diff --git a/hypervisor/Makefile b/hypervisor/Makefile
index 49175822e..5c53f124e 100644
--- a/hypervisor/Makefile
+++ b/hypervisor/Makefile
@@ -42,6 +42,7 @@ CFLAGS += -mno-red-zone
 CFLAGS += -static -nostdinc -nostdlib -fno-common
 CFLAGS += -O2 -D_FORTIFY_SOURCE=2
 CFLAGS += -Wformat -Wformat-security
+CFLAGS += -fpie
 
 ifdef STACK_PROTECTOR
 ifeq (true, $(shell [ $(GCC_MAJOR) -gt 4 ] && echo true))
@@ -58,10 +59,17 @@ endif
 
 ASFLAGS += -m64 -nostdinc -nostdlib
 
-LDFLAGS += -Wl,--gc-sections -static -nostartfiles -nostdlib
+LDFLAGS += -Wl,--gc-sections -nostartfiles -nostdlib
 LDFLAGS += -Wl,-n,-z,max-page-size=0x1000
 LDFLAGS += -Wl,-z,noexecstack
 
+# on X86_64, when build with "-pie", GCC fails on linking R_X86_64_32
+# relocations with "recompile with fPIC" error, because it may cause
+# run-time relocation overflow if it runs at address above 4GB.
+# We know it's safe because Hypervisor runs under 4GB. "noreloc-overflow"
+# is used to avoid the compile error
+LDFLAGS += -pie -z noreloc-overflow
+
 ARCH_CFLAGS += -gdwarf-2
 ARCH_ASFLAGS += -gdwarf-2 -DASSEMBLER=1
 ARCH_ARFLAGS +=
diff --git a/hypervisor/arch/x86/cpu_primary.S b/hypervisor/arch/x86/cpu_primary.S
index 805fb6666..be389b286 100644
--- a/hypervisor/arch/x86/cpu_primary.S
+++ b/hypervisor/arch/x86/cpu_primary.S
@@ -136,7 +136,7 @@ primary_start_long_mode:
      * Notes: this includes the fixup to IDT tables and temporary
      *     page tables
      */
-    /*call _relocate*/
+    call _relocate
 
     /* Load temportary GDT pointer value */
     lea     cpu_primary32_gdt_ptr(%rip), %rbx
diff --git a/hypervisor/bsp/ld/link_ram.ld.in b/hypervisor/bsp/ld/link_ram.ld.in
index 8f55db7fb..ceddf4704 100644
--- a/hypervisor/bsp/ld/link_ram.ld.in
+++ b/hypervisor/bsp/ld/link_ram.ld.in
@@ -39,6 +39,13 @@ SECTIONS
 
     } > ram
 
+	.rela :
+	{
+		*(.rela*)
+		*(.dyn*)
+	} > ram
+
+	. = ALIGN(4) ;
     _ld_trampoline_load = .;
 
     .trampoline : AT (_ld_trampoline_load)