security_flags: Add SECURITY_CFLAGS to TARGET_CC_ARCH for binutils

libtool decides to
filter out -fstack-protector-strong on its own and its documented here

https://www.gnu.org/software/libtool/manual/html_node/Stripped-link-flags.html

this causes linking errors when linking libbfd.so since objects (.o) are
compiled using -fstack-protector-strong so they are expecting to link
with libssp but the option goes missing in linker flags.

With this patch the security flags are hoisted upto CC itself and
libtool thankfully does not touch CC.

Adding to CC also means that we can now remove it from LDFLAGS since
when gcc driver is used to do linking then we have LD = CC and this
option makes to linker cmdline

Since CC is used without CFLAGS in configure tests, some tests fail
complaining that -Olevel is not used while using _FORTIFY_SOURCE
therefore added SELECTED_OPTIMIZATION to TARGET_CC_ARCH as well

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index 235f4130f0bbca052cb6a5d4c9ab88f0e1708726..2ba2755de0f49df94c9c29a34cd7b2d28a8ead1f 100644 (file)
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -103,3 +103,5 @@ SECURITY_LDFLAGS_pn-xf86-video-omap = "${SECURITY_X_LDFLAGS}"
 SECURITY_LDFLAGS_pn-xf86-video-vesa = "${SECURITY_X_LDFLAGS}"
 SECURITY_LDFLAGS_pn-xf86-video-vmware = "${SECURITY_X_LDFLAGS}"
 SECURITY_LDFLAGS_pn-xserver-xorg = "${SECURITY_X_LDFLAGS}"
+
+TARGET_CC_ARCH_append_pn-binutils = " ${SECURITY_CFLAGS} ${SELECTED_OPTIMIZATION}"