|author||Matt Weber <email@example.com>||2018-01-23 22:09:41 -0600|
|committer||Peter Korsgaard <firstname.lastname@example.org>||2018-01-28 15:21:14 +0100|
security hardening: add RELFO, FORTIFY options
This enables a user to build a complete system using these options. It is important to note that not all packages will build correctly to start with. Modeled after OpenWRT approach https://github.com/openwrt/openwrt/blob/master/config/Config-build.in#L176 A good testing tool to check a target's elf files for compliance to an array of hardening techniques can be found here: https://github.com/slimm609/checksec.sh [Peter: reword fortify help texts, glibc comment] Signed-off-by: Matthew Weber <email@example.com> Signed-off-by: Peter Korsgaard <firstname.lastname@example.org>
Diffstat (limited to 'Config.in')
1 files changed, 70 insertions, 0 deletions
@@ -734,6 +734,76 @@ endchoice
comment "Stack Smashing Protection needs a toolchain w/ SSP"
depends on !BR2_TOOLCHAIN_HAS_SSP
+ bool "RELRO Protection"
+ depends on BR2_SHARED_LIBS
+ Enable a link-time protection know as RELRO (RELocation Read Only)
+ which helps to protect from certain type of exploitation techniques
+ altering the content of some ELF sections.
+ bool "None"
+ Disables Relocation link-time protections.
+ bool "Partial"
+ This option makes the dynamic section not writeable after
+ initialization (with almost no performance penalty).
+ bool "Full"
+ This option includes the partial configuration, but also
+ marks the GOT as read-only at the cost of initialization time
+ during program loading, i.e every time an executable is started.
+comment "RELocation Read Only (RELRO) needs shared libraries"
+ depends on !BR2_SHARED_LIBS
+ bool "Buffer-overflow Detection (FORTIFY_SOURCE)"
+ depends on BR2_TOOLCHAIN_USES_GLIBC
+ depends on !BR2_OPTIMIZE_0
+ Enable the _FORTIFY_SOURCE macro which introduces additional
+ checks to detect buffer-overflows in the following standard library
+ functions: memcpy, mempcpy, memmove, memset, strcpy, stpcpy,
+ strncpy, strcat, strncat, sprintf, vsprintf, snprintf, vsnprintf,
+ NOTE: This feature requires an optimization level of s/1/2/3/g
+ Support for this feature has been present since GCC 4.x.
+ bool "None"
+ Disables additional checks to detect buffer-overflows.
+ bool "Conservative"
+ This option sets _FORTIFY_SOURCE to 1 and only introduces
+ checks that shouldn't change the behavior of conforming
+ programs. Adds checks at compile-time only.
+ bool "Aggressive"
+ This option sets _FORTIFY_SOURCES to 2 and some more
+ checking is added, but some conforming programs might fail.
+ Also adds checks at run-time (detected buffer overflow
+ terminates the program)
+comment "Fortify Source needs a glibc toolchain and optimization"
+ depends on (!BR2_TOOLCHAIN_USES_GLIBC || BR2_OPTIMIZE_0)