path: root/Config.in
diff options
authorGravatar Thomas Petazzoni <thomas.petazzoni@free-electrons.com>2013-09-02 18:06:36 +0200
committerGravatar Peter Korsgaard <jacmet@sunsite.dk>2013-09-15 23:02:57 +0200
commitc5866be0ad90a97bbf04af846d6aec869bc1918a (patch)
tree897460ebe306b1edcbcb868a7edd711b6e848608 /Config.in
parent094fd1d01de46a61bbc59343841f762817b9cc81 (diff)
toolchain: refactor Stack Smashing Protection support
This commit refactors how Stack Smashing Protection support is handled in Buildroot: *) It turns the BR2_TOOLCHAIN_BUILDROOT_USE_SSP option into an option that only enables the SSP support in uClibc, when using the internal toolchain backend. *) It adds an hidden BR2_TOOLCHAIN_HAS_SSP option that gets enabled when the toolchain has SSP support. Here we have the usual dance: glibc/eglibc in internal/external backend always select this option, in the case of uClibc/internal, it gets selected when BR2_TOOLCHAIN_BUILDROOT_USE_SSP is enabled, in the case of uClibc/external, there is a new configuration option that the user must select (or not) depending on whether the toolchain has SSP support. *) It adds a new options BR2_ENABLE_SSP in the "Build options" menu, to enable the usage of SSP support, by adding -fstack-protector-all to the CFLAGS. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Diffstat (limited to 'Config.in')
1 files changed, 17 insertions, 0 deletions
diff --git a/Config.in b/Config.in
index 1b30ce1dba..af720ec16f 100644
--- a/Config.in
+++ b/Config.in
@@ -402,6 +402,23 @@ config BR2_OPTIMIZE_S
+config BR2_ENABLE_SSP
+ bool "build code with Stack Smashing Protection"
+ depends on BR2_TOOLCHAIN_HAS_SSP
+ help
+ Enable stack smashing protection support using GCCs
+ -fstack-protector-all option.
+ See http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
+ for details.
+ Note that this requires the toolchain to have SSP
+ support. This is always the case for glibc and eglibc
+ toolchain, but is optional in uClibc toolchains.
+comment "enabling Stack Smashing Protection requires support in the toolchain"
+ depends on !BR2_TOOLCHAIN_HAS_SSP
bool "prefer static libraries"