From cbe6fcb42c33a819f738f7d32751417a5b3e659d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20Rosenkr=C3=A4nzer?=
 <bernhard.rosenkraenzer.ext@huawei.com>
Date: Thu, 2 Sep 2021 19:51:17 +0200
Subject: [PATCH] grub: Remove -Werror=array-bounds from compiler flags
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

grub's MD-RAID1 implementation uses zero-length array tricks causing
array-bounds warnings.

The warnings have been verifited to be harmless in 2.06; for extra
security, this should be re-checked after updating.

Removing -Werror=array-bounds here allows us to use -Werror=array-bounds
globally in OPTIMIZE_FOR=security mode.

Signed-off-by: Bernhard RosenkrÃ¤nzer <bernhard.rosenkraenzer.ext@huawei.com>
---
 meta-ohos-core/recipes-bsp/grub/grub-efi_%.bbappend | 12 ++++++++++++
 meta-ohos-core/recipes-bsp/grub/grub_%.bbappend     | 12 ++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 meta-ohos-core/recipes-bsp/grub/grub-efi_%.bbappend
 create mode 100644 meta-ohos-core/recipes-bsp/grub/grub_%.bbappend

diff --git a/meta-ohos-core/recipes-bsp/grub/grub-efi_%.bbappend b/meta-ohos-core/recipes-bsp/grub/grub-efi_%.bbappend
new file mode 100644
index 00000000..b9147ff3
--- /dev/null
+++ b/meta-ohos-core/recipes-bsp/grub/grub-efi_%.bbappend
@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+# SPDX-License-Identifier: Apache-2.0
+
+# grub's MD-RAID1 implementation uses zero-length array tricks causing
+# array-bounds warnings.
+# The warnings have been verifited to be harmless in 2.06; for extra
+# security, this should be re-checked after updating.
+#
+# Removing -Werror=array-bounds here allows us to use -Werror=array-bounds
+# globally in OPTIMIZE_FOR=security mode.
+
+TARGET_CFLAGS_remove = "-Werror=array-bounds"
diff --git a/meta-ohos-core/recipes-bsp/grub/grub_%.bbappend b/meta-ohos-core/recipes-bsp/grub/grub_%.bbappend
new file mode 100644
index 00000000..b9147ff3
--- /dev/null
+++ b/meta-ohos-core/recipes-bsp/grub/grub_%.bbappend
@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+# SPDX-License-Identifier: Apache-2.0
+
+# grub's MD-RAID1 implementation uses zero-length array tricks causing
+# array-bounds warnings.
+# The warnings have been verifited to be harmless in 2.06; for extra
+# security, this should be re-checked after updating.
+#
+# Removing -Werror=array-bounds here allows us to use -Werror=array-bounds
+# globally in OPTIMIZE_FOR=security mode.
+
+TARGET_CFLAGS_remove = "-Werror=array-bounds"
-- 
GitLab