[OE-core] [pyro][PATCH] distutils-base.bbclass: Do not use -pie with hardening

[Martin Kelly]

From: Khem Raj <raj.khem at gmail.com>

Fix build when PIE is turned on. It tries to build
.so file using -pie and -shared flags together because
its doing compile and link in same step CFLAGS and LDFLAGS
are combined and does not work, ending in errors e.g.

| /mnt/a/oe/build/tmp/work/cortexa7t2hf-neon-vfpv4-bec-linux-musleabi/python-pygpgme/0.3-r0/recipe-sysroot/usr/l
ib/Scrt1.o: In function `_start_c':
| /usr/src/debug/musl/1.1.16+gitAUTOINC+179766aa2e-r0/git/crt/crt1.c:17: undefined reference to `main'
| collect2: error: ld returned 1 exit status

This error while cryptic is due to the fact that we are
building a shared library but also pass -pie flag to the link
step after specify LDHSARED ( which is -shared linker flags )

we can not use -pie when doing shared libs. This is true for all the python
modules inheriting setup tools

Disable the pie flags thusly for all modules using setuptools since
this setting is done in setuptools makefiles which are then used
during module compiles

Backport notes:
In master, this commit is reverted in master in favor of using GCCPIE =
"--enable-default-pie" in security_flags.inc. However, backporting that change
introduces many merge conflicts and will be a serious maintenance issue, so I
think it's safest to just backport this small change, which fixes build failures
in python-cffi and likely other recipes.

For completeness, this is the list of commits in OE-core master that will
supersede this change:

- 1c7e195c94764d680a12a49b870f04cd58860f81
  "gcc: Introduce a knob to configure gcc to default to PIE"
- e93765ffb5718b0fce84f0b8123963176dea95e4
  "security_flags.inc: Delete pinnings for SECURITY_NO_PIE_CFLAGS"
- fcfe6d4ab4460f8358e13023022a5e909941ca93
  distutils,setuptools: Delete use of SECURITY_NO_PIE_CFLAGS

Signed-off-by: Khem Raj <raj.khem at gmail.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Martin Kelly <mkelly at xevo.com>
---
 meta/classes/distutils-common-base.bbclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/classes/distutils-common-base.bbclass b/meta/classes/distutils-common-base.bbclass
index 824a1b68b1..fa733c672c 100644
--- a/meta/classes/distutils-common-base.bbclass
+++ b/meta/classes/distutils-common-base.bbclass
@@ -11,3 +11,5 @@ FILES_${PN}-dev += "\
   ${libdir}/pkgconfig \
   ${PYTHON_SITEPACKAGES_DIR}/*.la \
 "
+
+SECURITY_CFLAGS = "${SECURITY_NO_PIE_CFLAGS}"
-- 
2.11.0