3 mainmenu "Buildroot $BR2_VERSION Configuration"
5 config BR2_HAVE_DOT_CONFIG
11 option env="BR2_VERSION_FULL"
21 # br2-external paths definitions
22 source "$BR2_BASE_DIR/.br2-external.in.paths"
24 # Hidden config symbols for packages to check system gcc version
25 config BR2_HOST_GCC_VERSION
27 option env="HOST_GCC_VERSION"
29 config BR2_HOST_GCC_AT_LEAST_4_9
31 default y if BR2_HOST_GCC_VERSION = "4 9"
33 config BR2_HOST_GCC_AT_LEAST_5
35 default y if BR2_HOST_GCC_VERSION = "5"
36 select BR2_HOST_GCC_AT_LEAST_4_9
38 config BR2_HOST_GCC_AT_LEAST_6
40 default y if BR2_HOST_GCC_VERSION = "6"
41 select BR2_HOST_GCC_AT_LEAST_5
43 config BR2_HOST_GCC_AT_LEAST_7
45 default y if BR2_HOST_GCC_VERSION = "7"
46 select BR2_HOST_GCC_AT_LEAST_6
48 config BR2_HOST_GCC_AT_LEAST_8
50 default y if BR2_HOST_GCC_VERSION = "8"
51 select BR2_HOST_GCC_AT_LEAST_7
53 config BR2_HOST_GCC_AT_LEAST_9
55 default y if BR2_HOST_GCC_VERSION = "9"
56 select BR2_HOST_GCC_AT_LEAST_8
58 # When adding new entries above, be sure to update
59 # the HOSTCC_MAX_VERSION variable in the Makefile.
61 # Hidden boolean selected by packages in need of Java in order to build
63 config BR2_NEEDS_HOST_JAVA
66 # Hidden boolean selected by packages in need of javac in order to build
67 # (example: classpath)
68 config BR2_NEEDS_HOST_JAVAC
71 # Hidden boolean selected by packages in need of jar in order to build
72 # (example: classpath)
73 config BR2_NEEDS_HOST_JAR
76 # Hidden boolean selected by pre-built packages for x86, when they
77 # need to run on x86-64 machines (example: pre-built external
78 # toolchains, binary tools like SAM-BA, etc.).
79 config BR2_HOSTARCH_NEEDS_IA32_LIBS
82 # Hidden boolean selected by packages that need to build 32 bits
83 # binaries with the host compiler, even on 64 bits build machines (e.g
85 config BR2_HOSTARCH_NEEDS_IA32_COMPILER
88 # Hidden boolean selected by packages that need the host to have an
90 config BR2_NEEDS_HOST_UTF8_LOCALE
93 source "arch/Config.in"
100 string "Wget command"
101 default "wget --passive-ftp -nd -t 3"
104 string "Subversion (svn) command"
105 default "svn --non-interactive"
108 string "Bazaar (bzr) command"
119 config BR2_LOCALFILES
120 string "Local files retrieval command"
124 string "Secure copy (scp) command"
128 string "Mercurial (hg) command"
132 string "zcat command"
135 Command to be used to extract a gzip'ed file to stdout. zcat
136 is identical to gunzip -c except that the former may not be
137 available on your system.
138 Default is "gzip -d -c"
139 Other possible values include "gunzip -c" or "zcat".
142 string "bzcat command"
145 Command to be used to extract a bzip2'ed file to stdout.
146 bzcat is identical to bunzip2 -c except that the former may
147 not be available on your system.
149 Other possible values include "bunzip2 -c" or "bzip2 -d -c".
152 string "xzcat command"
155 Command to be used to extract a xz'ed file to stdout.
159 string "lzcat command"
162 Command to be used to extract a lzip'ed file to stdout.
163 Default is "lzip -d -c"
165 config BR2_TAR_OPTIONS
169 Options to pass to tar when extracting the sources.
170 E.g. " -v --exclude='*.svn*'" to exclude all .svn internal
171 files and to be verbose.
175 config BR2_DEFCONFIG_FROM_ENV
177 option env="BR2_DEFCONFIG"
180 string "Location to save buildroot config"
181 default BR2_DEFCONFIG_FROM_ENV if BR2_DEFCONFIG_FROM_ENV != ""
182 default "$(CONFIG_DIR)/defconfig"
184 When running 'make savedefconfig', the defconfig file will be
185 saved in this location.
188 string "Download dir"
189 default "$(TOPDIR)/dl"
191 Directory to store all the source files that we need to fetch.
192 If the Linux shell environment has defined the BR2_DL_DIR
193 environment variable, then this overrides this configuration
195 The directory is organized with a subdirectory for each
196 package. Each package has its own $(LIBFOO_DL_DIR) variable
197 that can be used to find the correct path.
199 The default is $(TOPDIR)/dl
203 default "$(BASE_DIR)/host"
205 Directory to store all the binary files that are built for the
206 host. This includes the cross compilation toolchain when
207 building the internal buildroot toolchain.
209 The default is $(BASE_DIR)/host
211 menu "Mirrors and Download locations"
213 config BR2_PRIMARY_SITE
214 string "Primary download site"
217 Primary site to download from. If this option is set then
218 buildroot will try to download package source first from this
219 site and try the default if the file is not found.
221 - URIs recognized by $(WGET)
222 - local URIs of the form file://absolutepath
223 - scp URIs of the form scp://[user@]host:path.
225 config BR2_PRIMARY_SITE_ONLY
226 bool "Only allow downloads from primary download site"
227 depends on BR2_PRIMARY_SITE != ""
229 If this option is enabled, downloads will only be attempted
230 from the primary download site. Other locations, like the
231 package's official download location or the backup download
232 site, will not be considered. Therefore, if the package is not
233 present on the primary site, the download fails.
235 This is useful for project developers who want to ensure that
236 the project can be built even if the upstream tarball
239 if !BR2_PRIMARY_SITE_ONLY
241 config BR2_BACKUP_SITE
242 string "Backup download site"
243 default "http://sources.buildroot.net"
245 Backup site to download from. If this option is set then
246 buildroot will fall back to download package sources from here
247 if the normal location fails.
249 config BR2_KERNEL_MIRROR
250 string "Kernel.org mirror"
251 default "https://cdn.kernel.org/pub"
253 kernel.org is mirrored on a number of servers around the
254 world. The following allows you to select your preferred
255 mirror. By default, a CDN is used, which automatically
256 redirects to a mirror geographically close to you.
258 Have a look on the kernel.org site for a list of mirrors, then
259 enter the URL to the base directory. Examples:
261 http://www.XX.kernel.org/pub (XX = country code)
262 http://mirror.aarnet.edu.au/pub/ftp.kernel.org
264 config BR2_GNU_MIRROR
265 string "GNU Software mirror"
266 default "http://ftpmirror.gnu.org"
268 GNU has multiple software mirrors scattered around the
269 world. The following allows you to select your preferred
270 mirror. By default, a generic address is used, which
271 automatically selects an up-to-date and local mirror.
273 Have a look on the gnu.org site for a list of mirrors, then
274 enter the URL to the base directory. Examples:
276 http://ftp.gnu.org/pub/gnu
277 http://mirror.aarnet.edu.au/pub/gnu
279 config BR2_LUAROCKS_MIRROR
280 string "LuaRocks mirror"
281 default "http://rocks.moonscript.org"
285 See http://luarocks.org
287 config BR2_CPAN_MIRROR
288 string "CPAN mirror (Perl packages)"
289 default "http://cpan.metacpan.org"
291 CPAN (Comprehensive Perl Archive Network) is a repository of
292 Perl packages. It has multiple software mirrors scattered
293 around the world. This option allows you to select a mirror.
295 The list of mirrors is available at:
296 http://search.cpan.org/mirror
303 int "Number of jobs to run simultaneously (0 for auto)"
306 Number of jobs to run simultaneously. If 0, determine
307 automatically according to number of CPUs on the host system.
310 bool "Enable compiler cache"
312 This option will enable the use of ccache, a compiler cache.
313 It will cache the result of previous builds to speed up future
314 builds. By default, the cache is stored in
315 $HOME/.buildroot-ccache.
317 Note that Buildroot does not try to invalidate the cache
318 contents when the compiler changes in an incompatible way.
319 Therefore, if you make a change to the compiler version and/or
320 configuration, you are responsible for purging the ccache
321 cache by removing the $HOME/.buildroot-ccache directory.
325 config BR2_CCACHE_DIR
326 string "Compiler cache location"
327 default "$(HOME)/.buildroot-ccache"
329 Where ccache should store cached files.
330 If the Linux shell environment has defined the BR2_CCACHE_DIR
331 environment variable, then this overrides this configuration
334 config BR2_CCACHE_INITIAL_SETUP
335 string "Compiler cache initial setup"
337 Initial ccache settings to apply, such as --max-files or
340 For example, if your project is known to require more space
341 than the default max cache size, then you might want to
342 increase the cache size to a suitable amount using the -M
345 The string you specify here is passed verbatim to ccache.
346 Refer to ccache documentation for more details.
348 These initial settings are applied after ccache has been
351 config BR2_CCACHE_USE_BASEDIR
352 bool "Use relative paths"
355 Allow ccache to convert absolute paths within the output
356 directory into relative paths.
358 During the build, many -I include directives are given with an
359 absolute path. These absolute paths end up in the hashes that
360 are computed by ccache. Therefore, when you build from a
361 different directory, the hash will be different and the cached
362 object will not be used.
364 To improve cache performance, set this option to y. This
365 allows ccache to rewrite absolute paths within the output
366 directory into relative paths. Note that only paths within the
367 output directory will be rewritten; therefore, if you change
368 BR2_HOST_DIR to point outside the output directory and
369 subsequently move it to a different location, this will lead
372 This option has as a result that the debug information in the
373 object files also has only relative paths. Therefore, make
374 sure you cd to the build directory before starting gdb. See
375 the section "COMPILING IN DIFFERENT DIRECTORIES" in the ccache
376 manual for more information.
380 config BR2_ENABLE_DEBUG
381 bool "build packages with debugging symbols"
383 Build packages with debugging symbols enabled. All libraries
384 and binaries in the 'staging' directory will have debugging
385 symbols, which allows remote debugging even if libraries and
386 binaries are stripped on the target. Whether libraries and
387 binaries are stripped on the target is controlled by the
388 BR2_STRIP_* options below.
392 prompt "gcc debug level"
395 Set the debug level for gcc
400 Debug level 1 produces minimal information, enough for making
401 backtraces in parts of the program that you don't plan to
402 debug. This includes descriptions of functions and external
403 variables, but no information about local variables and no
409 The default gcc debug level is 2
414 Level 3 includes extra information, such as all the macro
415 definitions present in the program. Some debuggers support
416 macro expansion when you use -g3.
420 config BR2_STRIP_strip
421 bool "strip target binaries"
423 depends on !BR2_PACKAGE_HOST_ELF2FLT
425 Binaries and libraries in the target filesystem will be
426 stripped using the normal 'strip' command. This allows to save
427 space, mainly by removing debugging symbols. Debugging symbols
428 on the target are needed for native debugging, but not when
429 remote debugging is used.
431 config BR2_STRIP_EXCLUDE_FILES
432 string "executables that should not be stripped"
434 depends on BR2_STRIP_strip
436 You may specify a space-separated list of binaries and
437 libraries here that should not be stripped on the target.
439 config BR2_STRIP_EXCLUDE_DIRS
440 string "directories that should be skipped when stripping"
442 depends on BR2_STRIP_strip
444 You may specify a space-separated list of directories that
445 should be skipped when stripping. Binaries and libraries in
446 these directories will not be touched. The directories should
447 be specified relative to the target directory, without leading
451 prompt "gcc optimization level"
452 default BR2_OPTIMIZE_S
454 Set the optimization level for gcc
456 config BR2_OPTIMIZE_0
457 bool "optimization level 0"
461 config BR2_OPTIMIZE_1
462 bool "optimization level 1"
464 Optimize. Optimizing compilation takes somewhat more time, and
465 a lot more memory for a large function. With -O, the compiler
466 tries to reduce code size and execution time, without
467 performing any optimizations that take a great deal of
468 compilation time. -O turns on the following optimization
469 flags: -fdefer-pop -fdelayed-branch -fguess-branch-probability
470 -fcprop-registers -floop-optimize -fif-conversion
471 -fif-conversion2 -ftree-ccp -ftree-dce -ftree-dominator-opts
472 -ftree-dse -ftree-ter -ftree-lrs -ftree-sra -ftree-copyrename
473 -ftree-fre -ftree-ch -funit-at-a-time -fmerge-constants. -O
474 also turns on -fomit-frame-pointer on machines where doing so
475 does not interfere with debugging.
477 config BR2_OPTIMIZE_2
478 bool "optimization level 2"
480 Optimize even more. GCC performs nearly all supported
481 optimizations that do not involve a space-speed tradeoff. The
482 compiler does not perform loop unrolling or function inlining
483 when you specify -O2. As compared to -O, this option increases
484 both compilation time and the performance of the generated
485 code. -O2 turns on all optimization flags specified by -O. It
486 also turns on the following optimization flags:
487 -fthread-jumps -fcrossjumping -foptimize-sibling-calls
488 -fcse-follow-jumps -fcse-skip-blocks -fgcse -fgcse-lm
489 -fexpensive-optimizations -fstrength-reduce
490 -frerun-cse-after-loop -frerun-loop-opt -fcaller-saves
491 -fpeephole2 -fschedule-insns -fschedule-insns2
492 -fsched-interblock -fsched-spec -fregmove -fstrict-aliasing
493 -fdelete-null-pointer-checks -freorder-blocks
494 -freorder-functions -falign-functions -falign-jumps
495 -falign-loops -falign-labels -ftree-vrp -ftree-pre. Please
496 note the warning under -fgcse about invoking -O2 on programs
497 that use computed gotos.
499 config BR2_OPTIMIZE_3
500 bool "optimization level 3"
502 Optimize yet more. -O3 turns on all optimizations specified by
503 -O2 and also turns on the -finline-functions, -funswitch-loops
504 and -fgcse-after-reload options.
506 config BR2_OPTIMIZE_G
507 bool "optimize for debugging"
508 depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8
510 Optimize for debugging. This enables optimizations that do not
511 interfere with debugging. It should be the optimization level
512 of choice for the standard edit-compile-debug cycle, offering
513 a reasonable level of optimization while maintaining fast
514 compilation and a good debugging experience.
516 config BR2_OPTIMIZE_S
517 bool "optimize for size"
519 Optimize for size. -Os enables all -O2 optimizations that do
520 not typically increase code size. It also performs further
521 optimizations designed to reduce code size. -Os disables the
522 following optimization flags: -falign-functions -falign-jumps
523 -falign-loops -falign-labels -freorder-blocks
524 -freorder-blocks-and-partition -fprefetch-loop-arrays
525 -ftree-vect-loop-version
528 config BR2_OPTIMIZE_FAST
529 bool "optimize for fast"
530 depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_6
532 Optimize for fast. Disregard strict standards
533 compliance. -Ofast enables all -O3 optimizations. It also
534 enables optimizations that are not valid for all
535 standard-compliant programs. It turns on -ffast-math and the
536 Fortran-specific -fstack-arrays, unless -fmax-stack-var-size
537 is specified, and -fno-protect-parens.
541 config BR2_GOOGLE_BREAKPAD_ENABLE
542 bool "Enable google-breakpad support"
543 depends on BR2_INSTALL_LIBSTDCPP
544 depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
545 depends on BR2_USE_WCHAR
546 depends on BR2_TOOLCHAIN_HAS_THREADS
547 depends on (BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC)
548 depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
549 depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
550 select BR2_PACKAGE_GOOGLE_BREAKPAD
552 This option will enable the use of google breakpad, a library
553 and tool suite that allows you to distribute an application to
554 users with compiler-provided debugging information removed,
555 record crashes in compact "minidump" files, send them back to
556 your server and produce C and C++ stack traces from these
557 minidumps. Breakpad can also write minidumps on request for
558 programs that have not crashed.
560 if BR2_GOOGLE_BREAKPAD_ENABLE
562 config BR2_GOOGLE_BREAKPAD_INCLUDE_FILES
563 string "List of executables and libraries to extract symbols from"
566 You may specify a space-separated list of binaries and
567 libraries with full paths relative to $(TARGET_DIR) of which
568 debug symbols will be dumped for further use with google
571 A directory structure that can be used by minidump-stackwalk
574 $(STAGING_DIR)/usr/share/google-breakpad-symbols
580 default BR2_SHARED_LIBS if BR2_BINFMT_SUPPORTS_SHARED
581 default BR2_STATIC_LIBS if !BR2_BINFMT_SUPPORTS_SHARED
583 Select the type of libraries you want to use on the target.
585 The default is to build dynamic libraries and use those on the
586 target filesystem, except when the architecture and/or the
587 selected binary format does not support shared libraries.
589 config BR2_STATIC_LIBS
592 Build and use only static libraries. No shared libraries will
593 be installed on the target. This potentially increases your
594 code size and should only be used if you know what you are
595 doing. Note that some packages may not be available when this
596 option is enabled, due to their need for dynamic library
599 config BR2_SHARED_LIBS
601 depends on BR2_BINFMT_SUPPORTS_SHARED
603 Build and use only shared libraries. This is the recommended
604 solution as it saves space and build time.
606 config BR2_SHARED_STATIC_LIBS
607 bool "both static and shared"
608 depends on BR2_BINFMT_SUPPORTS_SHARED
610 Build both shared and static libraries, but link executables
611 dynamically. While building both shared and static libraries
612 take more time and more disk space, having static libraries
613 may be useful to link some of the applications statically.
617 config BR2_PACKAGE_OVERRIDE_FILE
618 string "location of a package override file"
619 default "$(CONFIG_DIR)/local.mk"
621 A package override file is a short makefile that contains
622 variable definitions of the form <pkg>_OVERRIDE_SRCDIR, which
623 allows to tell Buildroot to use an existing directory as the
624 source directory for a particular package. See the Buildroot
625 documentation for more details on this feature.
627 config BR2_GLOBAL_PATCH_DIR
628 string "global patch directories"
630 You may specify a space separated list of one or more
631 directories containing global package patches. For a specific
632 version <packageversion> of a specific package <packagename>,
633 patches are applied as follows:
635 First, the default Buildroot patch set for the package is
636 applied from the package's directory in Buildroot.
638 Then for every directory - <global-patch-dir> - that exists in
639 BR2_GLOBAL_PATCH_DIR, if the directory
640 <global-patch-dir>/<packagename>/<packageversion>/ exists,
641 then all *.patch files in this directory will be applied.
643 Otherwise, if the directory <global-patch-dir>/<packagename>
644 exists, then all *.patch files in the directory will be
649 config BR2_COMPILER_PARANOID_UNSAFE_PATH
650 bool "paranoid check of library/header paths"
653 By default, when this option is disabled, when the Buildroot
654 cross-compiler will encounter an unsafe library or header path
655 (such as /usr/include, or /usr/lib), the compiler will display
658 By enabling this option, this warning is turned into an error,
659 which will completely abort the build when such unsafe paths
662 Note that this mechanism is available for both the internal
663 toolchain (through the toolchain wrapper and binutils patches)
664 and external toolchain backends (through the toolchain
667 config BR2_FORCE_HOST_BUILD
668 bool "Force the building of host dependencies"
670 Build all available host dependencies, even if they are
671 already installed on the system.
673 This option can be used to ensure that the download cache of
674 source archives for packages remain consistent between
675 different build hosts.
677 This option will increase build time.
679 config BR2_REPRODUCIBLE
680 bool "Make the build reproducible (experimental)"
681 # SOURCE_DATE_EPOCH support in toolchain-wrapper requires GCC 4.4
682 depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_4
684 This option will remove all sources of non-reproducibility
685 from the build process. For a given Buildroot configuration,
686 this allows to generate exactly identical binaries from one
687 build to the other, including on different machines.
689 The current implementation is restricted to builds with the
690 same output directory. Many (absolute) paths are recorded in
691 intermediary files, and it is very likely that some of these
692 paths leak into the target rootfs. If you build with the
693 same O=... path, however, the result is identical.
695 This is labeled as an experimental feature, as not all
696 packages behave properly to ensure reproducibility.
698 config BR2_PER_PACKAGE_DIRECTORIES
699 bool "Use per-package directories (experimental)"
701 This option will change the build process of Buildroot
702 package to use per-package target and host directories.
704 This is useful for two related purposes:
706 - Cleanly isolate the build of each package, so that a
707 given package only "sees" the dependencies it has
708 explicitly expressed, and not other packages that may
709 have by chance been built before.
711 - Enable top-level parallel build.
713 This is labeled as an experimental feature, as not all
714 packages behave properly with per-package directories.
718 comment "Security Hardening Options"
721 bool "Build code with PIC/PIE"
722 depends on BR2_SHARED_LIBS
723 depends on BR2_TOOLCHAIN_SUPPORTS_PIE
725 Generate Position-Independent Code (PIC) and link
726 Position-Independent Executables (PIE).
728 comment "PIC/PIE needs a toolchain w/ PIE"
729 depends on BR2_SHARED_LIBS
730 depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
733 bool "Stack Smashing Protection"
734 default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
735 depends on BR2_TOOLCHAIN_HAS_SSP
737 Enable stack smashing protection support using GCC's
738 -fstack-protector option family.
741 http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
744 Note that this requires the toolchain to have SSP support.
745 This is always the case for glibc and eglibc toolchain, but is
746 optional in uClibc toolchains.
751 Disable stack-smashing protection.
753 config BR2_SSP_REGULAR
754 bool "-fstack-protector"
756 Emit extra code to check for buffer overflows, such as stack
757 smashing attacks. This is done by adding a guard variable to
758 functions with vulnerable objects. This includes functions
759 that call alloca, and functions with buffers larger than 8
760 bytes. The guards are initialized when a function is entered
761 and then checked when the function exits. If a guard check
762 fails, an error message is printed and the program exits.
764 config BR2_SSP_STRONG
765 bool "-fstack-protector-strong"
766 depends on BR2_TOOLCHAIN_HAS_SSP_STRONG
768 Like -fstack-protector but includes additional functions to be
769 protected - those that have local array definitions, or have
770 references to local frame addresses.
772 -fstack-protector-strong officially appeared in gcc 4.9, but
773 some vendors have backported -fstack-protector-strong to older
777 bool "-fstack-protector-all"
779 Like -fstack-protector except that all functions are
780 protected. This option might have a significant performance
781 impact on the compiled binaries.
785 config BR2_SSP_OPTION
787 default "-fstack-protector" if BR2_SSP_REGULAR
788 default "-fstack-protector-strong" if BR2_SSP_STRONG
789 default "-fstack-protector-all" if BR2_SSP_ALL
791 comment "Stack Smashing Protection needs a toolchain w/ SSP"
792 depends on !BR2_TOOLCHAIN_HAS_SSP
795 bool "RELRO Protection"
796 depends on BR2_SHARED_LIBS
798 Enable a link-time protection know as RELRO (RELocation Read
799 Only) which helps to protect from certain type of exploitation
800 techniques altering the content of some ELF sections.
802 config BR2_RELRO_NONE
805 Disables Relocation link-time protections.
807 config BR2_RELRO_PARTIAL
810 This option makes the dynamic section not writeable after
811 initialization (with almost no performance penalty).
813 config BR2_RELRO_FULL
815 depends on BR2_TOOLCHAIN_SUPPORTS_PIE
818 This option includes the partial configuration, but also marks
819 the GOT as read-only at the cost of initialization time during
820 program loading, i.e every time an executable is started.
822 comment "RELRO Full needs a toolchain w/ PIE"
823 depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
827 comment "RELocation Read Only (RELRO) needs shared libraries"
828 depends on !BR2_SHARED_LIBS
831 bool "Buffer-overflow Detection (FORTIFY_SOURCE)"
832 depends on BR2_TOOLCHAIN_USES_GLIBC
833 depends on !BR2_OPTIMIZE_0
835 Enable the _FORTIFY_SOURCE macro which introduces additional
836 checks to detect buffer-overflows in the following standard
837 library functions: memcpy, mempcpy, memmove, memset, strcpy,
838 stpcpy, strncpy, strcat, strncat, sprintf, vsprintf, snprintf,
841 NOTE: This feature requires an optimization level of s/1/2/3/g
843 Support for this feature has been present since GCC 4.x.
845 config BR2_FORTIFY_SOURCE_NONE
848 Disables additional checks to detect buffer-overflows.
850 config BR2_FORTIFY_SOURCE_1
852 # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
853 depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
855 This option sets _FORTIFY_SOURCE to 1 and only introduces
856 checks that shouldn't change the behavior of conforming
857 programs. Adds checks at compile-time only.
859 config BR2_FORTIFY_SOURCE_2
861 # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
862 depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
864 This option sets _FORTIFY_SOURCES to 2 and some more
865 checking is added, but some conforming programs might fail.
866 Also adds checks at run-time (detected buffer overflow
867 terminates the program)
871 comment "Fortify Source needs a glibc toolchain and optimization"
872 depends on (!BR2_TOOLCHAIN_USES_GLIBC || BR2_OPTIMIZE_0)
875 source "toolchain/Config.in"
877 source "system/Config.in"
879 source "linux/Config.in"
881 source "package/Config.in"
883 source "fs/Config.in"
885 source "boot/Config.in"
887 source "package/Config.in.host"
889 source "Config.in.legacy"
891 # br2-external menus definitions
892 source "$BR2_BASE_DIR/.br2-external.in.menus"
projects / buildroot-mgba.git / blob