rpms / bluez

Clone
Source Code
GIT

Blame SOURCES/0001-build-Enable-BIND_NOW.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   d15ffa281910c03c816c81de84edbc0c549e8008
  2.   SOURCES
  3.   0001-build-Enable-BIND_NOW.patch
Blob History Raw
d15ffa 
From e45c8fdcb3d7cdb654f6819c02d1bbb5b40b6116 Mon Sep 17 00:00:00 2001
d15ffa 
From: Florian Weimer <fweimer@redhat.com>
d15ffa 
Date: Thu, 7 Nov 2013 09:23:35 +0100
d15ffa 
Subject: [PATCH 1/4] build: Enable BIND_NOW
d15ffa
d15ffa 
Partial RELRO means that the object is GNU_RELRO but not BIND_NOW.  This
d15ffa 
reduces the effectiveness of RELRO.  bluez triggers this because it
d15ffa 
enables PIE during the build, and rpmdiff takes this as an indicator
d15ffa 
that the best possible hardening is desired.
d15ffa
d15ffa 
https://bugzilla.redhat.com/show_bug.cgi?id=983161
d15ffa 
---
d15ffa 
 acinclude.m4 | 2 +-
d15ffa 
 1 file changed, 1 insertion(+), 1 deletion(-)
d15ffa
d15ffa 
diff --git a/acinclude.m4 b/acinclude.m4
d15ffa 
index bc39c6d73..efce2f3cb 100644
d15ffa 
--- a/acinclude.m4
d15ffa 
+++ b/acinclude.m4
d15ffa 
@@ -50,7 +50,7 @@ AC_DEFUN([MISC_FLAGS], [
d15ffa 
 		if (test "${enableval}" = "yes" &&
d15ffa 
 				test "${ac_cv_prog_cc_pie}" = "yes"); then
d15ffa 
 			misc_cflags="$misc_cflags -fPIC"
d15ffa 
-			misc_ldflags="$misc_ldflags -pie"
d15ffa 
+			misc_ldflags="$misc_ldflags -pie -Wl,-z,now"
d15ffa 
 		fi
d15ffa 
 	])
d15ffa 
 	if (test "$enable_coverage" = "yes"); then
d15ffa 
--
d15ffa 
2.14.1
d15ffa

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation