-
Notifications
You must be signed in to change notification settings - Fork 4
/
Kconfig
197 lines (163 loc) · 4.48 KB
/
Kconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
config USR_LIB_STD
bool "EwoK standard libc library interface"
default y
---help---
Support for basic libc primitves and various embedded
devices specific API over EwoK kernel.
# no specific config for libstd by now
menu "Libstd configuration"
menu "POSIX Compliance"
config STD_POSIX_SYSV_MSQ
bool "Support for SystemV Message queues"
select STD_MALLOC
default y
---help---
Support for SystemV Message queues (msgget(),msgsnd()
and msgrcv() API from the SystemV and POSIX standard.
if STD_POSIX_SYSV_MSQ
config STD_POSIX_SYSV_MSQ_DEPTH
int "SystemV Message queue depth"
range 1 16
default 1
---help---
SystemV message queue maximum supported queue depth.
Beware that the queue depth is consuming a lot of memory.
endif
config STD_POSIX_RAND
bool "Support for POSIX (s)rand(_r) API (not secure!)"
default n
---help---
Support for POSIX and ISO C compliant rand familly functions
rand(), rand_r() and srand().
config STD_POSIX_TIMER
bool "Support for POSIX timers"
default n
---help---
Support for POSIX timers (timer_create(), timer_settime()) API.
Only the CLOCK_MONOLITIC clockid is supported when no RTC exists.
Only SIGEV_THREAD notify mode is supported by now.
config STD_POSIX_USLEEP_INT_AS_SIGNAL
bool "uSleep can be interrupted by ISR handlers"
default n
---help---
For usleep() API, consider ISR like signals, interrupting usleep() calls,
returning EINTR in errno when an ISR generates a thread awakening.
endmenu
config STD_DRBG
bool "Support DRBG for secure random generation"
default y
---help---
Support for DRBG to have a secure entropy processing
algorithm compatible with the NIST SP800-90A standard.
If DRBG is not selected, the platform TRNG is used as
the raw random generator, which NOT a good practice.
if STD_DRBG
menu "DRBG configuration"
choice
prompt "DRBG secure RNG backends"
default USR_LIB_DRBG_USE_HMAC_DRBG
config USR_LIB_DRBG_USE_HMAC_DRBG
bool "HMAC DRBG"
---help---
HMAC-DRBG as standardized by NIST SP800-90A
endchoice
config STD_DRBG_ENTROPY_CPU_CYCLES
bool "Use the platform cycles counter as an additional entropy source"
default n
---help---
Use the platform cycle counter as an entropy source
for the DRBG (in addition to the TRNG)
endmenu
endif
config STD_SANITIZE_HANDLERS
bool "Support handlers and callbacks sanitization"
default y
---help---
Bring function pointers (handlers and callbacks) sanitization
to limit memory corruption attacks.
config STD_MALLOC
bool "Support for libstd malloc/free"
if STD_MALLOC
choice
prompt "Malloc type"
default STD_MALLOC_LIGHT
config STD_MALLOC_LIGHT
bool "lightway unsecure allocator"
---help---
basic allocator without canaries
config STD_MALLOC_STD
bool "secure allocator"
---help---
secure allocator with canaries
config STD_MALLOC_BINS # A conserver ?
bool "secure allocator with bins"
---help---
secure allocator with canaries and bins
endchoice
config STD_MALLOC_SIZE_LEN
int "sizes and offset length (in bits)"
range 16 32
default 16
---help---
TODO
config STD_MALLOC_ALIGN
int "sizes alignment (in bytes)"
range 1 64
default 1
---help---
TODO
config STD_MALLOC_MUTEX
bool "allocator with mutex (EXPERIMENTAL)"
default n
---help---
TODO
config STD_MALLOC_CHECK_IF_NULL
int "ptr must be null for allocation"
range 0 1
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 0
---help---
TODO
config STD_MALLOC_DBLE_WAY_SEARCH # A conserver ?
int "allocator search mode optimization"
range 0 1
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 0
---help---
TODO
config STD_MALLOC_FREEMEM_CHECK # A conserver ?
int "allocator free memory checking"
range 0 2
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 0
---help---
TODO
config STD_MALLOC_BASIC_CHECKS
int "allocator basic integrity check"
range 0 2
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 0
---help---
TODO
config STD_MALLOC_NB_CANARIES
int
depends on STD_MALLOC_BINS
default 2
---help---
TODO
config STD_MALLOC_INTEGRITY
int "allocator self integrity check"
range 0 3
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 1
---help---
TODO
config STD_MALLOC_RANDOM
int "random allocation"
range 0 1
depends on STD_MALLOC_STD || STD_MALLOC_BINS
default 0
---help---
TODO
endif
endmenu