c4e6d5c8be
This commit implements the core of the move to per-package SDK and target directories. The main idea is that instead of having a global output/host and output/target in which all packages install files, we switch to per-package host and target directories, that only contain their explicit dependencies. There are two main benefits: - Packages will now see only the dependencies they explicitly list in their <pkg>_DEPENDENCIES variable, and the recursive dependencies thereof. - We can support top-level parallel build properly, because a package only "sees" its own host directory and target directory, isolated from the build of other packages that can happen in parallel. It works as follows: - A new output/per-package/ directory is created, which will contain one sub-directory per package, and inside it, a "host" directory and a "target" directory: output/per-package/busybox/target output/per-package/busybox/host output/per-package/host-fakeroot/target output/per-package/host-fakeroot/host This output/per-package/ directory is PER_PACKAGE_DIR. - The global TARGET_DIR and HOST_DIR variable now automatically point to the per-package directory when PKG is defined. So whenever a package references $(HOST_DIR) or $(TARGET_DIR) in its build process, it effectively references the per-package host/target directories. Note that STAGING_DIR is a sub-dir of HOST_DIR, so it is handled as well. - Of course, packages have dependencies, so those dependencies must be installed in the per-package host and target directories. To do so, we simply rsync (using hard links to save space and time) the host and target directories of the direct dependencies of the package to the current package host and target directories. We only need to take care of direct dependencies (and not recursively all dependencies), because we accumulate into those per-package host and target directories the files installed by the dependencies. Note that this only works because we make the assumption that one package does *not* overwrite files installed by another package. This is done for "extract dependencies" at the beginning of the extract step, and for "normal dependencies" at the beginning of the configure step. This is basically enough to make per-package SDK and target work. The only gotcha is that at the end of the build, output/target and output/host are empty, which means that: - The filesystem image creation code cannot work. - We don't have a SDK to build code outside of Buildroot. In order to fix this, this commit extends the target-finalize step so that it starts by populating output/target and output/host by rsync-ing into them the target and host directories of all packages listed in the $(PACKAGES) variable. It is necessary to do this sequentially in the target-finalize step and not in each package. Doing it in package installation means that it can be done in parallel. In that case, there is a chance that two rsyncs are creating the same hardlink or directory at the same time, which makes one of them fail. This change to per-package directories has an impact on the RPATH built into the host binaries, as those RPATH now point to various per-package host directories, and no longer to the global host directory. We do not try to rewrite such RPATHs during the build as having such RPATHs is perfectly fine, but we still need to handle two fallouts from this change: - The check-host-rpath script, which verifies at the end of each package installation that it has the appropriate RPATH, is modified to understand that a RPATH to $(PER_PACKAGE_DIR)/<pkg>/host/lib is a correct RPAT. - The fix-rpath script, which mungles the RPATH mainly for the SDK preparation, is modified to rewrite the RPATH to not point to per-package directories. Indeed the patchelf --make-rpath-relative call only works if the RPATH points to the ROOTDIR passed as argument, and this ROOTDIR is the global host directory. Rewriting the RPATH to not point to per-package host directories prior to this is an easy solution to this issue. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
887 lines
27 KiB
Plaintext
887 lines
27 KiB
Plaintext
#
|
|
|
|
mainmenu "Buildroot $BR2_VERSION Configuration"
|
|
|
|
config BR2_HAVE_DOT_CONFIG
|
|
bool
|
|
default y
|
|
|
|
config BR2_VERSION
|
|
string
|
|
option env="BR2_VERSION_FULL"
|
|
|
|
config BR2_HOSTARCH
|
|
string
|
|
option env="HOSTARCH"
|
|
|
|
config BR2_BASE_DIR
|
|
string
|
|
option env="BASE_DIR"
|
|
|
|
# br2-external paths definitions
|
|
source "$BR2_BASE_DIR/.br2-external.in.paths"
|
|
|
|
# Hidden config symbols for packages to check system gcc version
|
|
config BR2_HOST_GCC_VERSION
|
|
string
|
|
option env="HOST_GCC_VERSION"
|
|
|
|
config BR2_HOST_GCC_AT_LEAST_4_9
|
|
bool
|
|
default y if BR2_HOST_GCC_VERSION = "4 9"
|
|
|
|
config BR2_HOST_GCC_AT_LEAST_5
|
|
bool
|
|
default y if BR2_HOST_GCC_VERSION = "5"
|
|
select BR2_HOST_GCC_AT_LEAST_4_9
|
|
|
|
config BR2_HOST_GCC_AT_LEAST_6
|
|
bool
|
|
default y if BR2_HOST_GCC_VERSION = "6"
|
|
select BR2_HOST_GCC_AT_LEAST_5
|
|
|
|
config BR2_HOST_GCC_AT_LEAST_7
|
|
bool
|
|
default y if BR2_HOST_GCC_VERSION = "7"
|
|
select BR2_HOST_GCC_AT_LEAST_6
|
|
|
|
config BR2_HOST_GCC_AT_LEAST_8
|
|
bool
|
|
default y if BR2_HOST_GCC_VERSION = "8"
|
|
select BR2_HOST_GCC_AT_LEAST_7
|
|
|
|
# When adding new entries above, be sure to update
|
|
# the HOSTCC_MAX_VERSION variable in the Makefile.
|
|
|
|
# Hidden boolean selected by packages in need of Java in order to build
|
|
# (example: kodi)
|
|
config BR2_NEEDS_HOST_JAVA
|
|
bool
|
|
|
|
# Hidden boolean selected by packages in need of javac in order to build
|
|
# (example: classpath)
|
|
config BR2_NEEDS_HOST_JAVAC
|
|
bool
|
|
|
|
# Hidden boolean selected by packages in need of jar in order to build
|
|
# (example: classpath)
|
|
config BR2_NEEDS_HOST_JAR
|
|
bool
|
|
|
|
# Hidden boolean selected by pre-built packages for x86, when they
|
|
# need to run on x86-64 machines (example: pre-built external
|
|
# toolchains, binary tools like SAM-BA, etc.).
|
|
config BR2_HOSTARCH_NEEDS_IA32_LIBS
|
|
bool
|
|
|
|
# Hidden boolean selected by packages that need to build 32 bits
|
|
# binaries with the host compiler, even on 64 bits build machines (e.g
|
|
# bootloaders).
|
|
config BR2_HOSTARCH_NEEDS_IA32_COMPILER
|
|
bool
|
|
|
|
# Hidden boolean selected by packages that need the host to have an
|
|
# UTF8 locale.
|
|
config BR2_NEEDS_HOST_UTF8_LOCALE
|
|
bool
|
|
|
|
source "arch/Config.in"
|
|
|
|
menu "Build options"
|
|
|
|
menu "Commands"
|
|
|
|
config BR2_WGET
|
|
string "Wget command"
|
|
default "wget --passive-ftp -nd -t 3"
|
|
|
|
config BR2_SVN
|
|
string "Subversion (svn) command"
|
|
default "svn --non-interactive"
|
|
|
|
config BR2_BZR
|
|
string "Bazaar (bzr) command"
|
|
default "bzr"
|
|
|
|
config BR2_GIT
|
|
string "Git command"
|
|
default "git"
|
|
|
|
config BR2_CVS
|
|
string "CVS command"
|
|
default "cvs"
|
|
|
|
config BR2_LOCALFILES
|
|
string "Local files retrieval command"
|
|
default "cp"
|
|
|
|
config BR2_SCP
|
|
string "Secure copy (scp) command"
|
|
default "scp"
|
|
|
|
config BR2_HG
|
|
string "Mercurial (hg) command"
|
|
default "hg"
|
|
|
|
config BR2_ZCAT
|
|
string "zcat command"
|
|
default "gzip -d -c"
|
|
help
|
|
Command to be used to extract a gzip'ed file to stdout. zcat
|
|
is identical to gunzip -c except that the former may not be
|
|
available on your system.
|
|
Default is "gzip -d -c"
|
|
Other possible values include "gunzip -c" or "zcat".
|
|
|
|
config BR2_BZCAT
|
|
string "bzcat command"
|
|
default "bzcat"
|
|
help
|
|
Command to be used to extract a bzip2'ed file to stdout.
|
|
bzcat is identical to bunzip2 -c except that the former may
|
|
not be available on your system.
|
|
Default is "bzcat"
|
|
Other possible values include "bunzip2 -c" or "bzip2 -d -c".
|
|
|
|
config BR2_XZCAT
|
|
string "xzcat command"
|
|
default "xzcat"
|
|
help
|
|
Command to be used to extract a xz'ed file to stdout.
|
|
Default is "xzcat"
|
|
|
|
config BR2_LZCAT
|
|
string "lzcat command"
|
|
default "lzip -d -c"
|
|
help
|
|
Command to be used to extract a lzip'ed file to stdout.
|
|
Default is "lzip -d -c"
|
|
|
|
config BR2_TAR_OPTIONS
|
|
string "Tar options"
|
|
default ""
|
|
help
|
|
Options to pass to tar when extracting the sources.
|
|
E.g. " -v --exclude='*.svn*'" to exclude all .svn internal
|
|
files and to be verbose.
|
|
|
|
endmenu
|
|
|
|
config BR2_DEFCONFIG_FROM_ENV
|
|
string
|
|
option env="BR2_DEFCONFIG"
|
|
|
|
config BR2_DEFCONFIG
|
|
string "Location to save buildroot config"
|
|
default BR2_DEFCONFIG_FROM_ENV if BR2_DEFCONFIG_FROM_ENV != ""
|
|
default "$(CONFIG_DIR)/defconfig"
|
|
help
|
|
When running 'make savedefconfig', the defconfig file will be
|
|
saved in this location.
|
|
|
|
config BR2_DL_DIR
|
|
string "Download dir"
|
|
default "$(TOPDIR)/dl"
|
|
help
|
|
Directory to store all the source files that we need to fetch.
|
|
If the Linux shell environment has defined the BR2_DL_DIR
|
|
environment variable, then this overrides this configuration
|
|
item.
|
|
The directory is organized with a subdirectory for each
|
|
package. Each package has its own $(LIBFOO_DL_DIR) variable
|
|
that can be used to find the correct path.
|
|
|
|
The default is $(TOPDIR)/dl
|
|
|
|
config BR2_HOST_DIR
|
|
string "Host dir"
|
|
default "$(BASE_DIR)/host"
|
|
help
|
|
Directory to store all the binary files that are built for the
|
|
host. This includes the cross compilation toolchain when
|
|
building the internal buildroot toolchain.
|
|
|
|
The default is $(BASE_DIR)/host
|
|
|
|
menu "Mirrors and Download locations"
|
|
|
|
config BR2_PRIMARY_SITE
|
|
string "Primary download site"
|
|
default ""
|
|
help
|
|
Primary site to download from. If this option is set then
|
|
buildroot will try to download package source first from this
|
|
site and try the default if the file is not found.
|
|
Valid URIs are:
|
|
- URIs recognized by $(WGET)
|
|
- local URIs of the form file://absolutepath
|
|
- scp URIs of the form scp://[user@]host:path.
|
|
|
|
config BR2_PRIMARY_SITE_ONLY
|
|
bool "Only allow downloads from primary download site"
|
|
depends on BR2_PRIMARY_SITE != ""
|
|
help
|
|
If this option is enabled, downloads will only be attempted
|
|
from the primary download site. Other locations, like the
|
|
package's official download location or the backup download
|
|
site, will not be considered. Therefore, if the package is not
|
|
present on the primary site, the download fails.
|
|
|
|
This is useful for project developers who want to ensure that
|
|
the project can be built even if the upstream tarball
|
|
locations disappear.
|
|
|
|
if !BR2_PRIMARY_SITE_ONLY
|
|
|
|
config BR2_BACKUP_SITE
|
|
string "Backup download site"
|
|
default "http://sources.buildroot.net"
|
|
help
|
|
Backup site to download from. If this option is set then
|
|
buildroot will fall back to download package sources from here
|
|
if the normal location fails.
|
|
|
|
config BR2_KERNEL_MIRROR
|
|
string "Kernel.org mirror"
|
|
default "https://cdn.kernel.org/pub"
|
|
help
|
|
kernel.org is mirrored on a number of servers around the
|
|
world. The following allows you to select your preferred
|
|
mirror. By default, a CDN is used, which automatically
|
|
redirects to a mirror geographically close to you.
|
|
|
|
Have a look on the kernel.org site for a list of mirrors, then
|
|
enter the URL to the base directory. Examples:
|
|
|
|
http://www.XX.kernel.org/pub (XX = country code)
|
|
http://mirror.aarnet.edu.au/pub/ftp.kernel.org
|
|
|
|
config BR2_GNU_MIRROR
|
|
string "GNU Software mirror"
|
|
default "http://ftpmirror.gnu.org"
|
|
help
|
|
GNU has multiple software mirrors scattered around the
|
|
world. The following allows you to select your preferred
|
|
mirror. By default, a generic address is used, which
|
|
automatically selects an up-to-date and local mirror.
|
|
|
|
Have a look on the gnu.org site for a list of mirrors, then
|
|
enter the URL to the base directory. Examples:
|
|
|
|
http://ftp.gnu.org/pub/gnu
|
|
http://mirror.aarnet.edu.au/pub/gnu
|
|
|
|
config BR2_LUAROCKS_MIRROR
|
|
string "LuaRocks mirror"
|
|
default "http://rocks.moonscript.org"
|
|
help
|
|
LuaRocks repository.
|
|
|
|
See http://luarocks.org
|
|
|
|
config BR2_CPAN_MIRROR
|
|
string "CPAN mirror (Perl packages)"
|
|
default "http://cpan.metacpan.org"
|
|
help
|
|
CPAN (Comprehensive Perl Archive Network) is a repository of
|
|
Perl packages. It has multiple software mirrors scattered
|
|
around the world. This option allows you to select a mirror.
|
|
|
|
The list of mirrors is available at:
|
|
http://search.cpan.org/mirror
|
|
|
|
endif
|
|
|
|
endmenu
|
|
|
|
config BR2_JLEVEL
|
|
int "Number of jobs to run simultaneously (0 for auto)"
|
|
default "0"
|
|
help
|
|
Number of jobs to run simultaneously. If 0, determine
|
|
automatically according to number of CPUs on the host system.
|
|
|
|
config BR2_CCACHE
|
|
bool "Enable compiler cache"
|
|
help
|
|
This option will enable the use of ccache, a compiler cache.
|
|
It will cache the result of previous builds to speed up future
|
|
builds. By default, the cache is stored in
|
|
$HOME/.buildroot-ccache.
|
|
|
|
Note that Buildroot does not try to invalidate the cache
|
|
contents when the compiler changes in an incompatible way.
|
|
Therefore, if you make a change to the compiler version and/or
|
|
configuration, you are responsible for purging the ccache
|
|
cache by removing the $HOME/.buildroot-ccache directory.
|
|
|
|
if BR2_CCACHE
|
|
|
|
config BR2_CCACHE_DIR
|
|
string "Compiler cache location"
|
|
default "$(HOME)/.buildroot-ccache"
|
|
help
|
|
Where ccache should store cached files.
|
|
If the Linux shell environment has defined the BR2_CCACHE_DIR
|
|
environment variable, then this overrides this configuration
|
|
item.
|
|
|
|
config BR2_CCACHE_INITIAL_SETUP
|
|
string "Compiler cache initial setup"
|
|
help
|
|
Initial ccache settings to apply, such as --max-files or
|
|
--max-size.
|
|
|
|
For example, if your project is known to require more space
|
|
than the default max cache size, then you might want to
|
|
increase the cache size to a suitable amount using the -M
|
|
(--max-size) option.
|
|
|
|
The string you specify here is passed verbatim to ccache.
|
|
Refer to ccache documentation for more details.
|
|
|
|
These initial settings are applied after ccache has been
|
|
compiled.
|
|
|
|
config BR2_CCACHE_USE_BASEDIR
|
|
bool "Use relative paths"
|
|
default y
|
|
help
|
|
Allow ccache to convert absolute paths within the output
|
|
directory into relative paths.
|
|
|
|
During the build, many -I include directives are given with an
|
|
absolute path. These absolute paths end up in the hashes that
|
|
are computed by ccache. Therefore, when you build from a
|
|
different directory, the hash will be different and the cached
|
|
object will not be used.
|
|
|
|
To improve cache performance, set this option to y. This
|
|
allows ccache to rewrite absolute paths within the output
|
|
directory into relative paths. Note that only paths within the
|
|
output directory will be rewritten; therefore, if you change
|
|
BR2_HOST_DIR to point outside the output directory and
|
|
subsequently move it to a different location, this will lead
|
|
to cache misses.
|
|
|
|
This option has as a result that the debug information in the
|
|
object files also has only relative paths. Therefore, make
|
|
sure you cd to the build directory before starting gdb. See
|
|
the section "COMPILING IN DIFFERENT DIRECTORIES" in the ccache
|
|
manual for more information.
|
|
|
|
endif
|
|
|
|
config BR2_ENABLE_DEBUG
|
|
bool "build packages with debugging symbols"
|
|
help
|
|
Build packages with debugging symbols enabled. All libraries
|
|
and binaries in the 'staging' directory will have debugging
|
|
symbols, which allows remote debugging even if libraries and
|
|
binaries are stripped on the target. Whether libraries and
|
|
binaries are stripped on the target is controlled by the
|
|
BR2_STRIP_* options below.
|
|
|
|
if BR2_ENABLE_DEBUG
|
|
choice
|
|
prompt "gcc debug level"
|
|
default BR2_DEBUG_2
|
|
help
|
|
Set the debug level for gcc
|
|
|
|
config BR2_DEBUG_1
|
|
bool "debug level 1"
|
|
help
|
|
Debug level 1 produces minimal information, enough for making
|
|
backtraces in parts of the program that you don't plan to
|
|
debug. This includes descriptions of functions and external
|
|
variables, but no information about local variables and no
|
|
line numbers.
|
|
|
|
config BR2_DEBUG_2
|
|
bool "debug level 2"
|
|
help
|
|
The default gcc debug level is 2
|
|
|
|
config BR2_DEBUG_3
|
|
bool "debug level 3"
|
|
help
|
|
Level 3 includes extra information, such as all the macro
|
|
definitions present in the program. Some debuggers support
|
|
macro expansion when you use -g3.
|
|
endchoice
|
|
endif
|
|
|
|
config BR2_STRIP_strip
|
|
bool "strip target binaries"
|
|
default y
|
|
depends on !BR2_PACKAGE_HOST_ELF2FLT
|
|
help
|
|
Binaries and libraries in the target filesystem will be
|
|
stripped using the normal 'strip' command. This allows to save
|
|
space, mainly by removing debugging symbols. Debugging symbols
|
|
on the target are needed for native debugging, but not when
|
|
remote debugging is used.
|
|
|
|
config BR2_STRIP_EXCLUDE_FILES
|
|
string "executables that should not be stripped"
|
|
default ""
|
|
depends on BR2_STRIP_strip
|
|
help
|
|
You may specify a space-separated list of binaries and
|
|
libraries here that should not be stripped on the target.
|
|
|
|
config BR2_STRIP_EXCLUDE_DIRS
|
|
string "directories that should be skipped when stripping"
|
|
default ""
|
|
depends on BR2_STRIP_strip
|
|
help
|
|
You may specify a space-separated list of directories that
|
|
should be skipped when stripping. Binaries and libraries in
|
|
these directories will not be touched. The directories should
|
|
be specified relative to the target directory, without leading
|
|
slash.
|
|
|
|
choice
|
|
prompt "gcc optimization level"
|
|
default BR2_OPTIMIZE_S
|
|
help
|
|
Set the optimization level for gcc
|
|
|
|
config BR2_OPTIMIZE_0
|
|
bool "optimization level 0"
|
|
help
|
|
Do not optimize.
|
|
|
|
config BR2_OPTIMIZE_1
|
|
bool "optimization level 1"
|
|
help
|
|
Optimize. Optimizing compilation takes somewhat more time, and
|
|
a lot more memory for a large function. With -O, the compiler
|
|
tries to reduce code size and execution time, without
|
|
performing any optimizations that take a great deal of
|
|
compilation time. -O turns on the following optimization
|
|
flags: -fdefer-pop -fdelayed-branch -fguess-branch-probability
|
|
-fcprop-registers -floop-optimize -fif-conversion
|
|
-fif-conversion2 -ftree-ccp -ftree-dce -ftree-dominator-opts
|
|
-ftree-dse -ftree-ter -ftree-lrs -ftree-sra -ftree-copyrename
|
|
-ftree-fre -ftree-ch -funit-at-a-time -fmerge-constants. -O
|
|
also turns on -fomit-frame-pointer on machines where doing so
|
|
does not interfere with debugging.
|
|
|
|
config BR2_OPTIMIZE_2
|
|
bool "optimization level 2"
|
|
help
|
|
Optimize even more. GCC performs nearly all supported
|
|
optimizations that do not involve a space-speed tradeoff. The
|
|
compiler does not perform loop unrolling or function inlining
|
|
when you specify -O2. As compared to -O, this option increases
|
|
both compilation time and the performance of the generated
|
|
code. -O2 turns on all optimization flags specified by -O. It
|
|
also turns on the following optimization flags:
|
|
-fthread-jumps -fcrossjumping -foptimize-sibling-calls
|
|
-fcse-follow-jumps -fcse-skip-blocks -fgcse -fgcse-lm
|
|
-fexpensive-optimizations -fstrength-reduce
|
|
-frerun-cse-after-loop -frerun-loop-opt -fcaller-saves
|
|
-fpeephole2 -fschedule-insns -fschedule-insns2
|
|
-fsched-interblock -fsched-spec -fregmove -fstrict-aliasing
|
|
-fdelete-null-pointer-checks -freorder-blocks
|
|
-freorder-functions -falign-functions -falign-jumps
|
|
-falign-loops -falign-labels -ftree-vrp -ftree-pre. Please
|
|
note the warning under -fgcse about invoking -O2 on programs
|
|
that use computed gotos.
|
|
|
|
config BR2_OPTIMIZE_3
|
|
bool "optimization level 3"
|
|
help
|
|
Optimize yet more. -O3 turns on all optimizations specified by
|
|
-O2 and also turns on the -finline-functions, -funswitch-loops
|
|
and -fgcse-after-reload options.
|
|
|
|
config BR2_OPTIMIZE_G
|
|
bool "optimize for debugging"
|
|
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8
|
|
help
|
|
Optimize for debugging. This enables optimizations that do not
|
|
interfere with debugging. It should be the optimization level
|
|
of choice for the standard edit-compile-debug cycle, offering
|
|
a reasonable level of optimization while maintaining fast
|
|
compilation and a good debugging experience.
|
|
|
|
config BR2_OPTIMIZE_S
|
|
bool "optimize for size"
|
|
help
|
|
Optimize for size. -Os enables all -O2 optimizations that do
|
|
not typically increase code size. It also performs further
|
|
optimizations designed to reduce code size. -Os disables the
|
|
following optimization flags: -falign-functions -falign-jumps
|
|
-falign-loops -falign-labels -freorder-blocks
|
|
-freorder-blocks-and-partition -fprefetch-loop-arrays
|
|
-ftree-vect-loop-version
|
|
This is the default.
|
|
|
|
config BR2_OPTIMIZE_FAST
|
|
bool "optimize for fast"
|
|
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_6
|
|
help
|
|
Optimize for fast. Disregard strict standards
|
|
compliance. -Ofast enables all -O3 optimizations. It also
|
|
enables optimizations that are not valid for all
|
|
standard-compliant programs. It turns on -ffast-math and the
|
|
Fortran-specific -fstack-arrays, unless -fmax-stack-var-size
|
|
is specified, and -fno-protect-parens.
|
|
|
|
endchoice
|
|
|
|
config BR2_GOOGLE_BREAKPAD_ENABLE
|
|
bool "Enable google-breakpad support"
|
|
depends on BR2_INSTALL_LIBSTDCPP
|
|
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
|
|
depends on BR2_USE_WCHAR
|
|
depends on BR2_TOOLCHAIN_HAS_THREADS
|
|
depends on (BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC)
|
|
depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
|
|
depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
|
|
select BR2_PACKAGE_GOOGLE_BREAKPAD
|
|
help
|
|
This option will enable the use of google breakpad, a library
|
|
and tool suite that allows you to distribute an application to
|
|
users with compiler-provided debugging information removed,
|
|
record crashes in compact "minidump" files, send them back to
|
|
your server and produce C and C++ stack traces from these
|
|
minidumps. Breakpad can also write minidumps on request for
|
|
programs that have not crashed.
|
|
|
|
if BR2_GOOGLE_BREAKPAD_ENABLE
|
|
|
|
config BR2_GOOGLE_BREAKPAD_INCLUDE_FILES
|
|
string "List of executables and libraries to extract symbols from"
|
|
default ""
|
|
help
|
|
You may specify a space-separated list of binaries and
|
|
libraries with full paths relative to $(TARGET_DIR) of which
|
|
debug symbols will be dumped for further use with google
|
|
breakpad.
|
|
|
|
A directory structure that can be used by minidump-stackwalk
|
|
will be created at:
|
|
|
|
$(STAGING_DIR)/usr/share/google-breakpad-symbols
|
|
|
|
endif
|
|
|
|
choice
|
|
bool "libraries"
|
|
default BR2_SHARED_LIBS if BR2_BINFMT_SUPPORTS_SHARED
|
|
default BR2_STATIC_LIBS if !BR2_BINFMT_SUPPORTS_SHARED
|
|
help
|
|
Select the type of libraries you want to use on the target.
|
|
|
|
The default is to build dynamic libraries and use those on the
|
|
target filesystem, except when the architecture and/or the
|
|
selected binary format does not support shared libraries.
|
|
|
|
config BR2_STATIC_LIBS
|
|
bool "static only"
|
|
help
|
|
Build and use only static libraries. No shared libraries will
|
|
be installed on the target. This potentially increases your
|
|
code size and should only be used if you know what you are
|
|
doing. Note that some packages may not be available when this
|
|
option is enabled, due to their need for dynamic library
|
|
support.
|
|
|
|
config BR2_SHARED_LIBS
|
|
bool "shared only"
|
|
depends on BR2_BINFMT_SUPPORTS_SHARED
|
|
help
|
|
Build and use only shared libraries. This is the recommended
|
|
solution as it saves space and build time.
|
|
|
|
config BR2_SHARED_STATIC_LIBS
|
|
bool "both static and shared"
|
|
depends on BR2_BINFMT_SUPPORTS_SHARED
|
|
help
|
|
Build both shared and static libraries, but link executables
|
|
dynamically. While building both shared and static libraries
|
|
take more time and more disk space, having static libraries
|
|
may be useful to link some of the applications statically.
|
|
|
|
endchoice
|
|
|
|
config BR2_PACKAGE_OVERRIDE_FILE
|
|
string "location of a package override file"
|
|
default "$(CONFIG_DIR)/local.mk"
|
|
help
|
|
A package override file is a short makefile that contains
|
|
variable definitions of the form <pkg>_OVERRIDE_SRCDIR, which
|
|
allows to tell Buildroot to use an existing directory as the
|
|
source directory for a particular package. See the Buildroot
|
|
documentation for more details on this feature.
|
|
|
|
config BR2_GLOBAL_PATCH_DIR
|
|
string "global patch directories"
|
|
help
|
|
You may specify a space separated list of one or more
|
|
directories containing global package patches. For a specific
|
|
version <packageversion> of a specific package <packagename>,
|
|
patches are applied as follows:
|
|
|
|
First, the default Buildroot patch set for the package is
|
|
applied from the package's directory in Buildroot.
|
|
|
|
Then for every directory - <global-patch-dir> - that exists in
|
|
BR2_GLOBAL_PATCH_DIR, if the directory
|
|
<global-patch-dir>/<packagename>/<packageversion>/ exists,
|
|
then all *.patch files in this directory will be applied.
|
|
|
|
Otherwise, if the directory <global-patch-dir>/<packagename>
|
|
exists, then all *.patch files in the directory will be
|
|
applied.
|
|
|
|
menu "Advanced"
|
|
|
|
config BR2_COMPILER_PARANOID_UNSAFE_PATH
|
|
bool "paranoid check of library/header paths"
|
|
default y
|
|
help
|
|
By default, when this option is disabled, when the Buildroot
|
|
cross-compiler will encounter an unsafe library or header path
|
|
(such as /usr/include, or /usr/lib), the compiler will display
|
|
a warning.
|
|
|
|
By enabling this option, this warning is turned into an error,
|
|
which will completely abort the build when such unsafe paths
|
|
are encountered.
|
|
|
|
Note that this mechanism is available for both the internal
|
|
toolchain (through the toolchain wrapper and binutils patches)
|
|
and external toolchain backends (through the toolchain
|
|
wrapper).
|
|
|
|
config BR2_FORCE_HOST_BUILD
|
|
bool "Force the building of host dependencies"
|
|
help
|
|
Build all available host dependencies, even if they are
|
|
already installed on the system.
|
|
|
|
This option can be used to ensure that the download cache of
|
|
source archives for packages remain consistent between
|
|
different build hosts.
|
|
|
|
This option will increase build time.
|
|
|
|
config BR2_REPRODUCIBLE
|
|
bool "Make the build reproducible (experimental)"
|
|
# SOURCE_DATE_EPOCH support in toolchain-wrapper requires GCC 4.4
|
|
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_4
|
|
help
|
|
This option will remove all sources of non-reproducibility
|
|
from the build process. For a given Buildroot configuration,
|
|
this allows to generate exactly identical binaries from one
|
|
build to the other, including on different machines.
|
|
|
|
The current implementation is restricted to builds with the
|
|
same output directory. Many (absolute) paths are recorded in
|
|
intermediary files, and it is very likely that some of these
|
|
paths leak into the target rootfs. If you build with the
|
|
same O=... path, however, the result is identical.
|
|
|
|
This is labeled as an experimental feature, as not all
|
|
packages behave properly to ensure reproducibility.
|
|
|
|
config BR2_PER_PACKAGE_DIRECTORIES
|
|
bool "Use per-package directories (experimental)"
|
|
help
|
|
This option will change the build process of Buildroot
|
|
package to use per-package target and host directories.
|
|
|
|
This is useful for two related purposes:
|
|
|
|
- Cleanly isolate the build of each package, so that a
|
|
given package only "sees" the dependencies it has
|
|
explicitly expressed, and not other packages that may
|
|
have by chance been built before.
|
|
|
|
- Enable top-level parallel build.
|
|
|
|
This is labeled as an experimental feature, as not all
|
|
packages behave properly with per-package directories.
|
|
|
|
endmenu
|
|
|
|
comment "Security Hardening Options"
|
|
|
|
config BR2_PIC_PIE
|
|
bool "Build code with PIC/PIE"
|
|
depends on BR2_SHARED_LIBS
|
|
depends on BR2_TOOLCHAIN_SUPPORTS_PIE
|
|
help
|
|
Generate Position-Independent Code (PIC) and link
|
|
Position-Independent Executables (PIE).
|
|
|
|
comment "PIC/PIE needs a toolchain w/ PIE"
|
|
depends on BR2_SHARED_LIBS
|
|
depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
|
|
|
|
choice
|
|
bool "Stack Smashing Protection"
|
|
default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
|
|
depends on BR2_TOOLCHAIN_HAS_SSP
|
|
help
|
|
Enable stack smashing protection support using GCC's
|
|
-fstack-protector option family.
|
|
|
|
See
|
|
http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
|
|
for details.
|
|
|
|
Note that this requires the toolchain to have SSP support.
|
|
This is always the case for glibc and eglibc toolchain, but is
|
|
optional in uClibc toolchains.
|
|
|
|
config BR2_SSP_NONE
|
|
bool "None"
|
|
help
|
|
Disable stack-smashing protection.
|
|
|
|
config BR2_SSP_REGULAR
|
|
bool "-fstack-protector"
|
|
help
|
|
Emit extra code to check for buffer overflows, such as stack
|
|
smashing attacks. This is done by adding a guard variable to
|
|
functions with vulnerable objects. This includes functions
|
|
that call alloca, and functions with buffers larger than 8
|
|
bytes. The guards are initialized when a function is entered
|
|
and then checked when the function exits. If a guard check
|
|
fails, an error message is printed and the program exits.
|
|
|
|
config BR2_SSP_STRONG
|
|
bool "-fstack-protector-strong"
|
|
help
|
|
Like -fstack-protector but includes additional functions to be
|
|
protected - those that have local array definitions, or have
|
|
references to local frame addresses.
|
|
|
|
-fstack-protector-strong officially appeared in gcc 4.9, but
|
|
some vendors have backported -fstack-protector-strong to older
|
|
versions of gcc.
|
|
|
|
config BR2_SSP_ALL
|
|
bool "-fstack-protector-all"
|
|
help
|
|
Like -fstack-protector except that all functions are
|
|
protected. This option might have a significant performance
|
|
impact on the compiled binaries.
|
|
|
|
endchoice
|
|
|
|
config BR2_SSP_OPTION
|
|
string
|
|
default "-fstack-protector" if BR2_SSP_REGULAR
|
|
default "-fstack-protector-strong" if BR2_SSP_STRONG
|
|
default "-fstack-protector-all" if BR2_SSP_ALL
|
|
|
|
comment "Stack Smashing Protection needs a toolchain w/ SSP"
|
|
depends on !BR2_TOOLCHAIN_HAS_SSP
|
|
|
|
choice
|
|
bool "RELRO Protection"
|
|
depends on BR2_SHARED_LIBS
|
|
help
|
|
Enable a link-time protection know as RELRO (RELocation Read
|
|
Only) which helps to protect from certain type of exploitation
|
|
techniques altering the content of some ELF sections.
|
|
|
|
config BR2_RELRO_NONE
|
|
bool "None"
|
|
help
|
|
Disables Relocation link-time protections.
|
|
|
|
config BR2_RELRO_PARTIAL
|
|
bool "Partial"
|
|
help
|
|
This option makes the dynamic section not writeable after
|
|
initialization (with almost no performance penalty).
|
|
|
|
config BR2_RELRO_FULL
|
|
bool "Full"
|
|
depends on BR2_TOOLCHAIN_SUPPORTS_PIE
|
|
select BR2_PIC_PIE
|
|
help
|
|
This option includes the partial configuration, but also marks
|
|
the GOT as read-only at the cost of initialization time during
|
|
program loading, i.e every time an executable is started.
|
|
|
|
comment "RELRO Full needs a toolchain w/ PIE"
|
|
depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
|
|
|
|
endchoice
|
|
|
|
comment "RELocation Read Only (RELRO) needs shared libraries"
|
|
depends on !BR2_SHARED_LIBS
|
|
|
|
choice
|
|
bool "Buffer-overflow Detection (FORTIFY_SOURCE)"
|
|
depends on BR2_TOOLCHAIN_USES_GLIBC
|
|
depends on !BR2_OPTIMIZE_0
|
|
help
|
|
Enable the _FORTIFY_SOURCE macro which introduces additional
|
|
checks to detect buffer-overflows in the following standard
|
|
library functions: memcpy, mempcpy, memmove, memset, strcpy,
|
|
stpcpy, strncpy, strcat, strncat, sprintf, vsprintf, snprintf,
|
|
vsnprintf, gets.
|
|
|
|
NOTE: This feature requires an optimization level of s/1/2/3/g
|
|
|
|
Support for this feature has been present since GCC 4.x.
|
|
|
|
config BR2_FORTIFY_SOURCE_NONE
|
|
bool "None"
|
|
help
|
|
Disables additional checks to detect buffer-overflows.
|
|
|
|
config BR2_FORTIFY_SOURCE_1
|
|
bool "Conservative"
|
|
# gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
|
|
depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
|
|
help
|
|
This option sets _FORTIFY_SOURCE to 1 and only introduces
|
|
checks that shouldn't change the behavior of conforming
|
|
programs. Adds checks at compile-time only.
|
|
|
|
config BR2_FORTIFY_SOURCE_2
|
|
bool "Aggressive"
|
|
# gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
|
|
depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
|
|
help
|
|
This option sets _FORTIFY_SOURCES to 2 and some more
|
|
checking is added, but some conforming programs might fail.
|
|
Also adds checks at run-time (detected buffer overflow
|
|
terminates the program)
|
|
|
|
endchoice
|
|
|
|
comment "Fortify Source needs a glibc toolchain and optimization"
|
|
depends on (!BR2_TOOLCHAIN_USES_GLIBC || BR2_OPTIMIZE_0)
|
|
endmenu
|
|
|
|
source "toolchain/Config.in"
|
|
|
|
source "system/Config.in"
|
|
|
|
source "linux/Config.in"
|
|
|
|
source "package/Config.in"
|
|
|
|
source "fs/Config.in"
|
|
|
|
source "boot/Config.in"
|
|
|
|
source "package/Config.in.host"
|
|
|
|
source "Config.in.legacy"
|
|
|
|
# br2-external menus definitions
|
|
source "$BR2_BASE_DIR/.br2-external.in.menus"
|