diff options
| author |   Alexey Neyman <stilor@att.net> | 2018-12-05 00:15:37 (GMT) |
|---|---|---|
| committer | Alexey Neyman <stilor@att.net> | 2018-12-05 00:15:37 (GMT) |
| commit | f5b57504d28d0bdcda26a06ec21d80906bfbf11e (patch) | |
| tree | 6423e6e670f1c3df38b546e1fe306fe634cd968a /config/libc | |
| parent | 893932e90f967169fcf494e36ac9001f2f1b90a5 (diff) | |
Add configuration options for enabling SSP
... in uClibc and glibc.
Fixes #681.
While here, relocate additional "sources" for uClibc/binutils into packages/
directory.
Signed-off-by: Alexey Neyman <stilor@att.net>
Diffstat (limited to 'config/libc')
| -rw-r--r-- | config/libc/glibc.in | 39 | ||||
| -rw-r--r-- | config/libc/uClibc.in | 17 |
2 files changed, 56 insertions, 0 deletions
diff --git a/config/libc/glibc.in b/config/libc/glibc.in index 5916a83..527063f 100644 --- a/config/libc/glibc.in +++ b/config/libc/glibc.in @@ -320,6 +320,45 @@ config GLIBC_MIN_KERNEL default LINUX_VERSION if GLIBC_KERNEL_VERSION_AS_HEADERS default GLIBC_MIN_KERNEL_VERSION if GLIBC_KERNEL_VERSION_CHOSEN + +choice + bool "Stack-smashing protection (SSP) in glibc" + default GLIBC_SSP_DEFAULT + +config GLIBC_SSP_DEFAULT + bool "default" + help + Glibc's configure script determines the stack protection level. + +config GLIBC_SSP_NO + bool "no" + help + Glibc functions are not protected against stack-smashing. + +config GLIBC_SSP_YES + bool "yes" + help + Glibc is compiled with -fstack-protector option. + +config GLIBC_SSP_ALL + bool "all" + help + Glibc is compiled with -fstack-protector-all option. + +config GLIBC_SSP_STRONG + bool "strong" + help + Glibc is compiled with -fstack-protector-strong option. + +endchoice + +config GLIBC_SSP + string + default "no" if GLIBC_SSP_NO + default "yes" if GLIBC_SSP_YES + default "all" if GLIBC_SSP_ALL + default "strong" if GLIBC_SSP_STRONG + # All supported versions of glibc build cleanly with GCC7 and earlier. # GCC8-related fixes were only available in glibc 2.27. config GLIBC_ENABLE_WERROR diff --git a/config/libc/uClibc.in b/config/libc/uClibc.in index 7bdd03f..2b11e0c 100644 --- a/config/libc/uClibc.in +++ b/config/libc/uClibc.in @@ -207,6 +207,23 @@ config LIBC_UCLIBC_RPC help Enable support for remote procedure calls (RPC) in uClibc. +config LIBC_UCLIBC_HAS_SSP + bool + prompt "Support stack smashing protection (SSP)" + default y + help + Enable support for building programs with -fstack-protector family + of options. If this option is disabled, one can also use a standalone + libssp library from GCC. + +config LIBC_UCLIBC_BUILD_SSP + bool + prompt "Build uClibc with SSP" + depends on LIBC_UCLIBC_HAS_SSP + help + Build uClibc with -fstack-protector. This adds runtime overhead + to many function calls and is disabled by default. + if ARCH_ARM config LIBC_UCLIBC_USE_GNU_SUFFIX bool |