diff options
Diffstat (limited to 'platforms')
| -rw-r--r-- | platforms/toolchain_hardening.in | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/platforms/toolchain_hardening.in b/platforms/toolchain_hardening.in index cb81798b2..291d5a834 100644 --- a/platforms/toolchain_hardening.in +++ b/platforms/toolchain_hardening.in @@ -2,9 +2,8 @@ menu "hardening options " -config TARGET_HARDEN_STACK - bool - prompt "Enable stack protector (cc -fstack-protector)" +choice + prompt "Stack Protector" help This is a mainline GCC feature, which adds safety checks against stack overwrites. This renders many potential code injection @@ -13,6 +12,24 @@ config TARGET_HARDEN_STACK non-issues (depending on the application). http://en.wikipedia.org/wiki/Stack-smashing_protection +config TARGET_HARDEN_STACK_NONE + bool + prompt "disabled " + +config TARGET_HARDEN_STACK + bool + prompt "cc -fstack-protector " + +config TARGET_HARDEN_STACK_STRONG + bool + prompt "cc -fstack-protector-strong" + +config TARGET_HARDEN_STACK_ALL + bool + prompt "cc -fstack-protector-all " + +endchoice + config TARGET_HARDEN_FORTIFY bool prompt "Enable glibc protections (cc -D_FORTIFY_SOURCE=2)" |