packaging: Apply ASLR

For enhance tizen security, ASLR(Address space layout randomization) is default after tizen 4.0.
All executable of glibc should be built with '-pie' option.

ldconfig and glibc_post_upgrade linked statically with all libraries
are not built with '-pie' due to conflict with '-static' link option.

TC result of all submodules have consistency between before and after
this patch except for elf. because it is releated with prelink function.
so the elf TC is always fail under ASLR.

Change-Id: I8cbdf31914e0170d7d28385d830fd45a7a30d75d
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>

diff --git a/packaging/glibc.spec b/packaging/glibc.spec
index 0ad550f..ce6ba0d 100644 (file)
--- a/packaging/glibc.spec
+++ b/packaging/glibc.spec
@@ -259,7 +259,7 @@ configure_and_build_glibc() {
        local addons="$1"; shift
        mkdir "cc-$dirname"
        cd "cc-$dirname"
-       conf_cflags="$cflags -funwind-tables"
+       conf_cflags="$cflags -funwind-tables -fPIC"
 
        profile="--disable-profile"
 %if %{build_profile}
@@ -286,7 +286,8 @@ configure_and_build_glibc() {
 %endif
                --enable-kernel=%{enablekernel} \
                --enable-bind-now  --enable-obsolete-rpc \
-               --disable-nscd
+               --disable-nscd \
+               libc_cv_pie_default=yes
        # explicitly set CFLAGS to use the full CFLAGS (not the reduced one for configure)
        make %{?_smp_mflags} #CFLAGS="$cflags" BUILD_CFLAGS="$cflags"
        cd ..