Patch from Peter S. Mazinger:

rename UCLIBC_PROPOLICE to UCLIBC_HAS_SSP

Rules.mak

@@ -232,7 +232,7 @@ LDPIEFLAG=
 endif
 
 SSP_DISABLE_FLAGS=$(call check_gcc,-fno-stack-protector,)
-ifeq ($(UCLIBC_PROPOLICE),y)
+ifeq ($(UCLIBC_BUILD_SSP),y)
 SSP_CFLAGS=$(call check_gcc,-fno-stack-protector-all,)
 SSP_CFLAGS+=$(call check_gcc,-fstack-protector,)
 SSP_ALL_CFLAGS=$(call check_gcc,-fstack-protector-all,)

debian/config

@@ -43,7 +43,7 @@ BUILD_UCLIBC_LDSO=y
 # UCLIBC_BUILD_PIE is not set
 LDSO_LDD_SUPPORT=y
 UCLIBC_CTOR_DTOR=y
-# UCLIBC_PROPOLICE is not set
+# UCLIBC_HAS_SSP is not set
 # HAS_NO_THREADS is not set
 UCLIBC_HAS_THREADS=y
 PTHREADS_DEBUG_SUPPORT=y

extra/Configs/Config.frv.default

@@ -54,7 +54,7 @@ LDSO_CACHE_SUPPORT=y
 LDSO_PRELOAD_FILE_SUPPORT=y
 LDSO_BASE_FILENAME="ld.so.1"
 UCLIBC_CTOR_DTOR=y
-# UCLIBC_PROPOLICE is not set
+# UCLIBC_HAS_SSP is not set
 # HAS_NO_THREADS is not set
 UCLIBC_HAS_THREADS=y
 PTHREADS_DEBUG_SUPPORT=y

extra/Configs/Config.in

@@ -282,21 +282,21 @@ config UCLIBC_CTOR_DTOR
 	  then you definitely want to answer Y here.  If you don't need ctors
 	  or dtors and want your binaries to be as small as possible, then
 	  answer N.
-	  
-config UCLIBC_PROPOLICE
+
+config UCLIBC_HAS_SSP
 	bool "Support for propolice stack protection"
 	default n
 	help
-	  Propolice stack protection.
+	  Adds propolice protection to libc (__guard and __stack_smash_handler).
 	  More about it on <http://www.research.ibm.com/trl/projects/security/ssp> .
 	  To be able to use it, you'll also need a propolice patched gcc,
 	  supporting the -fstack-protector[-all] options. It is a specially patched
-	  gcc version, were __guard and __stack_smash_handler are removed from libgcc.
+	  gcc version, where __guard and __stack_smash_handler are removed from libgcc.
 	  Most people will answer N.
 
 choice
 	prompt "Propolice protection blocking signal"
-	depends on UCLIBC_PROPOLICE
+	depends on UCLIBC_HAS_SSP
 	default PROPOLICE_BLOCK_ABRT if ! DODEBUG
 	default PROPOLICE_BLOCK_SEGV if DODEBUG
 	help
@@ -322,6 +322,13 @@ config PROPOLICE_BLOCK_KILL
 
 endchoice
 
+config UCLIBC_BUILD_SSP
+	bool "Build uClibc with propolice protection"
+	depends on UCLIBC_HAS_SSP
+	default n
+	help
+	  Build all libraries and executables with propolice protection enabled.
+
 config HAS_NO_THREADS
 	bool
 	default n

libc/misc/internals/__uClibc_main.c

@@ -24,7 +24,7 @@
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <sys/sysmacros.h>
-#ifdef __UCLIBC_PROPOLICE__
+#ifdef __UCLIBC_HAS_SSP__
 extern void __guard_setup(void);
 #endif
 
@@ -225,7 +225,7 @@ __uClibc_start_main(int argc, char **argv, char **envp,
     }
 #endif
 
-#ifdef __UCLIBC_PROPOLICE__
+#ifdef __UCLIBC_HAS_SSP__
     __guard_setup ();
 #endif
 

libc/sysdeps/linux/common/Makefile

@@ -57,7 +57,7 @@ CSRC=	__rt_sigtimedwait.c __socketcall.c __syscall_fcntl.c \
 ifneq ($(strip $(EXCLUDE_BRK)),y)
 CSRC+=sbrk.c
 endif
-ifeq ($(strip $(UCLIBC_PROPOLICE)),y)
+ifeq ($(strip $(UCLIBC_HAS_SSP)),y)
 CSRC+=ssp.c
 endif