From 164e812b7aba98eaf97891b2d92254e709535f59 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de>
Date: Mon, 30 Jul 2018 19:34:01 +1000
Subject: [PATCH] build: add -buildmode=pie

Make all dynbinary builds be position-independent (this adds both
security benefits and can help with flaky builds on POWER
architectures).

Signed-off-by: Aleksa Sarai <asarai@suse.de>
---
 scripts/build/dynbinary | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/build/dynbinary b/scripts/build/dynbinary
index 3c32ed342e..4feb7e71d8 100755
--- a/scripts/build/dynbinary
+++ b/scripts/build/dynbinary
@@ -9,6 +9,6 @@ source ./scripts/build/.variables
 
 echo "Building dynamically linked $TARGET"
 export CGO_ENABLED=1
-go build -o "${TARGET}" -tags pkcs11 --ldflags "${LDFLAGS}" "${SOURCE}"
+go build -o "${TARGET}" -tags pkcs11 --ldflags "${LDFLAGS}" -buildmode=pie "${SOURCE}"
 
 ln -sf "$(basename "${TARGET}")" build/docker