string
option env="HOSTARCH"
-config BR2_EXTERNAL
+config BR2_BASE_DIR
string
- option env="BR2_EXTERNAL"
+ option env="BASE_DIR"
-config BR2_BUILD_DIR
- string
- option env="BUILD_DIR"
+# br2-external paths definitions
+source "$BR2_BASE_DIR/.br2-external.in.paths"
# Hidden config symbols for packages to check system gcc version
config BR2_HOST_GCC_VERSION
string
option env="HOST_GCC_VERSION"
-config BR2_HOST_GCC_AT_LEAST_4_6
- bool
- default y if BR2_HOST_GCC_VERSION = "4 6"
-
-config BR2_HOST_GCC_AT_LEAST_4_7
- bool
- default y if BR2_HOST_GCC_VERSION = "4 7"
- select BR2_HOST_GCC_AT_LEAST_4_6
-
-config BR2_HOST_GCC_AT_LEAST_4_8
- bool
- default y if BR2_HOST_GCC_VERSION = "4 8"
- select BR2_HOST_GCC_AT_LEAST_4_7
-
config BR2_HOST_GCC_AT_LEAST_4_9
bool
default y if BR2_HOST_GCC_VERSION = "4 9"
- select BR2_HOST_GCC_AT_LEAST_4_8
config BR2_HOST_GCC_AT_LEAST_5
bool
default y if BR2_HOST_GCC_VERSION = "6"
select BR2_HOST_GCC_AT_LEAST_5
-# Hidden boolean selected by packages in need of Java in order to build
-# (example: xbmc)
-config BR2_NEEDS_HOST_JAVA
+config BR2_HOST_GCC_AT_LEAST_7
+ bool
+ default y if BR2_HOST_GCC_VERSION = "7"
+ select BR2_HOST_GCC_AT_LEAST_6
+
+config BR2_HOST_GCC_AT_LEAST_8
bool
+ default y if BR2_HOST_GCC_VERSION = "8"
+ select BR2_HOST_GCC_AT_LEAST_7
-# Hidden boolean selected by packages in need of javac in order to build
-# (example: classpath)
-config BR2_NEEDS_HOST_JAVAC
+config BR2_HOST_GCC_AT_LEAST_9
bool
+ default y if BR2_HOST_GCC_VERSION = "9"
+ select BR2_HOST_GCC_AT_LEAST_8
-# Hidden boolean selected by packages in need of jar in order to build
-# (example: classpath)
-config BR2_NEEDS_HOST_JAR
+# When adding new entries above, be sure to update
+# the HOSTCC_MAX_VERSION variable in the Makefile.
+
+# Hidden boolean selected by packages in need of Java in order to build
+# (example: kodi)
+config BR2_NEEDS_HOST_JAVA
bool
# Hidden boolean selected by pre-built packages for x86, when they
config BR2_HOSTARCH_NEEDS_IA32_COMPILER
bool
+# Hidden boolean selected by packages that need the host to have an
+# UTF8 locale.
+config BR2_NEEDS_HOST_UTF8_LOCALE
+ bool
+
+# Hidden boolean selected by packages that need the host to have
+# support for building gcc plugins
+config BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT
+ bool
+
source "arch/Config.in"
menu "Build options"
config BR2_SVN
string "Subversion (svn) command"
- default "svn"
+ default "svn --non-interactive"
config BR2_BZR
string "Bazaar (bzr) command"
string "Secure copy (scp) command"
default "scp"
-config BR2_SSH
- string "Secure shell (ssh) command"
- default "ssh"
-
config BR2_HG
string "Mercurial (hg) command"
default "hg"
Command to be used to extract a xz'ed file to stdout.
Default is "xzcat"
+config BR2_LZCAT
+ string "lzcat command"
+ default "lzip -d -c"
+ help
+ Command to be used to extract a lzip'ed file to stdout.
+ Default is "lzip -d -c"
+
config BR2_TAR_OPTIONS
string "Tar options"
default ""
help
Options to pass to tar when extracting the sources.
- E.g. " -v --exclude='*.svn*'" to exclude all .svn internal files
- and to be verbose.
+ E.g. " -v --exclude='*.svn*'" to exclude all .svn internal
+ files and to be verbose.
endmenu
If the Linux shell environment has defined the BR2_DL_DIR
environment variable, then this overrides this configuration
item.
+ The directory is organized with a subdirectory for each
+ package. Each package has its own $(LIBFOO_DL_DIR) variable
+ that can be used to find the correct path.
The default is $(TOPDIR)/dl
default "$(HOME)/.buildroot-ccache"
help
Where ccache should store cached files.
+ If the Linux shell environment has defined the BR2_CCACHE_DIR
+ environment variable, then this overrides this configuration
+ item.
config BR2_CCACHE_INITIAL_SETUP
string "Compiler cache initial setup"
endif
-config BR2_DEPRECATED
- bool "Show options and packages that are deprecated or obsolete"
- help
- This option shows outdated/obsolete versions of packages and
- options that are otherwise hidden.
-
-if BR2_DEPRECATED
-
-config BR2_DEPRECATED_SINCE_2015_08
- bool
- default y
-
-config BR2_DEPRECATED_SINCE_2015_11
- bool
- default y
-
-config BR2_DEPRECATED_SINCE_2016_02
- bool
- default y
-
-config BR2_DEPRECATED_SINCE_2016_05
- bool
- default y
-
-config BR2_DEPRECATED_SINCE_2016_08
- bool
- default y
-
-config BR2_DEPRECATED_SINCE_2016_11
- bool
- default y
-
-endif
-
config BR2_ENABLE_DEBUG
bool "build packages with debugging symbols"
help
endchoice
endif
-choice
- prompt "strip command for binaries on target"
- default BR2_STRIP_strip
-
config BR2_STRIP_strip
- bool "strip"
+ bool "strip target binaries"
+ default y
depends on !BR2_PACKAGE_HOST_ELF2FLT
help
Binaries and libraries in the target filesystem will be
on the target are needed for native debugging, but not when
remote debugging is used.
-config BR2_STRIP_none
- bool "none"
- help
- Do not strip binaries and libraries in the target filesystem.
-endchoice
-
config BR2_STRIP_EXCLUDE_FILES
string "executables that should not be stripped"
- depends on !BR2_STRIP_none
default ""
+ depends on BR2_STRIP_strip
help
You may specify a space-separated list of binaries and
libraries here that should not be stripped on the target.
config BR2_STRIP_EXCLUDE_DIRS
string "directories that should be skipped when stripping"
- depends on !BR2_STRIP_none
default ""
+ depends on BR2_STRIP_strip
help
You may specify a space-separated list of directories that
should be skipped when stripping. Binaries and libraries in
config BR2_OPTIMIZE_0
bool "optimization level 0"
help
- Do not optimize. This is the default.
+ Do not optimize.
config BR2_OPTIMIZE_1
bool "optimization level 1"
-falign-loops -falign-labels -freorder-blocks
-freorder-blocks-and-partition -fprefetch-loop-arrays
-ftree-vect-loop-version
+ This is the default.
+
+config BR2_OPTIMIZE_FAST
+ bool "optimize for fast (may break packages!)"
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_6
+ help
+ Optimize for fast. Disregard strict standards
+ compliance. -Ofast enables all -O3 optimizations. It also
+ enables optimizations that are not valid for all
+ standard-compliant programs, so be careful, as it may break
+ some packages. It turns on -ffast-math and the
+ Fortran-specific -fstack-arrays, unless -fmax-stack-var-size
+ is specified, and -fno-protect-parens.
endchoice
config BR2_GOOGLE_BREAKPAD_ENABLE
bool "Enable google-breakpad support"
- select BR2_PACKAGE_GOOGLE_BREAKPAD
depends on BR2_INSTALL_LIBSTDCPP
- depends on BR2_TOOLCHAIN_USES_GLIBC
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
+ depends on BR2_USE_WCHAR
+ depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on (BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC)
depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+ depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+ select BR2_PACKAGE_GOOGLE_BREAKPAD
help
This option will enable the use of google breakpad, a library
and tool suite that allows you to distribute an application to
endif
-choice
- bool "build code with Stack Smashing Protection"
- default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
- depends on BR2_TOOLCHAIN_HAS_SSP
- help
- Enable stack smashing protection support using GCC's
- -fstack-protector option family.
-
- See
- http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
- for details.
-
- Note that this requires the toolchain to have SSP support.
- This is always the case for glibc and eglibc toolchain, but is
- optional in uClibc toolchains.
-
-config BR2_SSP_NONE
- bool "None"
- help
- Disable stack-smashing protection.
-
-config BR2_SSP_REGULAR
- bool "-fstack-protector"
- help
- Emit extra code to check for buffer overflows, such as stack
- smashing attacks. This is done by adding a guard variable to
- functions with vulnerable objects. This includes functions
- that call alloca, and functions with buffers larger than 8
- bytes. The guards are initialized when a function is entered
- and then checked when the function exits. If a guard check
- fails, an error message is printed and the program exits.
-
-config BR2_SSP_STRONG
- bool "-fstack-protector-strong"
- depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
- help
- Like -fstack-protector but includes additional functions to be
- protected - those that have local array definitions, or have
- references to local frame addresses.
-
-comment "Stack Smashing Protection strong needs a toolchain w/ gcc >= 4.9"
- depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
-
-config BR2_SSP_ALL
- bool "-fstack-protector-all"
- help
- Like -fstack-protector except that all functions are
- protected. This option might have a significant performance
- impact on the compiled binaries.
-
-endchoice
-
-comment "Stack Smashing Protection needs a toolchain w/ SSP"
- depends on !BR2_TOOLCHAIN_HAS_SSP
-
choice
bool "libraries"
default BR2_SHARED_LIBS if BR2_BINFMT_SUPPORTS_SHARED
endchoice
-
config BR2_PACKAGE_OVERRIDE_FILE
string "location of a package override file"
default "$(CONFIG_DIR)/local.mk"
Note that this mechanism is available for both the internal
toolchain (through the toolchain wrapper and binutils patches)
- and external toolchain backends (through the toolchain wrapper).
+ and external toolchain backends (through the toolchain
+ wrapper).
+
+config BR2_FORCE_HOST_BUILD
+ bool "Force the building of host dependencies"
+ help
+ Build all available host dependencies, even if they are
+ already installed on the system.
+
+ This option can be used to ensure that the download cache of
+ source archives for packages remain consistent between
+ different build hosts.
+
+ This option will increase build time.
config BR2_REPRODUCIBLE
bool "Make the build reproducible (experimental)"
+ # SOURCE_DATE_EPOCH support in toolchain-wrapper requires GCC 4.4
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_4
help
This option will remove all sources of non-reproducibility
from the build process. For a given Buildroot configuration,
this allows to generate exactly identical binaries from one
build to the other, including on different machines.
+ The current implementation is restricted to builds with the
+ same output directory. Many (absolute) paths are recorded in
+ intermediary files, and it is very likely that some of these
+ paths leak into the target rootfs. If you build with the
+ same O=... path, however, the result is identical.
+
This is labeled as an experimental feature, as not all
packages behave properly to ensure reproducibility.
+config BR2_PER_PACKAGE_DIRECTORIES
+ bool "Use per-package directories (experimental)"
+ help
+ This option will change the build process of Buildroot
+ package to use per-package target and host directories.
+
+ This is useful for two related purposes:
+
+ - Cleanly isolate the build of each package, so that a
+ given package only "sees" the dependencies it has
+ explicitly expressed, and not other packages that may
+ have by chance been built before.
+
+ - Enable top-level parallel build.
+
+ This is labeled as an experimental feature, as not all
+ packages behave properly with per-package directories.
+
endmenu
+comment "Security Hardening Options"
+
+config BR2_PIC_PIE
+ bool "Build code with PIC/PIE"
+ depends on BR2_SHARED_LIBS
+ depends on BR2_TOOLCHAIN_SUPPORTS_PIE
+ help
+ Generate Position-Independent Code (PIC) and link
+ Position-Independent Executables (PIE).
+
+comment "PIC/PIE needs a toolchain w/ PIE"
+ depends on BR2_SHARED_LIBS
+ depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
+
+choice
+ bool "Stack Smashing Protection"
+ default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
+ depends on BR2_TOOLCHAIN_HAS_SSP
+ help
+ Enable stack smashing protection support using GCC's
+ -fstack-protector option family.
+
+ See
+ http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
+ for details.
+
+ Note that this requires the toolchain to have SSP support.
+ This is always the case for glibc and eglibc toolchain, but is
+ optional in uClibc toolchains.
+
+config BR2_SSP_NONE
+ bool "None"
+ help
+ Disable stack-smashing protection.
+
+config BR2_SSP_REGULAR
+ bool "-fstack-protector"
+ help
+ Emit extra code to check for buffer overflows, such as stack
+ smashing attacks. This is done by adding a guard variable to
+ functions with vulnerable objects. This includes functions
+ that call alloca, and functions with buffers larger than 8
+ bytes. The guards are initialized when a function is entered
+ and then checked when the function exits. If a guard check
+ fails, an error message is printed and the program exits.
+
+config BR2_SSP_STRONG
+ bool "-fstack-protector-strong"
+ depends on BR2_TOOLCHAIN_HAS_SSP_STRONG
+ help
+ Like -fstack-protector but includes additional functions to be
+ protected - those that have local array definitions, or have
+ references to local frame addresses.
+
+ -fstack-protector-strong officially appeared in gcc 4.9, but
+ some vendors have backported -fstack-protector-strong to older
+ versions of gcc.
+
+config BR2_SSP_ALL
+ bool "-fstack-protector-all"
+ help
+ Like -fstack-protector except that all functions are
+ protected. This option might have a significant performance
+ impact on the compiled binaries.
+
+endchoice
+
+config BR2_SSP_OPTION
+ string
+ default "-fstack-protector" if BR2_SSP_REGULAR
+ default "-fstack-protector-strong" if BR2_SSP_STRONG
+ default "-fstack-protector-all" if BR2_SSP_ALL
+
+comment "Stack Smashing Protection needs a toolchain w/ SSP"
+ depends on !BR2_TOOLCHAIN_HAS_SSP
+
+choice
+ bool "RELRO Protection"
+ depends on BR2_SHARED_LIBS
+ help
+ Enable a link-time protection know as RELRO (RELocation Read
+ Only) which helps to protect from certain type of exploitation
+ techniques altering the content of some ELF sections.
+
+config BR2_RELRO_NONE
+ bool "None"
+ help
+ Disables Relocation link-time protections.
+
+config BR2_RELRO_PARTIAL
+ bool "Partial"
+ help
+ This option makes the dynamic section not writeable after
+ initialization (with almost no performance penalty).
+
+config BR2_RELRO_FULL
+ bool "Full"
+ depends on BR2_TOOLCHAIN_SUPPORTS_PIE
+ select BR2_PIC_PIE
+ help
+ This option includes the partial configuration, but also marks
+ the GOT as read-only at the cost of initialization time during
+ program loading, i.e every time an executable is started.
+
+comment "RELRO Full needs a toolchain w/ PIE"
+ depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
+
+endchoice
+
+comment "RELocation Read Only (RELRO) needs shared libraries"
+ depends on !BR2_SHARED_LIBS
+
+choice
+ bool "Buffer-overflow Detection (FORTIFY_SOURCE)"
+ depends on BR2_TOOLCHAIN_USES_GLIBC
+ depends on !BR2_OPTIMIZE_0
+ help
+ Enable the _FORTIFY_SOURCE macro which introduces additional
+ checks to detect buffer-overflows in the following standard
+ library functions: memcpy, mempcpy, memmove, memset, strcpy,
+ stpcpy, strncpy, strcat, strncat, sprintf, vsprintf, snprintf,
+ vsnprintf, gets.
+
+ NOTE: This feature requires an optimization level of s/1/2/3/g
+
+ Support for this feature has been present since GCC 4.x.
+
+config BR2_FORTIFY_SOURCE_NONE
+ bool "None"
+ help
+ Disables additional checks to detect buffer-overflows.
+
+config BR2_FORTIFY_SOURCE_1
+ bool "Conservative"
+ # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
+ depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
+ help
+ This option sets _FORTIFY_SOURCE to 1 and only introduces
+ checks that shouldn't change the behavior of conforming
+ programs. Adds checks at compile-time only.
+
+config BR2_FORTIFY_SOURCE_2
+ bool "Aggressive"
+ # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
+ depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
+ help
+ This option sets _FORTIFY_SOURCES to 2 and some more
+ checking is added, but some conforming programs might fail.
+ Also adds checks at run-time (detected buffer overflow
+ terminates the program)
+
+endchoice
+
+comment "Fortify Source needs a glibc toolchain and optimization"
+ depends on (!BR2_TOOLCHAIN_USES_GLIBC || BR2_OPTIMIZE_0)
endmenu
source "toolchain/Config.in"
source "Config.in.legacy"
-menu "User-provided options"
- depends on BR2_EXTERNAL != "support/dummy-external"
-
-source "$BR2_EXTERNAL/Config.in"
-
-endmenu
-
-source "$BR2_BUILD_DIR/.br2-external.in"
+# br2-external menus definitions
+source "$BR2_BASE_DIR/.br2-external.in.menus"
projects / buildroot-mgba.git / blobdiff