lib/accelerated: add CFLAGS to aarch64/elf

When building with certain cflags, like -mbranch-protection=standard,
the assembly generation needs to get the CFLAGS to enable assembler
level features. Without this, closing PAC/BTI feature support will not
be completed.

Example:
export CFLAGS='-mbranch-protection=standard'
export CPPFLAGS='-mbranch-protection=standard'
\# not needed, just for error reporting
export LDFLAGS='-Wl,-zforce-bti,--fatal-warnings'
./bootstrap
./configure --with-included-libtasn1 --with-included-unistring
make asm-sources
make -j4
readelf -n ./lib/.libs/libgnutls.so

Displaying notes found in: .note.gnu.property
  Owner                Data size 	Description
  GNU                  0x00000010	NT_GNU_PROPERTY_TYPE_0
      Properties: AArch64 feature: BTI, PAC
<snip>

readelf -n ./lib/.libs/libgnutlsxx.so

Displaying notes found in: .note.gnu.property
  Owner                Data size 	Description
  GNU                  0x00000010	NT_GNU_PROPERTY_TYPE_0
      Properties: AArch64 feature: BTI, PAC
<snip>

Related to: #1517

Signed-off-by: Bill Roberts <bill.roberts@arm.com>

diff --git a/cfg.mk b/cfg.mk
index 310ece5fa0ffda8384e55e9e610c4e19cd8b48f0..5ef839a2c1db3ecf08c02f41f10651187c4b9449 100644 (file)
--- a/cfg.mk
+++ b/cfg.mk
@@ -271,7 +271,7 @@ lib/accelerated/aarch64/elf/%.s: devel/perlasm/%.pl lib/accelerated/aarch64/aarc
        echo "" >> $@.tmp.S
        sed -i 's/OPENSSL_armcap_P/_gnutls_arm_cpuid_s/g' $@.tmp.S
        sed -i 's/arm_arch.h/aarch64-common.h/g' $@.tmp.S
-       aarch64-linux-gnu-gcc -D__ARM_MAX_ARCH__=8 -Ilib/accelerated/aarch64 -Wa,--noexecstack -E $@.tmp.S -o $@.tmp.s
+       aarch64-linux-gnu-gcc $(CFLAGS) -D__ARM_MAX_ARCH__=8 -Ilib/accelerated/aarch64 -Wa,--noexecstack -E $@.tmp.S -o $@.tmp.s
        cat $<.license $@.tmp.s > $@
        echo ".section .note.GNU-stack,\"\",%progbits" >> $@
        rm -f $@.tmp.S $@.tmp.s $@.tmp