From 716ca530e1c4515d8683c9d5be3d56b301758b66 Mon Sep 17 00:00:00 2001
From: James <>
Date: Wed, 4 Nov 2015 11:49:21 +0000
Subject: trunk-47381

---
 config/Config-build.in | 292 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 292 insertions(+)
 create mode 100644 config/Config-build.in

(limited to 'config/Config-build.in')

diff --git a/config/Config-build.in b/config/Config-build.in
new file mode 100644
index 0000000..2523a18
--- /dev/null
+++ b/config/Config-build.in
@@ -0,0 +1,292 @@
+# Copyright (C) 2006-2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+menu "Global build settings"
+
+	config ALL_KMODS
+		bool "Select all kernel module packages by default"
+		default ALL
+
+	config ALL
+		bool "Select all userspace packages by default"
+		default n
+
+	config SIGNED_PACKAGES
+		bool "Cryptographically signed package lists"
+		default y
+
+	comment "General build options"
+
+	config DISPLAY_SUPPORT
+		bool "Show packages that require graphics support (local or remote)"
+		default n
+
+	config BUILD_PATENTED
+		default y
+		bool "Compile with support for patented functionality"
+		help
+		  When this option is disabled, software which provides patented functionality
+		  will not be built.  In case software provides optional support for patented
+		  functionality, this optional support will get disabled for this package.
+
+	config BUILD_NLS
+		default n
+		bool "Compile with full language support"
+		help
+		  When this option is enabled, packages are built with the full versions of
+		  iconv and GNU gettext instead of the default OpenWrt stubs. If uClibc is
+		  used, it is also built with locale support.
+
+	config SHADOW_PASSWORDS
+		bool
+		prompt "Enable shadow password support"
+		default y
+		help
+		  Enable shadow password support.
+
+	config CLEAN_IPKG
+		bool
+		prompt "Remove ipkg/opkg status data files in final images"
+		default n
+		help
+		  This removes all ipkg/opkg status data files from the target directory
+		  before building the root filesystem.
+
+	config COLLECT_KERNEL_DEBUG
+		bool
+		prompt "Collect kernel debug information"
+		select KERNEL_DEBUG_INFO
+		default n
+		help
+		  This collects debugging symbols from the kernel and all compiled modules.
+		  Useful for release builds, so that kernel issues can be debugged offline
+		  later.
+
+	comment "Kernel build options"
+
+	source "config/Config-kernel.in"
+
+	comment "Package build options"
+
+	config DEBUG
+		bool
+		prompt "Compile packages with debugging info"
+		default n
+		help
+		  Adds -g3 to the CFLAGS.
+
+	config IPV6
+		bool
+		prompt "Enable IPv6 support in packages"
+		default y
+		help
+		  Enables IPv6 support in kernel (builtin) and packages.
+
+	config PKG_BUILD_PARALLEL
+		bool
+		prompt "Compile certain packages parallelized"
+		default y
+		help
+		  This adds a -jX option to certain packages that are known to behave well
+		  for parallel build. By default, the package make processes use the main
+		  jobserver, in which case this option only takes effect when you add -jX
+		  to the make command.
+
+		  If you are unsure, select N.
+
+	config PKG_BUILD_USE_JOBSERVER
+		bool
+		prompt "Use top-level make jobserver for packages"
+		depends on PKG_BUILD_PARALLEL
+		default y
+		help
+		  This passes the main make process jobserver fds to package builds,
+		  enabling full parallelization across different packages.
+
+		  Note that disabling this may overcommit CPU resources depending on the
+		  -j level of the main make process, the number of package submake jobs
+		  selected below and the number of actual CPUs present.
+		  Example: If the main make is passed a -j4 and the submake -j
+		  is also set to 4, we may end up with 16 parallel make processes
+		  in the worst case.
+
+	config PKG_BUILD_JOBS
+		int
+		prompt "Number of package submake jobs (2-512)"
+		range 2 512
+		default 2
+		depends on PKG_BUILD_PARALLEL && !PKG_BUILD_USE_JOBSERVER
+		help
+		  The number of jobs (-jX) to pass to packages submake.
+
+	config PKG_DEFAULT_PARALLEL
+		bool
+		prompt "Parallelize the default package build rule (May break build)"
+		depends on PKG_BUILD_PARALLEL
+		depends on BROKEN
+		default n
+		help
+		  Always set the default package build rules to parallel build.
+
+		  WARNING: This may break build or kill your cat, as it builds packages
+		  with multiple jobs that are probably not tested in a parallel build
+		  environment.
+
+		  Only say Y if you don't mind fixing broken packages.  Before reporting
+		  build bugs, set this to N and re-run the build.
+
+	comment "Stripping options"
+
+	choice
+		prompt "Binary stripping method"
+		default USE_STRIP   if EXTERNAL_TOOLCHAIN
+		default USE_STRIP   if USE_GLIBC || USE_MUSL
+		default USE_SSTRIP
+		help
+		  Select the binary stripping method you wish to use.
+
+		config NO_STRIP
+			bool "none"
+			help
+			  This will install unstripped binaries (useful for native
+		 	  compiling/debugging).
+
+		config USE_STRIP
+			bool "strip"
+			help
+			  This will install binaries stripped using strip from binutils.
+
+
+		config USE_SSTRIP
+			bool "sstrip"
+			depends on !DEBUG
+			depends on !USE_GLIBC
+			help
+			  This will install binaries stripped using sstrip.
+	endchoice
+
+	config STRIP_ARGS
+		string
+		prompt "Strip arguments"
+		depends on USE_STRIP
+		default "--strip-unneeded --remove-section=.comment --remove-section=.note" if DEBUG
+		default "--strip-all"
+		help
+		  Specifies arguments passed to the strip command when stripping binaries.
+
+	config STRIP_KERNEL_EXPORTS
+		bool "Strip unnecessary exports from the kernel image"
+		help
+		  Reduces kernel size by stripping unused kernel exports from the kernel
+		  image.  Note that this might make the kernel incompatible with any kernel
+		  modules that were not selected at the time the kernel image was created.
+
+	config USE_MKLIBS
+		bool "Strip unnecessary functions from libraries"
+		help
+		  Reduces libraries to only those functions that are necessary for using all
+		  selected packages (including those selected as <M>).  Note that this will
+		  make the system libraries incompatible with most of the packages that are
+		  not selected during the build process.
+
+	choice
+		prompt "Preferred standard C++ library"
+		default USE_LIBSTDCXX if USE_GLIBC
+		default USE_UCLIBCXX
+		help
+		  Select the preferred standard C++ library for all packages that support this.
+
+		config USE_UCLIBCXX
+			bool "uClibc++"
+
+		config USE_LIBSTDCXX
+			bool "libstdc++"
+	endchoice
+
+	comment "Hardening build options"
+
+	config PKG_CHECK_FORMAT_SECURITY
+		bool
+		prompt "Enable gcc format-security"
+		default y
+		help
+		  Add -Wformat -Werror=format-security to the CFLAGS.  You can disable
+		  this per package by adding PKG_CHECK_FORMAT_SECURITY:=0 in the package
+		  Makefile.
+
+	choice
+		prompt "User space Stack-Smashing Protection"
+		depends on USE_MUSL
+		default PKG_CC_STACKPROTECTOR_REGULAR
+		help
+		  Enable GCC Stack Smashing Protection (SSP) for userspace applications
+		config PKG_CC_STACKPROTECTOR_NONE
+			bool "None"
+		config PKG_CC_STACKPROTECTOR_REGULAR
+			bool "Regular"
+			select SSP_SUPPORT if !USE_MUSL
+			depends on KERNEL_CC_STACKPROTECTOR_REGULAR
+		config PKG_CC_STACKPROTECTOR_STRONG
+			bool "Strong"
+			select SSP_SUPPORT if !USE_MUSL
+			depends on GCC_VERSION_5
+			depends on KERNEL_CC_STACKPROTECTOR_STRONG
+	endchoice
+
+	choice
+		prompt "Kernel space Stack-Smashing Protection"
+		default KERNEL_CC_STACKPROTECTOR_REGULAR
+		depends on USE_MUSL || !(x86_64 || i386)
+		help
+		  Enable GCC Stack-Smashing Protection (SSP) for the kernel
+		config KERNEL_CC_STACKPROTECTOR_NONE
+			bool "None"
+		config KERNEL_CC_STACKPROTECTOR_REGULAR
+			bool "Regular"
+		config KERNEL_CC_STACKPROTECTOR_STRONG
+			depends on GCC_VERSION_5
+			bool "Strong"
+	endchoice
+
+	choice
+		prompt "Enable buffer-overflows detection (FORTIFY_SOURCE)"
+		default PKG_FORTIFY_SOURCE_1
+		help
+		  Enable the _FORTIFY_SOURCE macro which introduces additional
+		  checks to detect buffer-overflows in the following standard library
+		  functions: memcpy, mempcpy, memmove, memset, strcpy, stpcpy,
+		  strncpy, strcat, strncat, sprintf, vsprintf, snprintf, vsnprintf,
+		  gets.  "Conservative" (_FORTIFY_SOURCE set to 1) only introduces
+		  checks that shouldn't change the behavior of conforming programs,
+		  while "aggressive" (_FORTIFY_SOURCES set to 2) some more checking is
+		  added, but some conforming programs might fail.
+		config PKG_FORTIFY_SOURCE_NONE
+			bool "None"
+		config PKG_FORTIFY_SOURCE_1
+			bool "Conservative"
+		config PKG_FORTIFY_SOURCE_2
+			bool "Aggressive"
+	endchoice
+
+	choice
+		prompt "Enable RELRO protection"
+		default PKG_RELRO_FULL
+		help
+		  Enable a link-time protection known as RELRO (Relocation Read Only)
+		  which helps to protect from certain type of exploitation techniques
+		  altering the content of some ELF sections. "Partial" RELRO makes the
+		  .dynamic section not writeable after initialization, introducing
+		  almost no performance penalty, while "full" RELRO also marks the GOT
+		  as read-only at the cost of initializing all of it at startup.
+		config PKG_RELRO_NONE
+			bool "None"
+		config PKG_RELRO_PARTIAL
+			bool "Partial"
+		config PKG_RELRO_FULL
+			bool "Full"
+	endchoice
+
+endmenu
-- 
cgit v1.2.3