busybox: add missing TARGET_CPPFLAGS and TARGET_LDFLAGS
authorMatthias Schiffer <mschiffer@universe-factory.net>
Sun, 10 Dec 2017 17:04:53 +0000 (18:04 +0100)
committerMatthias Schiffer <mschiffer@universe-factory.net>
Thu, 28 Dec 2017 11:26:23 +0000 (12:26 +0100)
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.

The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
package/utils/busybox/Makefile

index 54ad986..8866756 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=busybox
 PKG_VERSION:=1.27.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 PKG_FLAGS:=essential
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
@@ -83,7 +83,8 @@ endif
 
 MAKE_VARS :=
 MAKE_FLAGS += \
-       EXTRA_CFLAGS="$(TARGET_CFLAGS)" \
+       EXTRA_CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \
+       EXTRA_LDFLAGS="$(TARGET_LDFLAGS)" \
        LDLIBS="$(LDLIBS)" \
        SKIP_STRIP=y
 ifneq ($(findstring c,$(OPENWRT_VERBOSE)),)