summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Rules.mak2
-rw-r--r--debian/config2
-rw-r--r--extra/Configs/Config.frv.default2
-rw-r--r--extra/Configs/Config.in17
-rw-r--r--libc/misc/internals/__uClibc_main.c4
-rw-r--r--libc/sysdeps/linux/common/Makefile2
6 files changed, 18 insertions, 11 deletions
diff --git a/Rules.mak b/Rules.mak
index 75bf9462a..fa42c023c 100644
--- a/Rules.mak
+++ b/Rules.mak
@@ -232,7 +232,7 @@ LDPIEFLAG=
endif
SSP_DISABLE_FLAGS=$(call check_gcc,-fno-stack-protector,)
-ifeq ($(UCLIBC_PROPOLICE),y)
+ifeq ($(UCLIBC_BUILD_SSP),y)
SSP_CFLAGS=$(call check_gcc,-fno-stack-protector-all,)
SSP_CFLAGS+=$(call check_gcc,-fstack-protector,)
SSP_ALL_CFLAGS=$(call check_gcc,-fstack-protector-all,)
diff --git a/debian/config b/debian/config
index bed3b700f..4ee9f789f 100644
--- a/debian/config
+++ b/debian/config
@@ -43,7 +43,7 @@ BUILD_UCLIBC_LDSO=y
# UCLIBC_BUILD_PIE is not set
LDSO_LDD_SUPPORT=y
UCLIBC_CTOR_DTOR=y
-# UCLIBC_PROPOLICE is not set
+# UCLIBC_HAS_SSP is not set
# HAS_NO_THREADS is not set
UCLIBC_HAS_THREADS=y
PTHREADS_DEBUG_SUPPORT=y
diff --git a/extra/Configs/Config.frv.default b/extra/Configs/Config.frv.default
index ac1d0aa4e..780f865bb 100644
--- a/extra/Configs/Config.frv.default
+++ b/extra/Configs/Config.frv.default
@@ -54,7 +54,7 @@ LDSO_CACHE_SUPPORT=y
LDSO_PRELOAD_FILE_SUPPORT=y
LDSO_BASE_FILENAME="ld.so.1"
UCLIBC_CTOR_DTOR=y
-# UCLIBC_PROPOLICE is not set
+# UCLIBC_HAS_SSP is not set
# HAS_NO_THREADS is not set
UCLIBC_HAS_THREADS=y
PTHREADS_DEBUG_SUPPORT=y
diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in
index 5b8283dda..e372dbfd1 100644
--- a/extra/Configs/Config.in
+++ b/extra/Configs/Config.in
@@ -282,21 +282,21 @@ config UCLIBC_CTOR_DTOR
then you definitely want to answer Y here. If you don't need ctors
or dtors and want your binaries to be as small as possible, then
answer N.
-
-config UCLIBC_PROPOLICE
+
+config UCLIBC_HAS_SSP
bool "Support for propolice stack protection"
default n
help
- Propolice stack protection.
+ Adds propolice protection to libc (__guard and __stack_smash_handler).
More about it on <http://www.research.ibm.com/trl/projects/security/ssp> .
To be able to use it, you'll also need a propolice patched gcc,
supporting the -fstack-protector[-all] options. It is a specially patched
- gcc version, were __guard and __stack_smash_handler are removed from libgcc.
+ gcc version, where __guard and __stack_smash_handler are removed from libgcc.
Most people will answer N.
choice
prompt "Propolice protection blocking signal"
- depends on UCLIBC_PROPOLICE
+ depends on UCLIBC_HAS_SSP
default PROPOLICE_BLOCK_ABRT if ! DODEBUG
default PROPOLICE_BLOCK_SEGV if DODEBUG
help
@@ -322,6 +322,13 @@ config PROPOLICE_BLOCK_KILL
endchoice
+config UCLIBC_BUILD_SSP
+ bool "Build uClibc with propolice protection"
+ depends on UCLIBC_HAS_SSP
+ default n
+ help
+ Build all libraries and executables with propolice protection enabled.
+
config HAS_NO_THREADS
bool
default n
diff --git a/libc/misc/internals/__uClibc_main.c b/libc/misc/internals/__uClibc_main.c
index c41f7ccf2..33fc2ec68 100644
--- a/libc/misc/internals/__uClibc_main.c
+++ b/libc/misc/internals/__uClibc_main.c
@@ -24,7 +24,7 @@
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/sysmacros.h>
-#ifdef __UCLIBC_PROPOLICE__
+#ifdef __UCLIBC_HAS_SSP__
extern void __guard_setup(void);
#endif
@@ -225,7 +225,7 @@ __uClibc_start_main(int argc, char **argv, char **envp,
}
#endif
-#ifdef __UCLIBC_PROPOLICE__
+#ifdef __UCLIBC_HAS_SSP__
__guard_setup ();
#endif
diff --git a/libc/sysdeps/linux/common/Makefile b/libc/sysdeps/linux/common/Makefile
index 56a65797d..d1187cb7c 100644
--- a/libc/sysdeps/linux/common/Makefile
+++ b/libc/sysdeps/linux/common/Makefile
@@ -57,7 +57,7 @@ CSRC= __rt_sigtimedwait.c __socketcall.c __syscall_fcntl.c \
ifneq ($(strip $(EXCLUDE_BRK)),y)
CSRC+=sbrk.c
endif
-ifeq ($(strip $(UCLIBC_PROPOLICE)),y)
+ifeq ($(strip $(UCLIBC_HAS_SSP)),y)
CSRC+=ssp.c
endif