-
CONFIG_STACK_CANARIES
¶
Compiler stack canaries
Type: bool
Help¶
This option enables compiler stack canaries.
If stack canaries are supported by the compiler, it will emit extra code that inserts a canary value into the stack frame when a function is entered and validates this value upon exit. Stack corruption (such as that caused by buffer overflow) results in a fatal error condition for the running entity. Enabling this option can result in a significant increase in footprint and an associated decrease in performance.
If stack canaries are not supported by the compiler an error will occur at build time.
Defaults¶
No defaults. Implicitly defaults to n
.
Kconfig definition¶
At kernel/Kconfig:616
Included via Kconfig:10
→ Kconfig.zephyr:31
Menu path: (top menu) → General Kernel Options → Security Options
config STACK_CANARIES
bool
prompt "Compiler stack canaries"
help
This option enables compiler stack canaries.
If stack canaries are supported by the compiler, it will emit
extra code that inserts a canary value into the stack frame when
a function is entered and validates this value upon exit.
Stack corruption (such as that caused by buffer overflow) results
in a fatal error condition for the running entity.
Enabling this option can result in a significant increase
in footprint and an associated decrease in performance.
If stack canaries are not supported by the compiler an error
will occur at build time.
(Definitions include propagated dependencies, including from if’s and menus.)