From 503ab93cfe0f20976435f62e46b37afae6d8cdab Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <jacmet@sunsite.dk>
Date: Wed, 22 Apr 2009 07:27:22 +0000
Subject: toolchain: add BR2_USE_SSP option for stack protection support

Using the support in uClibc.
---
 toolchain/uClibc/uClibc-0.9.29.config | 10 +++++++---
 toolchain/uClibc/uClibc-0.9.30.config | 11 ++++++++---
 toolchain/uClibc/uclibc.mk            |  5 +++++
 3 files changed, 20 insertions(+), 6 deletions(-)

(limited to 'toolchain/uClibc')

diff --git a/toolchain/uClibc/uClibc-0.9.29.config b/toolchain/uClibc/uClibc-0.9.29.config
index e46c70671..3e43059e9 100644
--- a/toolchain/uClibc/uClibc-0.9.29.config
+++ b/toolchain/uClibc/uClibc-0.9.29.config
@@ -173,14 +173,18 @@ DEVEL_PREFIX="/usr/"
 #
 # uClibc security related options
 #
-# UCLIBC_SECURITY is not set
 # UCLIBC_BUILD_PIE is not set
 # UCLIBC_HAS_ARC4RANDOM is not set
 # HAVE_NO_SSP is not set
-# UCLIBC_HAS_SSP is not set
+UCLIBC_HAS_SSP=y
+# UCLIBC_HAS_SSP_COMPAT is not set
+# SSP_QUICK_CANARY is not set
+PROPOLICE_BLOCK_ABRT=y
+# PROPOLICE_BLOCK_SEGV is not set
+# UCLIBC_BUILD_SSP is not set
 UCLIBC_BUILD_RELRO=y
 UCLIBC_BUILD_NOW=y
-# UCLIBC_BUILD_NOEXECSTACK is not set
+UCLIBC_BUILD_NOEXECSTACK=y
 
 #
 # uClibc development/debugging options
diff --git a/toolchain/uClibc/uClibc-0.9.30.config b/toolchain/uClibc/uClibc-0.9.30.config
index 91b8c120a..30db7fe45 100644
--- a/toolchain/uClibc/uClibc-0.9.30.config
+++ b/toolchain/uClibc/uClibc-0.9.30.config
@@ -196,12 +196,17 @@ DEVEL_PREFIX="/usr/"
 # Security options
 #
 # UCLIBC_BUILD_PIE is not set
-UCLIBC_HAS_ARC4RANDOM=y
+# UCLIBC_HAS_ARC4RANDOM is not set
 # HAVE_NO_SSP is not set
-# UCLIBC_HAS_SSP is not set
+UCLIBC_HAS_SSP=y
+# UCLIBC_HAS_SSP_COMPAT is not set
+# SSP_QUICK_CANARY is not set
+PROPOLICE_BLOCK_ABRT=y
+# PROPOLICE_BLOCK_SEGV is not set
+# UCLIBC_BUILD_SSP is not set
 UCLIBC_BUILD_RELRO=y
 UCLIBC_BUILD_NOW=y
-# UCLIBC_BUILD_NOEXECSTACK is not set
+UCLIBC_BUILD_NOEXECSTACK=y
 
 #
 # uClibc development/debugging options
diff --git a/toolchain/uClibc/uclibc.mk b/toolchain/uClibc/uclibc.mk
index 164c474f5..b39b9399b 100644
--- a/toolchain/uClibc/uclibc.mk
+++ b/toolchain/uClibc/uclibc.mk
@@ -302,6 +302,11 @@ else
 	$(SED) '/UCLIBC_HAS_FLOATS/d' \
 		-e 's,.*UCLIBC_HAS_FPU.*,UCLIBC_HAS_FPU=y\nHAS_FPU=y\nUCLIBC_HAS_FLOATS=y\n,g' \
 		$(UCLIBC_DIR)/.oldconfig
+endif
+ifeq ($(BR2_USE_SSP),y)
+	$(SED) 's,^.*UCLIBC_HAS_SSP[^_].*,UCLIBC_HAS_SSP=y,g' $(UCLIBC_DIR)/.oldconfig
+else
+	$(SED) 's,^.*UCLIBC_HAS_SSP[^_].*,UCLIBC_HAS_SSP=n,g' $(UCLIBC_DIR)/.oldconfig
 endif
 	$(SED) '/UCLIBC_HAS_THREADS/d' $(UCLIBC_DIR)/.oldconfig
 	$(SED) '/LINUXTHREADS/d' $(UCLIBC_DIR)/.oldconfig
-- 
cgit v1.2.3