bf61e3725c
This patch adds host-checksec package support. This tool provides a script to offline check the properties of a security hardened elf file. REF: https://github.com/slimm609/checksec.sh Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> [Thomas: add entry to DEVELOPERS file.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
18 lines
676 B
Plaintext
18 lines
676 B
Plaintext
config BR2_PACKAGE_HOST_CHECKSEC
|
|
bool "host checksec"
|
|
help
|
|
This tool provides a shell script to check the
|
|
properties of executables
|
|
(PIE,RELRO,Stack Canaries,Fortify Source).
|
|
It also has a kernel test mode that can run on target
|
|
for testing of PaX, ASLR, heap and config hardening.
|
|
|
|
NOTE: when using this tool as a host tool, the tool
|
|
can offline check a target folder of elf files for
|
|
hardening features enabled in those elf files. There
|
|
are other features of this tool, like the kernel test
|
|
feature that are not functional offline, but require the
|
|
user to execute in a chroot or on target.
|
|
|
|
https://github.com/slimm609/checksec.sh.git
|