cr50: set compiler options to ensure reproducible FIPS module

As per b/277777628 FIPS module build depends on value of `CC` env var,
which is not a desirable behavior.

1. Add -fconserve-stack to FIPS module builds explicitly to make sure
   its digest is same as reported and doesn't depend on environment.
2. gcc specific option moved to core/cortex-m/build.mk
3. Verified that binutils workaround is still needed (b/238039591)

BUG=b:277777628, b:238039591
TEST=make BOARD=cr50; tpm_test.py, FIPS digest is the same

Change-Id: I664cee178de400efed3fe2e06b9b4b72f6ce6067
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4425068
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Code-Coverage: Vadim Sukhomlinov <sukhomlinov@chromium.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/board/cr50/build.mk b/board/cr50/build.mk
index a62a43bd1e..45301733f9 100644
--- a/board/cr50/build.mk
+++ b/board/cr50/build.mk
@@ -201,7 +201,7 @@ FIPS_MODULE=dcrypto/fips_module.o
 FIPS_LD_SCRIPT=$(BDIR)/dcrypto/fips_module.ld
 RW_FIPS_OBJS=$(patsubst %.o, $(RW_BD_OUT)/%.o, $(fips-y))
 $(RW_FIPS_OBJS): CFLAGS += -frandom-seed=0 -fno-fat-lto-objects -Wswitch\
-			   -Wsign-compare -Wuninitialized
+			   -Wsign-compare -Wuninitialized -fconserve-stack
 
 $(RW_FIPS_OBJS): | $(out)/ec_version.h $(out)/env_config.h
 rw_board_deps := $(addsuffix .d, $(RW_FIPS_OBJS))