diff options
Diffstat (limited to 'extra/Configs/Config.in')
-rw-r--r-- | extra/Configs/Config.in | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in index 5b8283dda..e372dbfd1 100644 --- a/extra/Configs/Config.in +++ b/extra/Configs/Config.in @@ -282,21 +282,21 @@ config UCLIBC_CTOR_DTOR then you definitely want to answer Y here. If you don't need ctors or dtors and want your binaries to be as small as possible, then answer N. - -config UCLIBC_PROPOLICE + +config UCLIBC_HAS_SSP bool "Support for propolice stack protection" default n help - Propolice stack protection. + Adds propolice protection to libc (__guard and __stack_smash_handler). More about it on <http://www.research.ibm.com/trl/projects/security/ssp> . To be able to use it, you'll also need a propolice patched gcc, supporting the -fstack-protector[-all] options. It is a specially patched - gcc version, were __guard and __stack_smash_handler are removed from libgcc. + gcc version, where __guard and __stack_smash_handler are removed from libgcc. Most people will answer N. choice prompt "Propolice protection blocking signal" - depends on UCLIBC_PROPOLICE + depends on UCLIBC_HAS_SSP default PROPOLICE_BLOCK_ABRT if ! DODEBUG default PROPOLICE_BLOCK_SEGV if DODEBUG help @@ -322,6 +322,13 @@ config PROPOLICE_BLOCK_KILL endchoice +config UCLIBC_BUILD_SSP + bool "Build uClibc with propolice protection" + depends on UCLIBC_HAS_SSP + default n + help + Build all libraries and executables with propolice protection enabled. + config HAS_NO_THREADS bool default n |