@@ -155,12 +155,6 @@ TARGET_HARDENED += $(TARGET_CFLAGS_RELRO_FULL)
TARGET_LDFLAGS += $(TARGET_CFLAGS_RELRO_FULL) -DBR_SET_PIE
endif
-ifeq ($(BR2_FORTIFY_SOURCE_1),y)
-TARGET_HARDENED += -D_FORTIFY_SOURCE=1
-else ifeq ($(BR2_FORTIFY_SOURCE_2),y)
-TARGET_HARDENED += -D_FORTIFY_SOURCE=2
-endif
-
TARGET_CPPFLAGS += -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
TARGET_CFLAGS = $(TARGET_CPPFLAGS) $(TARGET_ABI) $(TARGET_OPTIMIZATION) $(TARGET_DEBUGGING) $(TARGET_HARDENED)
TARGET_CXXFLAGS = $(TARGET_CFLAGS)
@@ -106,6 +106,12 @@ static char *predef_args[] = {
#ifdef BR_SSP_ALL
"-fstack-protector-all",
#endif
+#ifdef BR_FORTIFY_SOURCE_1
+ "-D_FORTIFY_SOURCE=1",
+#endif
+#ifdef BR_FORTIFY_SOURCE_2
+ "-D_FORTIFY_SOURCE=2",
+#endif
#ifdef BR_ADDITIONAL_CFLAGS
BR_ADDITIONAL_CFLAGS
#endif
@@ -57,6 +57,12 @@ else ifeq ($(BR2_SSP_ALL),y)
TOOLCHAIN_WRAPPER_ARGS += -DBR_SSP_ALL
endif
+ifeq ($(BR2_FORTIFY_SOURCE_1),y)
+TOOLCHAIN_WRAPPER_ARGS += -DBR_FORTIFY_SOURCE_1
+else ifeq ($(BR2_FORTIFY_SOURCE_2),y)
+TOOLCHAIN_WRAPPER_ARGS += -DBR_FORTIFY_SOURCE_2
+endif
+
define TOOLCHAIN_WRAPPER_BUILD
$(HOSTCC) $(HOST_CFLAGS) $(TOOLCHAIN_WRAPPER_ARGS) \
-s -Wl,--hash-style=$(TOOLCHAIN_WRAPPER_HASH_STYLE) \
Migrate the fortify flag management into the wrapper. Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> --- package/Makefile.in | 6 ------ toolchain/toolchain-wrapper.c | 6 ++++++ toolchain/toolchain-wrapper.mk | 6 ++++++ 3 files changed, 12 insertions(+), 6 deletions(-)