mirror
/
openwrt
mirror of https://git.openwrt.org/openwrt/openwrt.git
1
0
Fork 0
Code Releases Activity
openwrt/include
History
Julien Dusser df0bd42fde build: add hardened builds with PIE (ASLR) support 
Introduce a configuration option to build a "hardened" OpenWrt with
ASLR PIE support.

Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR)
by building Position Independent Executables (PIE). This new option protects
against "return-to-text" attacks.

Busybox need a special care, link is done with ld, not gcc, leading to
unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE.

If other failing packages were found, PKG_ASLR_PIE:=0 should be added to
their Makefiles.

Original Work by: Yongkui Han <yonhan@cisco.com>
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
 		2018-01-27 16:46:45 +01:00
..
site include/site: add powerpc64 config 2017-10-24 13:24:04 +02:00
autotools.mk treewide: fix build depends to refer to source package names 2018-01-13 19:54:44 +01:00
cmake.mk cmake: skip build system check on compile 2017-02-21 13:03:20 +01:00
debug.mk include: remove trailing whitespaces 2015-03-29 07:29:18 +00:00
depends.mk build: add missing wildcard for ignoring .pkgdir in dependency checks 2017-02-05 22:17:30 +01:00
device_table.txt image: ensure that /dev/console exist in rootfs images 2013-08-27 12:02:58 +00:00
download.mk downloads.mk: introduce name-agnostic PROJECT_GIT variable 2018-01-10 21:27:31 +01:00
feeds.mk merge: properly remove %n / %N references 2017-12-09 16:01:14 +01:00
hardened-ld-pie.specs build: add hardened builds with PIE (ASLR) support 2018-01-27 16:46:45 +01:00
hardening.mk build: add hardened builds with PIE (ASLR) support 2018-01-27 16:46:45 +01:00
host-build.mk build: allow PKG_PREPARED_DEPENDS and PKG_CONFIG_DEPENDS to be changed after including package.mk 2017-12-12 12:45:28 +01:00
image-commands.mk build: add image command for CE images 2018-01-13 07:58:47 +01:00
image-legacy.mk image: fix ar71xx legacy images 2017-07-15 07:02:59 +02:00
image.mk build: fix restoring /etc/opkg with PER_DEVICE_ROOTFS 2018-01-11 18:20:39 +01:00
kernel-build.mk Config-devel.in: rename symbol KERNEL_GIT_BRANCH -> KERNEL_GIT_REF 2018-01-27 16:46:45 +01:00
kernel-defaults.mk config: don't define the same symbol twice 2018-01-17 11:07:17 +01:00
kernel-version.mk kernel.mk: update LINUX_VERSION filename for cloned repo 2018-01-27 16:46:45 +01:00
kernel.mk kernel: include: remove last .0 from kernel versions again 2017-12-16 22:15:23 +01:00
netfilter.mk netfilter, iptables: add optional CHECKSUM module 2017-11-06 16:39:41 +01:00
nls.mk treewide: fix build depends to refer to source package names 2018-01-13 19:54:44 +01:00
package-bin.mk build: use if-then to avoid non-zero return codes in bin/ packaging code 2017-01-23 13:49:45 +01:00
package-defaults.mk build: allow defining license information per binary package 2017-11-25 20:02:04 +01:00
package-dumpinfo.mk include/package-dumpinfo.mk: don't duplicate source package information for every binary package 2018-01-13 19:54:45 +01:00
package-ipkg.mk build: allow defining license information per binary package 2017-11-25 20:02:04 +01:00
package-seccomp.mk include: add a seccomp filter install wrapper 2015-03-26 10:57:56 +00:00
package.mk include/package.mk: remove old configured stamps before attempting configuration 2017-12-28 12:24:25 +01:00
prereq-build.mk merge: etc: update remaining files 2017-12-08 19:41:18 +01:00
prereq.mk build: do not overwrite already existing host commands 2015-09-16 12:38:16 +00:00
quilt.mk kernel: split patches folder up into backport, pending and hack folders 2017-08-05 08:46:36 +02:00
rootfs.mk build: cleanup tmp/ dir of target rootfs 2017-05-02 22:10:50 +08:00
scan.awk build: propagate override information to .packageinfo 2015-02-09 12:09:31 +00:00
scan.mk build: get rid of host.mk 2017-02-26 13:31:44 +01:00
scons.mk build: use CXXFLAGS if defined 2016-10-13 17:04:43 +02:00
shell.sh build: use mkhash to replace various quirky md5sum/openssl calls 2017-01-05 11:09:12 +01:00
subdir.mk build: allow building an individual subdir without dependencies using NO_DEPS=1 2017-02-21 13:03:20 +01:00
target.mk target: replace odhcpd by odhcpd-ipv6only 2017-11-29 22:34:58 +01:00
toolchain-build.mk build: stop overriding STAGING_DIR_HOST for toolchain build 2017-05-25 19:01:07 +02:00
toplevel.mk include/toplevel.mk: Add xconfig target 2017-11-02 15:58:45 +01:00
u-boot.mk u-boot.mk: pass HOSTCC and HOST_CFLAGS into the build 2017-04-04 12:34:23 +02:00
uclibc++.mk toolchain: eliminate the INSTALL_LIBSTDCPP config symbol and make c++ support mandatory - fixes recursive config symbol dependency issues 2013-05-09 20:50:49 +00:00
unpack.mk build: unzip: perform operations quietly 2017-01-05 11:09:13 +01:00
verbose.mk build: tell users to do non-paralle builds on errors 2015-04-16 12:18:26 +00:00
version.mk merge: release/banner: drop release name and update banner 2017-12-08 19:41:18 +01:00