem Raj
2018-07-28 22:14 ` Burton, Ross
0 siblings, 1 reply; 4+ messages in thread
From: Khem Raj @ 2018-07-28 2:46 UTC (permalink / raw)
To: poky
This has been an opt-in for so long, some distributions e.g.
poky-lsb uses it by default however, since most of linux
distros have started to default to these settings for security
enhancements, time has come for OE to make it default too
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
meta-poky/conf/distro/poky.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
index 1c4feeceaa9..392c2383ee4 100644
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -98,4 +98,5 @@ ERROR_QA_append = " ${WARN_TO_ERROR_QA}"
require conf/distro/include/poky-world-exclude.inc
require conf/distro/include/no-static-libs.inc
require conf/distro/include/yocto-uninative.inc
+require conf/distro/include/security_flags.inc
INHERIT += "uninative"
--
2.18.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default
2018-07-28 2:46 [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default Khem Raj
@ 2018-07-28 22:14 ` Burton, Ross
2018-07-29 1:57 ` Khem Raj
0 siblings, 1 reply; 4+ messages in thread
From: Burton, Ross @ 2018-07-28 22:14 UTC (permalink / raw)
To: Khem Raj; +Cc: Poky Project
Interestingly, considering that poky-lsb used to do this, the
autobuilder is failing. See the ross/flags row on
https://autobuilder.yocto.io/tgrid.
Ross
On 28 July 2018 at 03:46, Khem Raj <raj.khem@gmail.com> wrote:
> This has been an opt-in for so long, some distributions e.g.
> poky-lsb uses it by default however, since most of linux
> distros have started to default to these settings for security
> enhancements, time has come for OE to make it default too
>
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ---
> meta-poky/conf/distro/poky.conf | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
> index 1c4feeceaa9..392c2383ee4 100644
> --- a/meta-poky/conf/distro/poky.conf
> +++ b/meta-poky/conf/distro/poky.conf
> @@ -98,4 +98,5 @@ ERROR_QA_append = " ${WARN_TO_ERROR_QA}"
> require conf/distro/include/poky-world-exclude.inc
> require conf/distro/include/no-static-libs.inc
> require conf/distro/include/yocto-uninative.inc
> +require conf/distro/include/security_flags.inc
> INHERIT += "uninative"
> --
> 2.18.0
>
> --
> _______________________________________________
> poky mailing list
> poky@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/poky
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default
2018-07-28 22:14 ` Burton, Ross
@ 2018-07-29 1:57 ` Khem Raj
2018-07-29 11:28 ` Burton, Ross
0 siblings, 1 reply; 4+ messages in thread
From: Khem Raj @ 2018-07-29 1:57 UTC (permalink / raw)
To: Burton, Ross; +Cc: poky
Hi Ross
On Sat, Jul 28, 2018 at 3:15 PM Burton, Ross <ross.burton@intel.com> wrote:
>
> Interestingly, considering that poky-lsb used to do this, the
> autobuilder is failing. See the ross/flags row on
> https://autobuilder.yocto.io/tgrid.
>
https://autobuilder.yocto.io/builders/nightly-no-x11/builds/1160/steps/Running%20Sanity%20Tests/logs/stdio
This seems to be mark failed but all tests have passed. I wonder what
is marking it so.
musl one looks real, I will take a look
> Ross
>
> On 28 July 2018 at 03:46, Khem Raj <raj.khem@gmail.com> wrote:
> > This has been an opt-in for so long, some distributions e.g.
> > poky-lsb uses it by default however, since most of linux
> > distros have started to default to these settings for security
> > enhancements, time has come for OE to make it default too
> >
> > Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > ---
> > meta-poky/conf/distro/poky.conf | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
> > index 1c4feeceaa9..392c2383ee4 100644
> > --- a/meta-poky/conf/distro/poky.conf
> > +++ b/meta-poky/conf/distro/poky.conf
> > @@ -98,4 +98,5 @@ ERROR_QA_append = " ${WARN_TO_ERROR_QA}"
> > require conf/distro/include/poky-world-exclude.inc
> > require conf/distro/include/no-static-libs.inc
> > require conf/distro/include/yocto-uninative.inc
> > +require conf/distro/include/security_flags.inc
> > INHERIT += "uninative"
> > --
> > 2.18.0
> >
> > --
> > _______________________________________________
> > poky mailing list
> > poky@yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/poky
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default
2018-07-29 1:57 ` Khem Raj
@ 2018-07-29 11:28 ` Burton, Ross
0 siblings, 0 replies; 4+ messages in thread
From: Burton, Ross @ 2018-07-29 11:28 UTC (permalink / raw)
To: Khem Raj; +Cc: Poky Project
On 29 July 2018 at 02:57, Khem Raj <raj.khem@gmail.com> wrote:
> Hi Ross
> On Sat, Jul 28, 2018 at 3:15 PM Burton, Ross <ross.burton@intel.com> wrote:
>>
>> Interestingly, considering that poky-lsb used to do this, the
>> autobuilder is failing. See the ross/flags row on
>> https://autobuilder.yocto.io/tgrid.
>>
>
> https://autobuilder.yocto.io/builders/nightly-no-x11/builds/1160/steps/Running%20Sanity%20Tests/logs/stdio
>
> This seems to be mark failed but all tests have passed. I wonder what
> is marking it so.
I've re-fired that to see if it goes away.
> musl one looks real, I will take a look
And the ppc builder basically exploded in fire.
Ross
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-07-29 11:29 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-28 2:46 [meta-poky][PATCH] poky.conf: Enable security flags+pie by defaultEnable security flags+pie by default Khem Raj
2018-07-28 22:14 ` Burton, Ross
2018-07-29 1:57 ` Khem Raj
2018-07-29 11:28 ` Burton, Ross
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.