blob: 0864c6564a7cd907340b00439123eb805f41202a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
## SECTION=architecture_options
menu "hardening options "
choice
prompt "Stack Protector"
help
This is a mainline GCC feature, which adds safety checks against
stack overwrites. This renders many potential code injection
attacks into aborting situations. In the best case this turns
code injection vulnerabilities into denial of service or into
non-issues (depending on the application).
http://en.wikipedia.org/wiki/Stack-smashing_protection
config TARGET_HARDEN_STACK_NONE
bool
prompt "disabled "
config TARGET_HARDEN_STACK
bool
prompt "cc -fstack-protector "
config TARGET_HARDEN_STACK_STRONG
bool
prompt "cc -fstack-protector-strong"
config TARGET_HARDEN_STACK_ALL
bool
prompt "cc -fstack-protector-all "
endchoice
config TARGET_HARDEN_STACKCLASH
bool
prompt "Stack clash protection (cc -fstack-clash-protection)"
help
Generate code to prevent stack clash style attacks. When this
option is enabled, the compiler will only allocate one page of
stack space at a time and each page is accessed immediately after
allocation. Thus, it prevents allocations from jumping over any
stack guard page provided by the operating system.
config TARGET_HARDEN_FORTIFY
bool
prompt "Enable glibc protections (cc -D_FORTIFY_SOURCE=2)"
help
During code generation the compiler knows a great deal of
information about buffer sizes (where possible), and attempts to
replace insecure unlimited length buffer function calls with
length-limited ones. This is especially useful for old, crufty
code.
config TARGET_HARDEN_RELRO
bool
prompt "Enable 'RELocation Read-Only' (ld -z relro)"
help
Several ELF sections need to be written to by the linker, but can
be turned read-only after starting. Most notably this prevents
GOT overwrites attacks.
config TARGET_HARDEN_BINDNOW
bool
prompt "Enable 'Bind Now' (ld -z now)"
help
Perform all dynamic bindings at start-up instead of on-demand.
This prevents PLT overwrite attacks.
config TARGET_HARDEN_PIE
bool
prompt "Enable 'Position Independent Executables' (-fPIE -pie)"
help
Position Independent Executable are needed for effective Address
Space Layout randomization.
http://en.wikipedia.org/wiki/ASLR
endmenu
|