build: Enable BIND_NOW

Partial RELRO means that the object is GNU_RELRO but not BIND_NOW.  This
reduces the effectiveness of RELRO.  bluez triggers this because it
enables PIE during the build, and rpmdiff takes this as an indicator
that the best possible hardening is desired.

https://bugzilla.redhat.com/show_bug.cgi?id=983161

Change-Id: I09d90d9b2ce3fa13a0ec220b83ca141301e7a72b
Signed-off-by: himanshu <h.himanshu@samsung.com>

diff --git a/acinclude.m4 b/acinclude.m4
index 045138c..5298483 100755 (executable)
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -50,7 +50,7 @@ AC_DEFUN([MISC_FLAGS], [
                if (test "${enableval}" = "yes" &&
                                test "${ac_cv_prog_cc_pie}" = "yes"); then
                        misc_cflags="$misc_cflags -fPIC"
-                       misc_ldflags="$misc_ldflags -pie"
+                       misc_ldflags="$misc_ldflags -pie -Wl,-z,now"
                fi
        ])
        if (test "$enable_coverage" = "yes"); then