diff options
author | Oleksij Rempel <o.rempel@pengutronix.de> | 2020-04-04 16:22:32 +0200 |
---|---|---|
committer | Robert Schwebel <r.schwebel@pengutronix.de> | 2020-04-24 14:22:33 +0200 |
commit | fc95ca6e9122b2b56f47d29bf8610194378c5f27 (patch) | |
tree | a2e19918ad2905020d6ef80039956c43692be68d /configs/platform-mips/platformconfig | |
parent | d87364587ff13f6bab2af3b1343b69f34b944a2c (diff) | |
download | DistroKit-fc95ca6e9122b2b56f47d29bf8610194378c5f27.tar.gz DistroKit-fc95ca6e9122b2b56f47d29bf8610194378c5f27.tar.xz |
MIPS: enable HARDEN_STACKCLASH
Generate code to prevent stack clash style attacks. When this option is
enabled, the compiler will only allocate one page of stack space at a
time and each page is accessed immediately after allocation. Thus, it
prevents allocations from jumping over any stack guard page provided by
the operating system.
Most targets do not fully support stack clash protection. However, on
those targets -fstack-clash-protection will protect dynamic stack
allocations. -fstack-clash-protection may also provide limited
protection for static stack allocations if the target supports
-fstack-check=specific.
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Diffstat (limited to 'configs/platform-mips/platformconfig')
-rw-r--r-- | configs/platform-mips/platformconfig | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/configs/platform-mips/platformconfig b/configs/platform-mips/platformconfig index 47c9cd2..5f1202b 100644 --- a/configs/platform-mips/platformconfig +++ b/configs/platform-mips/platformconfig @@ -77,7 +77,7 @@ PTXCONF_COMPILER_PREFIX_BOOTLOADER="${PTXCONF_COMPILER_PREFIX}" # PTXCONF_TARGET_HARDEN_STACK is not set # PTXCONF_TARGET_HARDEN_STACK_STRONG is not set PTXCONF_TARGET_HARDEN_STACK_ALL=y -# PTXCONF_TARGET_HARDEN_STACKCLASH is not set +PTXCONF_TARGET_HARDEN_STACKCLASH=y PTXCONF_TARGET_HARDEN_FORTIFY=y PTXCONF_TARGET_HARDEN_RELRO=y PTXCONF_TARGET_HARDEN_BINDNOW=y |