summaryrefslogtreecommitdiff
path: root/extra/Configs/Config.in
diff options
context:
space:
mode:
Diffstat (limited to 'extra/Configs/Config.in')
-rw-r--r--extra/Configs/Config.in17
1 files changed, 12 insertions, 5 deletions
diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in
index 5b8283dda..e372dbfd1 100644
--- a/extra/Configs/Config.in
+++ b/extra/Configs/Config.in
@@ -282,21 +282,21 @@ config UCLIBC_CTOR_DTOR
then you definitely want to answer Y here. If you don't need ctors
or dtors and want your binaries to be as small as possible, then
answer N.
-
-config UCLIBC_PROPOLICE
+
+config UCLIBC_HAS_SSP
bool "Support for propolice stack protection"
default n
help
- Propolice stack protection.
+ Adds propolice protection to libc (__guard and __stack_smash_handler).
More about it on <http://www.research.ibm.com/trl/projects/security/ssp> .
To be able to use it, you'll also need a propolice patched gcc,
supporting the -fstack-protector[-all] options. It is a specially patched
- gcc version, were __guard and __stack_smash_handler are removed from libgcc.
+ gcc version, where __guard and __stack_smash_handler are removed from libgcc.
Most people will answer N.
choice
prompt "Propolice protection blocking signal"
- depends on UCLIBC_PROPOLICE
+ depends on UCLIBC_HAS_SSP
default PROPOLICE_BLOCK_ABRT if ! DODEBUG
default PROPOLICE_BLOCK_SEGV if DODEBUG
help
@@ -322,6 +322,13 @@ config PROPOLICE_BLOCK_KILL
endchoice
+config UCLIBC_BUILD_SSP
+ bool "Build uClibc with propolice protection"
+ depends on UCLIBC_HAS_SSP
+ default n
+ help
+ Build all libraries and executables with propolice protection enabled.
+
config HAS_NO_THREADS
bool
default n