CONFIG_STACK_CANARIES

Compiler stack canaries

Type: bool

Help

This option enables compiler stack canaries support kernel functions.

If stack canaries are supported by the compiler, it will emit extra code that inserts a canary value into the stack frame when a function is entered and validates this value upon exit. Stack corruption (such as that caused by buffer overflow) results in a fatal error condition for the running entity. Enabling this option can result in a significant increase in footprint and an associated decrease in performance.

If stack canaries are not supported by the compiler, enabling this option has no effect.

Defaults

No defaults. Implicitly defaults to n.

Kconfig definition

At kernel/Kconfig:589

Included via Kconfig:10 → Kconfig.zephyr:25

Menu path: (top menu) → General Kernel Options → Security Options

config STACK_CANARIES
    bool
    prompt "Compiler stack canaries"
    help
      This option enables compiler stack canaries support kernel functions.

      If stack canaries are supported by the compiler, it will emit
      extra code that inserts a canary value into the stack frame when
      a function is entered and validates this value upon exit.
      Stack corruption (such as that caused by buffer overflow) results
      in a fatal error condition for the running entity.
      Enabling this option can result in a significant increase
      in footprint and an associated decrease in performance.

      If stack canaries are not supported by the compiler, enabling this
      option has no effect.

(Definitions include propagated dependencies, including from if’s and menus.)