diff options
Diffstat (limited to 'config/libc')
| -rw-r--r-- | config/libc/glibc.in | 39 | ||||
| -rw-r--r-- | config/libc/uClibc.in | 17 |
2 files changed, 56 insertions, 0 deletions
diff --git a/config/libc/glibc.in b/config/libc/glibc.in index 5916a83c..527063f4 100644 --- a/config/libc/glibc.in +++ b/config/libc/glibc.in @@ -320,6 +320,45 @@ config GLIBC_MIN_KERNEL default LINUX_VERSION if GLIBC_KERNEL_VERSION_AS_HEADERS default GLIBC_MIN_KERNEL_VERSION if GLIBC_KERNEL_VERSION_CHOSEN + +choice + bool "Stack-smashing protection (SSP) in glibc" + default GLIBC_SSP_DEFAULT + +config GLIBC_SSP_DEFAULT + bool "default" + help + Glibc's configure script determines the stack protection level. + +config GLIBC_SSP_NO + bool "no" + help + Glibc functions are not protected against stack-smashing. + +config GLIBC_SSP_YES + bool "yes" + help + Glibc is compiled with -fstack-protector option. + +config GLIBC_SSP_ALL + bool "all" + help + Glibc is compiled with -fstack-protector-all option. + +config GLIBC_SSP_STRONG + bool "strong" + help + Glibc is compiled with -fstack-protector-strong option. + +endchoice + +config GLIBC_SSP + string + default "no" if GLIBC_SSP_NO + default "yes" if GLIBC_SSP_YES + default "all" if GLIBC_SSP_ALL + default "strong" if GLIBC_SSP_STRONG + # All supported versions of glibc build cleanly with GCC7 and earlier. # GCC8-related fixes were only available in glibc 2.27. config GLIBC_ENABLE_WERROR diff --git a/config/libc/uClibc.in b/config/libc/uClibc.in index 7bdd03f4..2b11e0c9 100644 --- a/config/libc/uClibc.in +++ b/config/libc/uClibc.in @@ -207,6 +207,23 @@ config LIBC_UCLIBC_RPC help Enable support for remote procedure calls (RPC) in uClibc. +config LIBC_UCLIBC_HAS_SSP + bool + prompt "Support stack smashing protection (SSP)" + default y + help + Enable support for building programs with -fstack-protector family + of options. If this option is disabled, one can also use a standalone + libssp library from GCC. + +config LIBC_UCLIBC_BUILD_SSP + bool + prompt "Build uClibc with SSP" + depends on LIBC_UCLIBC_HAS_SSP + help + Build uClibc with -fstack-protector. This adds runtime overhead + to many function calls and is disabled by default. + if ARCH_ARM config LIBC_UCLIBC_USE_GNU_SUFFIX bool |