Merge changes from topic "lm/stack_protector" into integration
* changes: juno: Add security sources for tsp-juno Add support for default stack-protector flag
This commit is contained in:
commit
2916284377
|
@ -460,12 +460,12 @@ Common build options
|
||||||
architecture is AArch32.
|
architecture is AArch32.
|
||||||
|
|
||||||
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
|
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
|
||||||
checks in GCC. Allowed values are "all", "strong" and "0" (default).
|
checks in GCC. Allowed values are "all", "strong", "default" and "none". The
|
||||||
"strong" is the recommended stack protection level if this feature is
|
default value is set to "none". "strong" is the recommended stack protection
|
||||||
desired. 0 disables the stack protection. For all values other than 0, the
|
level if this feature is desired. "none" disables the stack protection. For
|
||||||
``plat_get_stack_protector_canary()`` platform hook needs to be implemented.
|
all values other than "none", the ``plat_get_stack_protector_canary()``
|
||||||
The value is passed as the last component of the option
|
platform hook needs to be implemented. The value is passed as the last
|
||||||
``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
|
component of the option ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
|
||||||
|
|
||||||
- ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
|
- ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
|
||||||
deprecated platform APIs, helper functions or drivers within Trusted
|
deprecated platform APIs, helper functions or drivers within Trusted
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
|
# Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: BSD-3-Clause
|
# SPDX-License-Identifier: BSD-3-Clause
|
||||||
#
|
#
|
||||||
|
@ -7,13 +7,20 @@
|
||||||
# Boolean macro to be used in C code
|
# Boolean macro to be used in C code
|
||||||
STACK_PROTECTOR_ENABLED := 0
|
STACK_PROTECTOR_ENABLED := 0
|
||||||
|
|
||||||
ifneq (${ENABLE_STACK_PROTECTOR},0)
|
ifeq (${ENABLE_STACK_PROTECTOR},0)
|
||||||
STACK_PROTECTOR_ENABLED := 1
|
ENABLE_STACK_PROTECTOR := none
|
||||||
BL_COMMON_SOURCES += lib/stack_protector/stack_protector.c \
|
endif
|
||||||
|
|
||||||
|
ifneq (${ENABLE_STACK_PROTECTOR},none)
|
||||||
|
STACK_PROTECTOR_ENABLED := 1
|
||||||
|
BL_COMMON_SOURCES += lib/stack_protector/stack_protector.c \
|
||||||
lib/stack_protector/${ARCH}/asm_stack_protector.S
|
lib/stack_protector/${ARCH}/asm_stack_protector.S
|
||||||
|
|
||||||
TF_CFLAGS += -fstack-protector-${ENABLE_STACK_PROTECTOR}
|
ifeq (${ENABLE_STACK_PROTECTOR},default)
|
||||||
|
TF_CFLAGS += -fstack-protector
|
||||||
|
else
|
||||||
|
TF_CFLAGS += -fstack-protector-${ENABLE_STACK_PROTECTOR}
|
||||||
|
endif
|
||||||
endif
|
endif
|
||||||
|
|
||||||
$(eval $(call add_define,STACK_PROTECTOR_ENABLED))
|
$(eval $(call add_define,STACK_PROTECTOR_ENABLED))
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
#
|
#
|
||||||
# Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved.
|
# Copyright (c) 2014-2019, ARM Limited and Contributors. All rights reserved.
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: BSD-3-Clause
|
# SPDX-License-Identifier: BSD-3-Clause
|
||||||
#
|
#
|
||||||
|
|
||||||
BL32_SOURCES += plat/arm/board/juno/juno_topology.c \
|
BL32_SOURCES += plat/arm/board/juno/juno_topology.c \
|
||||||
plat/arm/css/common/css_topology.c \
|
plat/arm/css/common/css_topology.c \
|
||||||
${JUNO_GIC_SOURCES}
|
${JUNO_GIC_SOURCES} \
|
||||||
|
${JUNO_SECURITY_SOURCES}
|
||||||
|
|
||||||
include plat/arm/common/tsp/arm_tsp.mk
|
include plat/arm/common/tsp/arm_tsp.mk
|
||||||
|
|
Loading…
Reference in New Issue