diff options
author | Eric Andersen <andersen@codepoet.org> | 2004-12-22 21:24:32 +0000 |
---|---|---|
committer | Eric Andersen <andersen@codepoet.org> | 2004-12-22 21:24:32 +0000 |
commit | 6ae64d25832babd791a3991c34f23c90fd4966ae (patch) | |
tree | 5505da51641f72f743e0fd8f14f32490e04d98ed | |
parent | 433ccbdd22063df62307459bb9d73b2e9016a5db (diff) |
Patch from Peter S. Mazinger:
Seperate out security features into a separate menu
-rw-r--r-- | Rules.mak | 8 | ||||
-rw-r--r-- | extra/Configs/Config.in | 139 | ||||
-rw-r--r-- | ldso/ldso/Makefile | 3 | ||||
-rw-r--r-- | libpthread/Makefile | 6 |
4 files changed, 96 insertions, 60 deletions
@@ -254,6 +254,14 @@ else LDFLAGS := $(CPU_LDFLAGS-y) -s -shared --warn-common --warn-once -z combreloc endif +ifeq ($(UCLIBC_BUILD_RELRO),y) +LDFLAGS+=-z relro +endif + +ifeq ($(UCLIBC_BUILD_NOW),y) +LDFLAGS+=-z now +endif + # Sigh, some stupid versions of gcc can't seem to cope with '-iwithprefix include' #CFLAGS+=-iwithprefix include CFLAGS+=-isystem $(shell $(CC) -print-file-name=include) diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in index e372dbfd1..509709b9e 100644 --- a/extra/Configs/Config.in +++ b/extra/Configs/Config.in @@ -205,20 +205,6 @@ config FORCE_SHAREABLE_TEXT_SEGMENTS little bit smaller and guarantee that no memory will be wasted by badly coded shared libraries. -config UCLIBC_BUILD_PIE - bool "Build utilities as ET_DYN/PIE executables" - depends on HAVE_SHARED - depends on TARGET_i386 || TARGET_powerpc || TARGET_frv - select FORCE_SHAREABLE_TEXT_SEGMENTS if BUILD_UCLIBC_LDSO - default n - help - If you answer Y here, ldd and iconv are built as ET_DYN/PIE executables. - This requires gcc-3.4 and binutils-2.15 or later. - More about ET_DYN/PIE binaries on <http://pax.grsecurity.net/> . - WARNING: This option also enables FORCE_SHAREABLE_TEXT_SEGMENTS, so all - libraries have to be built with -fPIC or -fpic, and all assembler - functions must be written as position independent code (PIC). - config LDSO_LDD_SUPPORT bool "Native shared library loader 'ldd' support" depends on BUILD_UCLIBC_LDSO @@ -283,52 +269,6 @@ config UCLIBC_CTOR_DTOR or dtors and want your binaries to be as small as possible, then answer N. -config UCLIBC_HAS_SSP - bool "Support for propolice stack protection" - default n - help - Adds propolice protection to libc (__guard and __stack_smash_handler). - More about it on <http://www.research.ibm.com/trl/projects/security/ssp> . - To be able to use it, you'll also need a propolice patched gcc, - supporting the -fstack-protector[-all] options. It is a specially patched - gcc version, where __guard and __stack_smash_handler are removed from libgcc. - Most people will answer N. - -choice - prompt "Propolice protection blocking signal" - depends on UCLIBC_HAS_SSP - default PROPOLICE_BLOCK_ABRT if ! DODEBUG - default PROPOLICE_BLOCK_SEGV if DODEBUG - help - "abort" use SIGABRT to block offending programs. - This is the default implementation. - - "segfault" use SIGSEGV to block offending programs. - Use this for debugging. - - "kill" use SIGKILL to block offending programs. - Perhaps the best for security. - - If unsure, answer "abort". - -config PROPOLICE_BLOCK_ABRT - bool "abort" - -config PROPOLICE_BLOCK_SEGV - bool "segfault" - -config PROPOLICE_BLOCK_KILL - bool "kill" - -endchoice - -config UCLIBC_BUILD_SSP - bool "Build uClibc with propolice protection" - depends on UCLIBC_HAS_SSP - default n - help - Build all libraries and executables with propolice protection enabled. - config HAS_NO_THREADS bool default n @@ -1146,6 +1086,85 @@ config DEVEL_PREFIX endmenu + +menu "uClibc security related options" + +config UCLIBC_BUILD_PIE + bool "Build utilities as ET_DYN/PIE executables" + depends on HAVE_SHARED + depends on TARGET_i386 || TARGET_powerpc || TARGET_frv + select FORCE_SHAREABLE_TEXT_SEGMENTS if BUILD_UCLIBC_LDSO + default n + help + If you answer Y here, ldd and iconv are built as ET_DYN/PIE executables. + It requires gcc-3.4 and binutils-2.15 or later. + More about ET_DYN/PIE binaries on <http://pax.grsecurity.net/> . + WARNING: This option also enables FORCE_SHAREABLE_TEXT_SEGMENTS, so all + libraries have to be built with -fPIC or -fpic, and all assembler + functions must be written as position independent code (PIC). + +config UCLIBC_HAS_SSP + bool "Support for propolice stack protection" + default n + help + Adds propolice protection to libc (__guard and __stack_smash_handler). + More about it on <http://www.research.ibm.com/trl/projects/security/ssp> . + To be able to use it, you'll also need a propolice patched gcc, + supporting the -fstack-protector[-all] options. It is a specially patched + gcc version, where __guard and __stack_smash_handler are removed from libgcc. + Most people will answer N. + +choice + prompt "Propolice protection blocking signal" + depends on UCLIBC_HAS_SSP + default PROPOLICE_BLOCK_ABRT if ! DODEBUG + default PROPOLICE_BLOCK_SEGV if DODEBUG + help + "abort" use SIGABRT to block offending programs. + This is the default implementation. + + "segfault" use SIGSEGV to block offending programs. + Use this for debugging. + + "kill" use SIGKILL to block offending programs. + Perhaps the best for security. + + If unsure, answer "abort". + +config PROPOLICE_BLOCK_ABRT + bool "abort" + +config PROPOLICE_BLOCK_SEGV + bool "segfault" + +config PROPOLICE_BLOCK_KILL + bool "kill" + +endchoice + +config UCLIBC_BUILD_SSP + bool "Build uClibc with propolice protection" + depends on UCLIBC_HAS_SSP + default n + help + Build all libraries and executables with propolice protection enabled. + +config UCLIBC_BUILD_RELRO + bool "Build uClibc with RELRO" + depends on BUILD_UCLIBC_LDSO + default n + help + Build all libraries and executables with -z relro. + +config UCLIBC_BUILD_NOW + bool "Build uClibc with NOW" + depends on BUILD_UCLIBC_LDSO + default n + help + Build all libraries and executables with -z now. + +endmenu + menu "uClibc development/debugging options" config DODEBUG diff --git a/ldso/ldso/Makefile b/ldso/ldso/Makefile index ef48e3358..69990b772 100644 --- a/ldso/ldso/Makefile +++ b/ldso/ldso/Makefile @@ -42,6 +42,9 @@ XXFLAGS:=$(XXFLAGS:-O0=-O1) XXFLAGS+=-isystem $(shell $(CC) -print-file-name=include) LDFLAGS=$(CPU_LDFLAGS-y) -z now -Bsymbolic -shared --warn-common --export-dynamic --sort-common \ -z combreloc --discard-locals --discard-all --no-undefined +ifeq ($(UCLIBC_BUILD_RELRO),y) + LDFLAGS+=-z relro +endif CSRC= ldso.c COBJS=$(patsubst %.c,%.o, $(CSRC)) diff --git a/libpthread/Makefile b/libpthread/Makefile index 4a763ca78..6a3cc88d1 100644 --- a/libpthread/Makefile +++ b/libpthread/Makefile @@ -37,6 +37,12 @@ ifeq ($(strip $(UCLIBC_HAS_THREADS)),y) ifeq ($(strip $(PTHREADS_DEBUG_SUPPORT)),y) DIRS+=linuxthreads_db LDFLAGS_THREAD_DB:= $(CPU_LDFLAGS-y) -shared --warn-common --warn-once -z combreloc +ifeq ($(UCLIBC_BUILD_RELRO),y) + LDFLAGS_PTHREAD_DB+=-z relro +endif +ifeq ($(UCLIBC_BUILD_NOW),y) + LDFLAGS_PTHREAD_DB+=-z now +endif endif ifeq ($(DODEBUG),n) LDFLAGS_THREAD_DB+=-s |