diff --git a/add-PIE-and-BIND_NOW-for-some-binaries.patch b/add-PIE-and-BIND_NOW-for-some-binaries.patch
deleted file mode 100644
index a9b5fcfbe7ee9b5647ffcae715b278200833c8a2..0000000000000000000000000000000000000000
--- a/add-PIE-and-BIND_NOW-for-some-binaries.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 6d629a4f5387834211d61b6a332246ff4ef6d3cb Mon Sep 17 00:00:00 2001
-From: sunguoshuai <sunguoshuai@huawei.com>
-Date: Sat, 20 Mar 2021 17:38:08 +0800
-Subject: [PATCH] add PIE and BIND_NOW for some binaries
-
----
- Config.mk          | 3 ++-
- tb_polgen/Makefile | 2 +-
- utils/Makefile     | 2 +-
- 3 files changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/Config.mk b/Config.mk
-index a47147a..06b346c 100644
---- a/Config.mk
-+++ b/Config.mk
-@@ -74,7 +74,8 @@ TARGET_ARCH  ?= $(shell uname -m | sed -e s/i.86/x86_32/ -e s/i86pc/x86_32/)
- CFLAGS += $(CFLAGS_WARN) -fno-strict-aliasing -std=gnu99
- # due to bug in gcc v4.2,3,?
- CFLAGS += $(call cc-option,$(CC),-Wno-array-bounds,)
--
-+LDFLAGS += -Wl,-z,now,-z,relro,-z,noexecstack -fPIE
-+CFLAGS += -fPIE
- 
- ifeq ($(debug),y)
- CFLAGS += -g -DDEBUG
-diff --git a/tb_polgen/Makefile b/tb_polgen/Makefile
-index 742244d..5dcade1 100644
---- a/tb_polgen/Makefile
-+++ b/tb_polgen/Makefile
-@@ -10,7 +10,7 @@
- ROOTDIR ?= $(CURDIR)/..
- 
- include $(ROOTDIR)/Config.mk
--
-+CFLAGS += -fstack-protector-strong
- 
- TARGET = tb_polgen
- 
-diff --git a/utils/Makefile b/utils/Makefile
-index 177f28b..75a7f75 100644
---- a/utils/Makefile
-+++ b/utils/Makefile
-@@ -13,7 +13,7 @@ include $(ROOTDIR)/Config.mk
- 
- TARGETS := txt-stat txt-parse_err txt-acminfo
- 
--CFLAGS += -D_LARGEFILE64_SOURCE
-+CFLAGS += -D_LARGEFILE64_SOURCE -fstack-protector-strong
- LIBS += $(ROOTDIR)/safestringlib/libsafestring.a
- 
- #
--- 
-2.30.0
-
diff --git a/tboot.spec b/tboot.spec
index a077f478cbce8ad2e1239eae242cf37602fff01b..d5fc29c487b4babf039ffcbc7dff7e717d3cced2 100644
--- a/tboot.spec
+++ b/tboot.spec
@@ -1,13 +1,12 @@
 Name:           tboot
 Summary:        A module to perform a measured and verified launch
 Version:        1.10.2
-Release:        2
+Release:        3
 Epoch:          1
 License:        BSD
 
 URL:            http://sourceforge.net/projects/tboot/
 Source0:        http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
-Patch0:         add-PIE-and-BIND_NOW-for-some-binaries.patch
 
 BuildRequires:  gcc trousers-devel openssl-devel perl
 
@@ -24,6 +23,7 @@ and verified launch of an OS kernel/VMM
 %autosetup -p1
 
 %build
+CFLAGS="$RPM_OPT_FLAGS -Wl,-z,relro,-z,now -fPIE -pie"; export CFLAGS
 %make_build debug=y
 
 %install
@@ -42,6 +42,12 @@ and verified launch of an OS kernel/VMM
 %{_mandir}/man8/*.gz
 
 %changelog
+* Tue Jul 12 2022 Hugel <gengqihu1@h-partners.com> - 1:1.10.2-3
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:Add sec compile option
+
 * Mon Jan 10 2022 Hugel<gengqihu1@huawei.com> - 1:1.10.2-2
 - Type:enhancement
 - ID:NA