diff options
| author | Eric Andersen <andersen@codepoet.org> | 2004-12-22 21:34:27 +0000 |
|---|---|---|
| committer | Eric Andersen <andersen@codepoet.org> | 2004-12-22 21:34:27 +0000 |
| commit | f8e6aa06ffb1897b87f4d90545e8ca5b3d0cdb9a (patch) | |
| tree | 2611d23c8bdd8c0191e6b32cb0e074826293cc23 /extra/Configs | |
| parent | 6ae64d25832babd791a3991c34f23c90fd4966ae (diff) | |
Patch from Peter S. Mazinger:
Add UCLIBC_BUILD_NOEXECSTACK support.
Diffstat (limited to 'extra/Configs')
| -rw-r--r-- | extra/Configs/Config.in | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in index 509709b9e..c71fcf546 100644 --- a/extra/Configs/Config.in +++ b/extra/Configs/Config.in @@ -1089,12 +1089,17 @@ endmenu menu "uClibc security related options" +config UCLIBC_SECURITY + bool "Enable security options" + default n + config UCLIBC_BUILD_PIE bool "Build utilities as ET_DYN/PIE executables" + depends on UCLIBC_SECURITY depends on HAVE_SHARED depends on TARGET_i386 || TARGET_powerpc || TARGET_frv select FORCE_SHAREABLE_TEXT_SEGMENTS if BUILD_UCLIBC_LDSO - default n + default y help If you answer Y here, ldd and iconv are built as ET_DYN/PIE executables. It requires gcc-3.4 and binutils-2.15 or later. @@ -1105,6 +1110,7 @@ config UCLIBC_BUILD_PIE config UCLIBC_HAS_SSP bool "Support for propolice stack protection" + depends on UCLIBC_SECURITY default n help Adds propolice protection to libc (__guard and __stack_smash_handler). @@ -1144,6 +1150,7 @@ endchoice config UCLIBC_BUILD_SSP bool "Build uClibc with propolice protection" + depends on UCLIBC_SECURITY depends on UCLIBC_HAS_SSP default n help @@ -1151,18 +1158,29 @@ config UCLIBC_BUILD_SSP config UCLIBC_BUILD_RELRO bool "Build uClibc with RELRO" + depends on UCLIBC_SECURITY depends on BUILD_UCLIBC_LDSO - default n + default y help Build all libraries and executables with -z relro. config UCLIBC_BUILD_NOW bool "Build uClibc with NOW" + depends on UCLIBC_SECURITY depends on BUILD_UCLIBC_LDSO - default n + default y help Build all libraries and executables with -z now. +config UCLIBC_BUILD_NOEXECSTACK + bool "Build uClibc with noexecstack marking" + depends on UCLIBC_SECURITY + default y + help + Mark all assembler files as noexecstack. This will result in marking + all libraries and executables built against uClibc not requiring + executable stack. + endmenu menu "uClibc development/debugging options" |