diff --git a/meta-ohos-staging/recipes-devtools/gcc/gcc-11.2.inc b/meta-ohos-staging/recipes-devtools/gcc/gcc-11.2.inc
index 31dbc072b87dc93d61ace18409cafee22b8b7dbf..b625fba083604a4ee828d50986fdc8c079583f00 100644
--- a/meta-ohos-staging/recipes-devtools/gcc/gcc-11.2.inc
+++ b/meta-ohos-staging/recipes-devtools/gcc/gcc-11.2.inc
@@ -116,3 +116,13 @@ EXTRA_OECONF_PATHS = "\
     --with-sysroot=/not/exist \
     --with-build-sysroot=${STAGING_DIR_TARGET} \
 "
+
+# gcc triggers some warnings (format string security issues) because of
+# very low-level code. Those warnings are harmless (last checked in 11.2).
+# Let's make sure we don't error out on them so we can enable the extra
+# checks globally in OPTIMIZE_FOR=security mode.
+#
+# Since parts of gcc are built with -Werror, we have to remove even the
+# -W flags, not just -Werror=.
+#
+TARGET_CFLAGS_remove = "-Wformat-security -Werror=format-security -Wformat-nonliteral -Werror=format-nonliteral"