diff options
author | Steven Noonan <steven@uplinklabs.net> | 2015-12-27 12:07:31 +0100 |
---|---|---|
committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2015-12-27 15:30:09 +0100 |
commit | d29c7196bf5e610123dcc697197d4013d5869f68 (patch) | |
tree | 208807555bb34233bab2817d968bc7e427a31daa /Config.in.legacy | |
parent | 9ac65b37bd34a4ba9a97156ace0fe91ce3670912 (diff) |
toolchain: granular choice for stack protector
Currently, we only support two levels of stach-smashing protection:
- entirely disabled,
- protect _all_ functions with -fstack-protector-all.
-fstack-protector-all tends to be far too aggressive and impacts
performance too much to be worth on a real product.
Add a choice that allows us to select between different levels of
stack-smashing protection:
- none
- basic (NEW)
- strong (NEW)
- all
The differences are documented in the GCC online documentation:
https://gcc.gnu.org/onlinedocs/gcc-4.9.2/gcc/Optimize-Options.html
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
[yann.morin.1998@free.fr:
- rebase
- add legacy handling
- SSP-strong depends on gcc >= 4.9
- slightly simple ifeq-block in package/Makefile.in
- keep the comment in the choice; add a comment shen strong is not
available
- drop the defaults (only keep the legacy)
- update commit log
]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas:
- only show the choice if the toolchain has SSP support
- add details for the BR2_SSP_ALL option that it has a significant
performance impact.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'Config.in.legacy')
-rw-r--r-- | Config.in.legacy | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Config.in.legacy b/Config.in.legacy index 262879681..5d45d04c0 100644 --- a/Config.in.legacy +++ b/Config.in.legacy @@ -145,6 +145,14 @@ endif ############################################################################### comment "Legacy options removed in 2016.02" +# BR2_ENABLE_SSP is still referenced in Config.in (default in choice) +config BR2_ENABLE_SSP + bool "Stack Smashing protection now has different levels" + help + The protection offered by SSP can now be selected from different + protection levels. Be sure to review the SSP level in the build + options menu. + config BR2_PACKAGE_DIRECTFB_CLE266 bool "cle266 driver for directfb removed" select BR2_LEGACY |