diff --git a/0014-dpdk-add-secure-compile-option-and-fStack-option.patch b/0014-dpdk-add-secure-compile-option-and-fStack-option.patch
new file mode 100644
index 0000000000000000000000000000000000000000..cc0caadf252a2778bda62bc2df12d454402a23a6
--- /dev/null
+++ b/0014-dpdk-add-secure-compile-option-and-fStack-option.patch
@@ -0,0 +1,80 @@
+diff -Nur dpdk-19.11/drivers/net/mlx4/Makefile dpdk-19.11-new/drivers/net/mlx4/Makefile
+--- dpdk-19.11/drivers/net/mlx4/Makefile	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/drivers/net/mlx4/Makefile	2021-05-21 02:13:44.066638171 +0800
+@@ -42,7 +42,7 @@
+ ifeq ($(CONFIG_RTE_IBVERBS_LINK_DLOPEN),y)
+ CFLAGS += -DMLX4_GLUE='"$(LIB_GLUE)"'
+ CFLAGS += -DMLX4_GLUE_VERSION='"$(LIB_GLUE_VERSION)"'
+-CFLAGS_mlx4_glue.o += -fPIC
++CFLAGS_mlx4_glue.o += -fPIC -fstack-protector-strong
+ LDLIBS += -ldl
+ else ifeq ($(CONFIG_RTE_IBVERBS_LINK_STATIC),y)
+ LDLIBS += $(shell $(RTE_SDK)/buildtools/options-ibverbs-static.sh)
+diff -Nur dpdk-19.11/drivers/net/mlx5/Makefile dpdk-19.11-new/drivers/net/mlx5/Makefile
+--- dpdk-19.11/drivers/net/mlx5/Makefile	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/drivers/net/mlx5/Makefile	2021-05-21 02:13:27.910562723 +0800
+@@ -57,7 +57,7 @@
+ ifeq ($(CONFIG_RTE_IBVERBS_LINK_DLOPEN),y)
+ CFLAGS += -DMLX5_GLUE='"$(LIB_GLUE)"'
+ CFLAGS += -DMLX5_GLUE_VERSION='"$(LIB_GLUE_VERSION)"'
+-CFLAGS_mlx5_glue.o += -fPIC
++CFLAGS_mlx5_glue.o += -fPIC -fstack-protector-strong
+ LDLIBS += -ldl
+ else ifeq ($(CONFIG_RTE_IBVERBS_LINK_STATIC),y)
+ LDLIBS += $(shell $(RTE_SDK)/buildtools/options-ibverbs-static.sh)
+diff -Nur dpdk-19.11/mk/exec-env/linux/rte.vars.mk dpdk-19.11-new/mk/exec-env/linux/rte.vars.mk
+--- dpdk-19.11/mk/exec-env/linux/rte.vars.mk	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/mk/exec-env/linux/rte.vars.mk	2021-05-21 02:12:09.582196934 +0800
+@@ -11,10 +11,11 @@
+ #
+ # examples for RTE_EXEC_ENV: linux, freebsd
+ #
++SEC_CFLAGS += -fstack-protector-strong
+ ifeq ($(CONFIG_RTE_BUILD_SHARED_LIB),y)
+-EXECENV_CFLAGS  = -pthread -fPIC
++EXECENV_CFLAGS  = -pthread -fPIC $(SEC_CFLAGS)
+ else
+-EXECENV_CFLAGS  = -pthread
++EXECENV_CFLAGS  = -pthread $(SEC_CFLAGS)
+ endif
+ 
+ # include in every library to build
+diff -Nur dpdk-19.11/mk/exec-env/linuxapp/rte.vars.mk dpdk-19.11-new/mk/exec-env/linuxapp/rte.vars.mk
+--- dpdk-19.11/mk/exec-env/linuxapp/rte.vars.mk	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/mk/exec-env/linuxapp/rte.vars.mk	2021-05-21 02:12:09.582196934 +0800
+@@ -11,10 +11,11 @@
+ #
+ # examples for RTE_EXEC_ENV: linux, freebsd
+ #
++SEC_CFLAGS += -fstack-protector-strong
+ ifeq ($(CONFIG_RTE_BUILD_SHARED_LIB),y)
+-EXECENV_CFLAGS  = -pthread -fPIC
++EXECENV_CFLAGS  = -pthread -fPIC $(SEC_CFLAGS)
+ else
+-EXECENV_CFLAGS  = -pthread
++EXECENV_CFLAGS  = -pthread $(SEC_CFLAGS)
+ endif
+ 
+ # include in every library to build
+diff -Nur dpdk-19.11/mk/rte.lib.mk dpdk-19.11-new/mk/rte.lib.mk
+--- dpdk-19.11/mk/rte.lib.mk	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/mk/rte.lib.mk	2021-05-21 02:07:21.524851723 +0800
+@@ -6,6 +6,7 @@
+ include $(RTE_SDK)/mk/internal/rte.clean-pre.mk
+ include $(RTE_SDK)/mk/internal/rte.build-pre.mk
+ 
++CFLAGS += -fstack-protector-strong
+ EXTLIB_BUILD ?= n
+ 
+ # VPATH contains at least SRCDIR
+diff -Nur dpdk-19.11/mk/target/generic/rte.vars.mk dpdk-19.11-new/mk/target/generic/rte.vars.mk
+--- dpdk-19.11/mk/target/generic/rte.vars.mk	2020-02-24 18:59:55.000000000 +0800
++++ dpdk-19.11-new/mk/target/generic/rte.vars.mk	2021-05-21 02:08:58.577304951 +0800
+@@ -75,6 +75,7 @@
+ include $(RTE_SDK)/mk/rte.cpuflags.mk
+ 
+ # merge all CFLAGS
++CPU_CFLAGS += -fstack-protector-strong
+ CFLAGS := $(CPU_CFLAGS) $(EXECENV_CFLAGS) $(TOOLCHAIN_CFLAGS) $(MACHINE_CFLAGS)
+ CFLAGS += $(TARGET_CFLAGS)
+ 
diff --git a/dpdk.spec b/dpdk.spec
index 0a3e673d759d687f80cf99db514b560ae9a4d09a..f8b3f417f8a6b12573f3571c7c67597253ddf504 100644
--- a/dpdk.spec
+++ b/dpdk.spec
@@ -1,6 +1,6 @@
 Name: dpdk
 Version: 19.11
-Release: 13
+Release: 14
 Packager: packaging@6wind.com
 URL: http://dpdk.org
 %global source_version  19.11
@@ -43,6 +43,7 @@ Patch33: 0010-dpdk-fix-error-in-clearing-secondary-process-memseg-lists.patch
 Patch34: 0011-dpdk-fix-coredump-when-primary-process-attach-without-shared-file.patch
 Patch35: 0012-dpdk-fix-fbarray-memseg-destory-error-during-detach.patch
 Patch36: 0013-dpdk-optimize-the-efficiency-of-compiling-dpdk.patch
+Patch37: 0014-dpdk-add-secure-compile-option-and-fStack-option.patch
 
 Summary: Data Plane Development Kit core
 Group: System Environment/Libraries
@@ -228,6 +229,9 @@ strip -g $RPM_BUILD_ROOT/lib/modules/${namer}/extra/dpdk/rte_kni.ko
 /usr/sbin/depmod
 
 %changelog
+* Fri May 21 2021 zhangyao<zhangyao05@outlook.com> - 19.11-12
+- add secure compile option sp
+
 * Mon May 24 2021 renmingshuai <renmingshuai@huawei.com> - 19.11-13
 - optimize the efficiency of compiling dpdk