From 73e71be0770721cdd55f9e5873ba4aa1d3b38cd7 Mon Sep 17 00:00:00 2001
From: Michael Olbrich <m.olbrich@pengutronix.de>
Date: Fri, 17 Jun 2016 16:22:21 +0200
Subject: wrapper: add more stack protector options

Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
---
 platforms/toolchain_hardening.in | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

(limited to 'platforms')

diff --git a/platforms/toolchain_hardening.in b/platforms/toolchain_hardening.in
index cb81798b2..291d5a834 100644
--- a/platforms/toolchain_hardening.in
+++ b/platforms/toolchain_hardening.in
@@ -2,9 +2,8 @@
 
 menu "hardening options             "
 
-config TARGET_HARDEN_STACK
-	bool
-	prompt "Enable stack protector (cc -fstack-protector)"
+choice
+	prompt "Stack Protector"
 	help
 	  This is a mainline GCC feature, which adds safety checks against
 	  stack overwrites. This renders many potential code injection
@@ -13,6 +12,24 @@ config TARGET_HARDEN_STACK
 	  non-issues (depending on the application).
 	  http://en.wikipedia.org/wiki/Stack-smashing_protection
 
+config TARGET_HARDEN_STACK_NONE
+	bool
+	prompt "disabled                   "
+
+config TARGET_HARDEN_STACK
+	bool
+	prompt "cc -fstack-protector       "
+
+config TARGET_HARDEN_STACK_STRONG
+	bool
+	prompt "cc -fstack-protector-strong"
+
+config TARGET_HARDEN_STACK_ALL
+	bool
+	prompt "cc -fstack-protector-all   "
+
+endchoice
+
 config TARGET_HARDEN_FORTIFY
 	bool
 	prompt "Enable glibc protections (cc -D_FORTIFY_SOURCE=2)"
-- 
cgit v1.2.3