Commit Graph

82 Commits

Author SHA1 Message Date
Christian Marangi
a77397e830
config: imply apk-mbedtls with USE_APK
On top of the fixup to select apk-mbedtls when USE_APK is enabled from a
new config, also imply the package when enabling the config to catch
.config that are already init.

(Having both opkg and apk installed in a system is not a problem but if
USE_APK is used, APK presence in the system is mandatory)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:19 +02:00
Christian Marangi
25bbefcdd9
apk: limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)

Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:19 +02:00
Paul Spooren
d788ab376f build: add APK package build capabilities
A new option called `USE_APK` is added which generated APK packages
(.apk) instead of OPKG packages (.ipk).

Some features like fstools `snapshot` command are not yet ported

Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-05-17 23:21:26 +03:00
Robert Marko
ca1c7635b9 config: build: dont allow STRIP_KERNEL_EXPORTS on kernel 6.6
STRIP_KERNEL_EXPORTS is currently not working on kernel 6.6 as there
have been major changes in the upstream kernel.

I have looked at it, and I dont think we can adapt the current patch to
work so until this is fixed lets prevent STRIP_KERNEL_EXPORTS from
being selected on 6.6.

Link: https://github.com/openwrt/openwrt/pull/15498
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-16 15:12:53 +02:00
Cedric DOURLENT
869f8b21e7 build: add option for building with stack-protector-all
The GCC option -fstack-protector-all is a security feature used to protect against stack-smashing attacks.
This option enhances the stack-smashing protection provided by -fstack-protector-strong.
-fstack-protector-all option applies stack protection to all functions, regardless of their characteristics.
While this offers the most comprehensive protection against stack-smashing attacks, it can significantly impact
the performance of the program because every function call includes additional checks for stack integrity.
This option can incur a performance penalty because of the extra checks added to every function call,
but it significantly enhances security, making it harder for attackers to exploit buffer overflows to execute arbitrary code.
It's particularly useful in scenarios where security is paramount and performance trade-offs are acceptable.

Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com>
2024-01-19 21:27:14 +01:00
Petr Štetiar
d604a07225
build: add CycloneDX SBOM JSON support
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.

So lets add support for CycloneDX SBOM for packages and images
manifests.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-11-01 11:14:41 +00:00
Andre Heider
65a716bb95
config: add a knob to use the mold linker for packages
Building it requires gcc >= 10.2 or clang >= 12.

Using sstrip with its -z argument can produce non-working binaries, like
a segfaulting `getrandom`, so don't allow that combination.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-07-04 20:25:40 +02:00
Andre Heider
d026b19cdc
build: replace SSTRIP_ARGS with SSTRIP_DISCARD_TRAILING_ZEROES
sstrip only has one functional arg. Make that a bool option, which can
easily depend on other knobs then.

This is required to be disabled for the mold linker.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-07-04 20:25:40 +02:00
Andre Heider
9ea7019ffd
build: add a config knob to enable LTO for all packages
This enables LTO for all packages which haven't opted-out.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-21 18:28:24 +01:00
Andre Heider
aef8bab9d7
build: add a config knob to enable gc-sections for all packages
This enables the linker's garbage collection for all packages which haven't
opted-out.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-21 18:28:23 +01:00
Tony Butler
8bc72ea7be treewide: strip useless default n Kconfig lines
Kconfig docs say:
> The default value deliberately defaults to 'n' in order to avoid
> bloating the build.

Apply this rule everywhere, to avoid more cloning of bad examples

Signed-off-by: Tony Butler <spudz76@gmail.com>
2023-02-03 12:50:15 +01:00
Hauke Mehrtens
9403810c02 toolchain: Select USE_SSTRIP with external musl toolchain
When we use the internal toolchain USE_SSTRIP will be selected by
default for musl libc and USE_STRIP when glibc is used. Do the same when
an external toolchain is used. USE_GLIBC will also be set for external
toolchain builds based on the EXTERNAL_TOOLCHAIN_LIBC_USE_GLIBC setting.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-09-12 23:16:22 +02:00
Josh Roys
90c6e3aedf
scripts: always check certificates
Remove flags from wget and curl instructing them to ignore bad server
certificates. Although other mechanisms can protect against malicious
modifications of downloads, other vectors of attack may be available
to an adversary.

TLS certificate verification can be disabled by turning oof the
"Enable TLS certificate verification during package download" option
enabled by default in the "Global build settings" in "make menuconfig"

Signed-off-by: Josh Roys <roysjosh@gmail.com>
[ add additional info on how to disable this option ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-10 15:24:22 +02:00
Thibaut VARÈNE
832e7b8172 build: always set CONFIG_IPV6
Disabling this build tunable breaks build and seems unrealistically
likely to be fixed.

This patch sets the related CONFIG to always true and removes the
config prompt, keeping the change minimal, and, should !CONFIG_IPV6 ever
be fixed, easy to revert.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Paul Spooren <mail@aparcar.org>
Acked-by: Josef.Schlehofer <pepe.schlehofer@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2022-08-20 21:41:03 +03:00
Petr Štetiar
ce7264a6e0 config: build: cleanup whitespace issue
In order to have it tidy.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-02-19 13:10:01 +01:00
Hauke Mehrtens
bdc2194cbb config: Activate SECCOMP also on MIPS 64
This activates SECCOMP also on mips64 and mips64el.

This was working fine in a basic test in qemu.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-03 23:52:08 +01:00
Josh Soref
323bd7b0f5 build: fix various typos
Fix typos in comment and user-facing help text.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
[split out config changes, adjust commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-10-31 21:24:47 +01:00
Rosen Penev
6b2ed6101e uclibc++: remove
No package here depends on it. Furthermore, uClibc++ is a fairly buggy
C++ library and seems to be relatively inactive upstream.

It also lacks proper support for modern C++11 features.

The main benefit of it is size: 66.6 KB	vs 287.3 KB on mips24kc. Static
linking and LTO can help bring the size down of packages that need it.

Added warning message to uclibc++.mk

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-10-24 18:20:50 +02:00
Florian Eckert
b118efa0d2
buildsystem: add CONFIG_SECCOMP
Until now, this feature was switched on via the kernel configuration
option KERNEL_SECCOMP.

The follwing change a7f794cd2a now requires that
the package procd-seccomp must also enabled for buildinmg.

However, this is not the case we have no dependency and the imagebuilder
cannot build the image, because of the implicit package selection.

This change adds a new configuration option CONFIG_SECCOMP.
The new option  has the same behaviour as the configuration
option CONFIG_SELINUX.

If the CONFIG_SECCOMP is selected then the package procd-seccomp and
KERNEL_SECCOMP is enabled for this build.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-16 02:00:47 +01:00
Paul Spooren
181054bf79 build: create profiles.json per default
The file is a info file just like config.buildinfo, feeds.buildinfo and
version.buildinfo. It bundles these and more information in a machine
readable way.

This commit enables the creation of profiles.json by default and not
only for buildbots. By doing so it follow the behaviour of the
ImageBuilder which always creates the file, lastly this increases the
files visibility for downstream projects.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-21 08:12:21 -10:00
Paul Spooren
a17b8eaa2e build: use SPDX license tags
The license folder is a core part of OpenWrt and all GPL-2.0 licensed.
Use SPDX license tags to allow machines to check licenses.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[rebase, keep some Copyright lines, sharpen commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 14:54:47 +01:00
Daniel Golle
8663072854 config: add big EXPERIMENTAL option
As discussed in the today's (2020-12-10) meeting, add a new option to
menuconfig to group the selection of all experimental features to be
selected by default.
Developers are recommended to make use of this new symbol to guard
new features.
Other developers and community members should feel encouraged to
build with this flag enabled to help testing and provide feedback.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-10 19:33:51 +00:00
Rosen Penev
f7d7a3a18b libcxx[abi]: remove
This is a neat project, but offers no benefit to OpenWrt. The initial
reason for it was to be a replacement for libstdcpp as it is smaller
and lacks compatibility for C++98. Unfortunately, compiling several
packages with it results in larger ipk sizes.

While not a member of the packages feed, this will be moved to
packages-abandoned to keep it somewhere.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-07 10:46:43 -10:00
Rui Salvaterra
3f567d8452 tools/sstrip: update to latest version
Drop our local sstrip copy and use the current ELFKickers upstream
version.

Patch the original makefile in order to avoid building elftoc, since it
fails with musl's elf.h. This is fine, since we only need sstrip anyway.

Finally, add the possibility to pass additional arguments to sstrip and
pass -z (remove trailing zeros) by default, which matches the behaviour
of the previous version.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[shorten long commit msg lines]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-11-26 12:44:25 -10:00
Paul Spooren
6e99e3157a config: clean double whitespace in Config-build.in
Trivial cosmetic cleanup. This also helps for script that parse for
options in Config files.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Reviewed-by: Petr Štetiar <ynezz@true.cz>
2020-11-25 08:09:13 -10:00
Daniel Golle
6e9b707ee2 Revert "refpolicy: add variant that builds modular policy"
This reverts commit 9eb9943f82.
Building the 'modular' variant requires 'semodule_package' from
'selinux-python' to be installed on the buildhost.
Apart from that, this change also broke the monolithic refpolicy
'targeted' build.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-22 15:20:35 +00:00
W. Michael Petullo
9eb9943f82 refpolicy: add variant that builds modular policy
This adds a variant of refpolicy that builds the modular form of the
policy. While this requires more memory on the target device, along with
some tricks to deal with OpenWrt's volatile /var directory, it is useful
for experiementing with SELinux policy.

Signed-off-by: W. Michael Petullo <mike@flyn.org>
2020-11-09 13:06:19 +00:00
Daniel Golle
ba9b6702aa config: clean up SELinux options
In order to make it easier for users to build with SELinux, have a
single option in 'Global build settings' to enable all necessary
kernel features, userland packages and build-system hooks.
Also add better descriptions and help messages while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 14:29:48 +01:00
Daniel Golle
a439f1bb47 config: add option for dssp selinux policy
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-09 02:10:05 +01:00
Daniel Golle
1a22964399 config: prepare for choice of SELinux policy
Only 'targeted' from refpolicy is supported for now.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-09-29 02:50:00 +01:00
Thomas Petazzoni
aee58d52ce build: add support for SELinux to include/image.mk
This allows the build process to prepare a squashfs filesystem for use
with SELinux.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase, add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2020-08-31 01:15:41 +01:00
Felix Fietkau
eb155f755a build: make prefix mapping of debug information optional
Remapping the local build path in debug information makes debugging
using ./scripts/remote-gdb harder, because files no longer refer to the full
path on the build host.

For local builds, debug information does not need to be reproducible,
since it will be stripped out of packages anyway.

For buildbot builds, it makes sense to keep debug information reproducible,
since the full path is not needed (nor desired) anywhere.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 12:36:24 +02:00
Hauke Mehrtens
f94b09867d build: Remove dependency of user space stack cookies from kernel
Currently the user space stack cookies work well also when the kernel
stack cookies are not activated. This is handled completely in user
space and does not need kernel support.

This dependency was probably needed some years ago when the libc did not
support stack cookies.

Reviewed-by: Ian Cooper <iancooper@hotmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-24 00:35:21 +02:00
Ian Cooper
b933f9cf0c toolchain: remove gcc libssp and use libc variant
Removes the standalone implementation of stack smashing protection
in gcc's libssp in favour of the native implementation available
in glibc and uclibc. Musl libc already uses its native ssp, so this
patch does not affect musl-based toolchains.

Stack smashing protection configuration options are now uniform
across all supported libc variants.

This also makes kernel-level stack smashing protection available
for x86_64 and i386 builds using non-musl libc.

Signed-off-by: Ian Cooper <iancooper@hotmail.com>
2020-06-17 23:57:07 +02:00
Paul Spooren
07449f692c build: refactor JSON info files to profiles.json
JSON info files contain machine readable information of built profiles
and resulting images. These files were added in commit 881ed09ee6
("build: create JSON files containing image info").

They are useful for firmware wizards and script checking for
reproducibility.

Currently all JSON files are stored next to the built images, resulting
in up to 168 individual files for the ath79/generic target.

This patch refactors the JSON creation to store individual per image
(not per profile) files in $(BUILD_DIR)/json_info_files and create an
single overview file called `profiles.json` in the target directory.

Storing per image files and not per profile solves the problem of
parallel file writes. If a profiles sysupgrade and factory image are
finished at the same time both processes would write to the same JSON
file, resulting in randomly broken outputs.

Some target like x86/64 do not use the image code yet, resulting in
missing JSON files. If no JSON info files were created, no
`profiles.json` files is created as it would be empty anyway.

As before, this creation is enabled by default only if `BUILDBOT` is set.

Tested via buildroot & ImageBuilder on ath79/generic, imx6 and x86/64.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[json_info_files dir handling in Make, if case refactoring]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-03 12:17:45 +02:00
Xu Wang
2299808c68 base-files: add all buildinfo with INCLUDE_CONFIG
CONFIG_INCLUDE_CONFIG option is helpful for being able to rebuild the
exact same firmware as you see on a live OpenWRT instance, but it's
crucially missing feeds information, so we can't rebuild the exact same
package versions. This commit fixes this by adding the remaining feeds
(and version) buildinfo files to the image.

Signed-off-by: Xu Wang <xwang1498@gmx.com>
2020-02-27 12:14:09 +01:00
Hauke Mehrtens
19cbac7d26 buildsystem: Make PIE ASLR option tristate
This tristate choose allows to select to build only some applications
with PIE enabled. On MIPS binaries are getting about 30% bigger when PIE
is activated for the, which is a huge increase.

Network exposed applications like dnsmasq should then be build with PIE
enabled, but some applications which are normally not parsing data from
the network do not have it activated. The regular option should give a
good trade off between extra flash and RAM memory usage and security.

This changes the default from building no applications with PIE to build
some specifically marked applications with PIE enabled. This option is
only activated for targets with bigger flash and RAM to not consume
extra memory on the very small targets. On SDK builds the Regular option
should always be selected, because some tiny targets share the
applications with big targets and only the images for the tiny targets
should contain the none PIE applications, but the images for the normal
targets should use PIE. The shared packages should always use PIE when
it should be normally activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
Rosen Penev
fb19fb868c libcxx: Depenency fixes
Don't build with uClibc-ng. It's totally unsupported as several functions
are missing.

Make the musl libc support conditional.

Fix hash with make check FIXUP=1. Apparently I based the Makefile off of
libedit and forgot to fix the hash.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes: 856ea2bad3 ("libcxx: Add package")
2019-12-23 12:08:23 +01:00
Rosen Penev
856ea2bad3 libcxx: Add package
Currently in OpenWrt, there are two libc++: libstdcpp and uClibc++. The
former is huge and the latter supports only C++98 with some basic support
for C++11. Those C++ versions seem to be specific to the compiler version

libcxx supports C++11 and above while being much smaller than libstdcpp.
On mt7621, these are the sizes of the ipks that I get:

libstdcpp: 460786
libcxx: 182881
uClibc++:67720

libcxx is faster than uClibc++ and is under active development as part of
the LLVM project while uClibc++ is effectively dead.

This PR modifies uclibc++.mk to expose the make menuconfig option. Further
cleanup is beyond the scope of this PR. What that means is, this is not
used by default.

A g++-libcxx wrapper based on the uClibc++ one was added. Works the same
way.

Compile tested with all packages that use uclibc++.mk in their Makefiles
under mipsel_24kc. kismet fails compilation but that package needs to be
cleaned up and updated.

Runtime tested with gddrescue, gdisk, dcwapd, bonnie++, and aircrack-ng
on a TP-Link Archer C7v2.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-12-23 00:22:07 +01:00
John Crispin
f4aaee01fa Revert "build: separate signing logic"
This reverts commit 4a45e69d19.

This broke the buildbots

Signed-off-by: John Crispin <john@phrozen.org>
2019-10-21 16:26:24 +02:00
Paul Spooren
4a45e69d19 build: separate signing logic
This separates the options for signature creation and verification

* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys

Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-21 14:06:42 +02:00
Paul Spooren
419eff50f9 config: remove unused GCC_VERSION_4_8 config symbols
Lets remove unused GCC_VERSION_4_8 symbol after the series of patches
which has switched to target gcc-8 by default.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Paul Spooren
881ed09ee6 build: create JSON files containing image info
The JSON info files contain details about the created firmware images
per device and are stored next to the created images.

The JSON files are stored as "$(IMAGE_PREFIX).json" and contain some
device/image meta data as well as a list of created firmware images.

An example of openwrt-ramips-rt305x-aztech_hw550-3g.json

    {
      "id": "aztech_hw550-3g",
      "image_prefix": "openwrt-ramips-rt305x-aztech_hw550-3g",
      "images": [
        {
          "name": "openwrt-ramips-rt305x-aztech_hw550-3g-squashfs-sysupgrade.bin",
          "sha256": "db2b34b0ec4a83d9bf612cf66fab0dc3722b191cb9bedf111e5627a4298baf20",
          "type": "sysupgrade"
        }
      ],
      "metadata_version": 1,
      "supported_devices": [
        "aztech,hw550-3g",
        "hw550-3g"
      ],
      "target": "ramips/rt305x",
      "titles": [
        {
          "model": "HW550-3G",
          "vendor": "Aztech"
        },
        {
          "model": "ALL0239-3G",
          "vendor": "Allnet"
        }
      ],
      "version_commit": "r10920+123-0cc87b3bac",
      "version_number": "SNAPSHOT"
    }

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-09-29 13:51:28 +02:00
Paul Spooren
454021581f build: add buildinfo files for reproducibility
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).

With this information it should be possible to reproduce any build,
especially the release builds.

Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.

Content of feeds.buildinfo would look similar to this:

    src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
    src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
    ...

Content of version.buildinfo would look similar to this:

    r10203+1-c12bd3a21b

Without the exact feed revision it is not possible to determine
installed package versions.

Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-08-13 10:40:36 +02:00
Jo-Philipp Wich
f565f276e2 config: introduce separate CONFIG_SIGNATURE_CHECK option
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.

This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.

Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.

As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-06 21:22:27 +02:00
Felix Fietkau
85017c40f4 build: add a config option for enabling a testing version of the target kernel
If the target supports a newer kernel version that is not used by default
yet, it can be enabled with this option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-05-11 11:37:10 +02:00
Michal Hrusecky
74450124f6 build: Optionally provide file checksums in package metadata
This may be useful if you don't entirely trust your flash and want to be able
to check for corruptions.

Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
2019-01-22 09:22:25 +01:00
Hauke Mehrtens
e790227553 kernel: Fix KERNEL_STACKPROTECTOR on kernel 4.19
The configuration option was renamed with kernel 4.19 from
CONFIG_CC_STACKPROTECTOR to CONFIG_STACKPROTECTOR adapt the code to set
both options.

CONFIG_STACKPROTECTOR now sets the regular stack protector and
CONFIG_STACKPROTECTOR_STRONG activates the additional protection of more
functions.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-26 17:32:48 +01:00
Julien Dusser
241e6dd3e9 build: cleanup SSP_SUPPORT configure option
Configure variable SSP_SUPPORT is ambiguous for packages (tor, openssh,
avahi, freeswitch). It means 'toolchain supporting SSP', but for toolchain
and depends it means 'build gcc with libssp'.

Musl no longer uses libssp (1877bc9d8f), it has internal support, so
SSP_SUPPORT was disabled leading some package to not use SSP.

No information why Glibc and uClibc use libssp, but they may also provide
their own SSP support. uClibc used it own with commit 933b588e25 but it was
reverted in f3cacb9e84 without details.

Create an new configure GCC_LIBSSP and automatically enable SSP_SUPPORT
if either USE_MUSL or GCC_LIBSSP.

Signed-off-by: Julien Dusser <julien.dusser@free.fr>
2018-01-27 19:02:48 +01:00
Julien Dusser
df0bd42fde build: add hardened builds with PIE (ASLR) support
Introduce a configuration option to build a "hardened" OpenWrt with
ASLR PIE support.

Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR)
by building Position Independent Executables (PIE). This new option protects
against "return-to-text" attacks.

Busybox need a special care, link is done with ld, not gcc, leading to
unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE.

If other failing packages were found, PKG_ASLR_PIE:=0 should be added to
their Makefiles.

Original Work by: Yongkui Han <yonhan@cisco.com>
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
2018-01-27 16:46:45 +01:00