config ALL_NONSHARED
bool "Select all target specific packages by default"
- default ALL || BUILDBOT
+ select ALL_KMODS
+ default BUILDBOT
config ALL_KMODS
bool "Select all kernel module packages by default"
- default ALL
config ALL
bool "Select all userspace packages by default"
- default n
+ select ALL_KMODS
+ select ALL_NONSHARED
config BUILDBOT
bool "Set build defaults for automatic builds (e.g. via buildbot)"
default n
config BUILD_PATENTED
- default y
+ default n
bool "Compile with support for patented functionality"
help
When this option is disabled, software which provides patented functionality
Useful for release builds, so that kernel issues can be debugged offline
later.
- comment "Kernel build options"
+ menu "Kernel build options"
source "config/Config-kernel.in"
+ endmenu
+
comment "Package build options"
config DEBUG
this per package by adding PKG_CHECK_FORMAT_SECURITY:=0 in the package
Makefile.
+ config PKG_ASLR_PIE
+ bool
+ prompt "User space ASLR PIE compilation"
+ select BUSYBOX_DEFAULT_PIE
+ default n
+ help
+ Add -fPIC to CFLAGS and -specs=hardened-build-ld to LDFLAGS.
+ This enables package build as Position Independent Executables (PIE)
+ to protect against "return-to-text" attacks. This belongs to the
+ feature of Address Space Layout Randomisation (ASLR), which is
+ implemented by the kernel and the ELF loader by randomising the
+ location of memory allocations. This makes memory addresses harder
+ to predict when an attacker is attempting a memory-corruption exploit.
+ You can disable this per package by adding PKG_ASLR_PIE:=0 in the package
+ Makefile.
+
choice
prompt "User space Stack-Smashing Protection"
depends on USE_MUSL
bool "None"
config PKG_CC_STACKPROTECTOR_REGULAR
bool "Regular"
- select SSP_SUPPORT if !USE_MUSL
+ select GCC_LIBSSP if !USE_MUSL
depends on KERNEL_CC_STACKPROTECTOR_REGULAR
config PKG_CC_STACKPROTECTOR_STRONG
bool "Strong"
- select SSP_SUPPORT if !USE_MUSL
+ select GCC_LIBSSP if !USE_MUSL
depends on !GCC_VERSION_4_8
depends on KERNEL_CC_STACKPROTECTOR_STRONG
endchoice