diff options
Diffstat (limited to 'sys-apps/kexec-tools/files/kexec-tools-2.0.9-hardened.patch')
| -rw-r--r-- | sys-apps/kexec-tools/files/kexec-tools-2.0.9-hardened.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/sys-apps/kexec-tools/files/kexec-tools-2.0.9-hardened.patch b/sys-apps/kexec-tools/files/kexec-tools-2.0.9-hardened.patch new file mode 100644 index 000000000000..01a8b4be933b --- /dev/null +++ b/sys-apps/kexec-tools/files/kexec-tools-2.0.9-hardened.patch @@ -0,0 +1,16 @@ +the purgatory subdir gets loaded into the kernel so we need to +make sure it does not get built with compiler settings like the +rest of the userland tools. that means no PIC/PIE/SSP/etc... + +--- a/purgatory/Makefile ++++ b/purgatory/Makefile +@@ -47,7 +47,8 @@ purgatory/sha256.o: $(srcdir)/util_lib/sha256.c + $(PURGATORY): CC=$(TARGET_CC) + $(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \ + $($(ARCH)_PURGATORY_EXTRA_CFLAGS) \ +- -Os -fno-builtin -ffreestanding ++ -Os -fno-builtin -ffreestanding \ ++ -fno-PIC -fno-PIE -fno-stack-protector + + $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \ + -I$(srcdir)/purgatory/include \ |