diff --git a/Config.in b/Config.in
index 27b563f..9be57cf 100644
--- a/Config.in
+++ b/Config.in
@@ -396,6 +396,73 @@ menu "--- BOOK Settings"
string
default "2.6" if KERNEL_26
default "2.4" if KERNEL_24
+
+ menu "HLFS Additional Features"
+ depends on BOOK_HLFS
+
+ config SET_SSP
+ bool "Stack-smashing protector"
+ default y
+
+ config SET_ASLR
+ bool "Address-space layout randomization"
+ default y
+
+ config SET_PAX
+ bool "PaX-aware ELF executables and kernel"
+ default y
+
+ config SET_HARDENED_TMP
+ bool "Hardened temporary files creation"
+ default y
+
+ config SET_WARNINGS
+ bool "Additional warnings"
+ default y
+
+ config SET_MISC
+ bool "Miscellaneous features"
+ default y
+
+ config SET_BLOWFISH
+ bool "Blowfish passwords"
+ default y
+ endmenu
+
+ config SSP
+ depends on SET_SSP
+ string
+ default ",ssp,"
+
+ config ASLR
+ depends on SET_ASLR
+ string
+ default ",aslr,"
+
+ config PAX
+ depends on SET_PAX
+ string
+ default ",pax,"
+
+ config HARDENED_TMP
+ depends on SET_HARDENED_TMP
+ string
+ default ",hardened_tmp,"
+
+ config WARNINGS
+ depends on SET_WARNINGS
+ string
+ default ",warnings,"
+
+ config MISC
+ depends on SET_MISC
+ string
+ default ",misc,"
+
+ config BLOWFISH
+ depends on SET_BLOWFISH
+ string
+ default ",blowfish,"
#--- End HLFS specific params
#--- Custom Tools support
diff --git a/HLFS/hlfs.xsl b/HLFS/hlfs.xsl
index 4b93515..341d0a8 100644
--- a/HLFS/hlfs.xsl
+++ b/HLFS/hlfs.xsl
@@ -36,6 +36,9 @@
-->
+
+ ,ssp,aslr,pax,hardened_tmp,warnings,misc,blowfish,
+
@@ -149,7 +152,8 @@
+ child::* = userinput and (not(@role) or
+ (@role and contains($features,concat(',',@role,','))))">
diff --git a/common/libs/func_book_parser b/common/libs/func_book_parser
index 46ba3e0..17e0031 100644
--- a/common/libs/func_book_parser
+++ b/common/libs/func_book_parser
@@ -125,6 +125,7 @@ extract_commands() { #
--stringparam kernel $KERNEL \
--stringparam testsuite $TEST \
--stringparam bomb-testsuite $BOMB_TEST \
+ --stringparam features $SSP$ASLR$PAX$HARDENED_TMP$WARNINGS$MISC$BLOWFISH \
--stringparam timezone $TIMEZONE \
--stringparam page $PAGE \
--stringparam lang $LANG \
diff --git a/common/libs/func_validate_configs.sh b/common/libs/func_validate_configs.sh
index 81df8d3..d6ad449 100644
--- a/common/libs/func_validate_configs.sh
+++ b/common/libs/func_validate_configs.sh
@@ -31,7 +31,9 @@ inline_doc
# BOOK Settings by book
local -r LFS_book="$BOOK_common BLFS_TOOL"
- local -r HLFS_book="$BOOK_common BLFS_TOOL MODEL KERNEL GRSECURITY_HOST"
+ local -r HLFS_added="SET_SSP SET_ASLR SET_PAX SET_HARDENED_TMP SET_WARNINGS \
+ SET_MISC SET_BLOWFISH"
+ local -r HLFS_book="$BOOK_common BLFS_TOOL MODEL KERNEL GRSECURITY_HOST $HLFS_added"
local -r CLFS_book="$BOOK_common BLFS_TOOL METHOD $BOOK_clfsX TARGET32 BOOT_CONFIG"
local -r CLFS2_book="$BOOK_common BLFS_TOOL $BOOK_clfsX"
local -r CLFS3_book="$BOOK_common $BOOK_clfsX PLATFORM MIPS_LEVEL"
diff --git a/jhalfs b/jhalfs
index 4e40204..b8b1381 100755
--- a/jhalfs
+++ b/jhalfs
@@ -111,6 +111,13 @@ CUSTOM_TOOLS=${CUSTOM_TOOLS:-n}
REBUILD_MAKEFILE=${REBUILD_MAKEFILE:-n}
INSTALL_LOG=${INSTALL_LOG:-n}
CLEAN=${CLEAN:=n}
+SET_SSP=${SET_SSP:=n}
+SET_ASLR=${SET_ASLR:=n}
+SET_PAX=${SET_PAX:=n}
+SET_HARDENED_TMP=${SET_HARDENED_TMP:=n}
+SET_WARNINGS=${SET_WARNINGS:=n}
+SET_MISC=${SET_MISC:=n}
+SET_BLOWFISH=${SET_BLOWFISH:=n}
# Book surces envars
BRANCH_ID=${BRANCH_ID:=development}