diff options
author | Michael Olbrich <m.olbrich@pengutronix.de> | 2016-06-17 16:22:21 +0200 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2016-06-17 16:23:06 +0200 |
commit | 73e71be0770721cdd55f9e5873ba4aa1d3b38cd7 (patch) | |
tree | 84c8d6c4ccaa799d7cbf5a39ebb7e67abd1347aa /platforms | |
parent | b99110b865addaee590be867e182173e088c8265 (diff) | |
download | ptxdist-73e71be0770721cdd55f9e5873ba4aa1d3b38cd7.tar.gz ptxdist-73e71be0770721cdd55f9e5873ba4aa1d3b38cd7.tar.xz |
wrapper: add more stack protector options
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'platforms')
-rw-r--r-- | platforms/toolchain_hardening.in | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/platforms/toolchain_hardening.in b/platforms/toolchain_hardening.in index cb81798b2..291d5a834 100644 --- a/platforms/toolchain_hardening.in +++ b/platforms/toolchain_hardening.in @@ -2,9 +2,8 @@ menu "hardening options " -config TARGET_HARDEN_STACK - bool - prompt "Enable stack protector (cc -fstack-protector)" +choice + prompt "Stack Protector" help This is a mainline GCC feature, which adds safety checks against stack overwrites. This renders many potential code injection @@ -13,6 +12,24 @@ config TARGET_HARDEN_STACK non-issues (depending on the application). http://en.wikipedia.org/wiki/Stack-smashing_protection +config TARGET_HARDEN_STACK_NONE + bool + prompt "disabled " + +config TARGET_HARDEN_STACK + bool + prompt "cc -fstack-protector " + +config TARGET_HARDEN_STACK_STRONG + bool + prompt "cc -fstack-protector-strong" + +config TARGET_HARDEN_STACK_ALL + bool + prompt "cc -fstack-protector-all " + +endchoice + config TARGET_HARDEN_FORTIFY bool prompt "Enable glibc protections (cc -D_FORTIFY_SOURCE=2)" |