Skip to content

GitLab

"frontend/src/api/vscode:/vscode.git/clone" did not exist on "252d6c530141ce7af14531db79d1e7ae56ef7e65"
Commit 29162843 authored by Soby Mathew's avatar Soby Mathew Committed by TrustedFirmware Code Review
Browse files

Merge changes from topic "lm/stack_protector" into integration 

* changes:
  juno: Add security sources for tsp-juno
  Add support for default stack-protector flag
parents 19b4f689 2a3c645b
Hide whitespace changes
Inline Side-by-side
docs/user-guide.rst
View file @ 29162843
...@@ -460,12 +460,12 @@ Common build options ...@@ -460,12 +460,12 @@ Common build options
architecture is AArch32. architecture is AArch32.
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection - ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
checks in GCC. Allowed values are "all", "strong" and "0" (default). checks in GCC. Allowed values are "all", "strong", "default" and "none". The
"strong" is the recommended stack protection level if this feature is default value is set to "none". "strong" is the recommended stack protection
desired. 0 disables the stack protection. For all values other than 0, the level if this feature is desired. "none" disables the stack protection. For
``plat_get_stack_protector_canary()`` platform hook needs to be implemented. all values other than "none", the ``plat_get_stack_protector_canary()``
The value is passed as the last component of the option platform hook needs to be implemented. The value is passed as the last
``-fstack-protector-$ENABLE_STACK_PROTECTOR``. component of the option ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
- ``ERROR_DEPRECATED``: This option decides whether to treat the usage of - ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
deprecated platform APIs, helper functions or drivers within Trusted deprecated platform APIs, helper functions or drivers within Trusted
......
lib/stack_protector/stack_protector.mk
View file @ 29162843
# #
# Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
...@@ -7,13 +7,20 @@ ...@@ -7,13 +7,20 @@
# Boolean macro to be used in C code # Boolean macro to be used in C code
STACK_PROTECTOR_ENABLED := 0 STACK_PROTECTOR_ENABLED := 0
ifneq (${ENABLE_STACK_PROTECTOR},0) ifeq (${ENABLE_STACK_PROTECTOR},0)
STACK_PROTECTOR_ENABLED := 1 ENABLE_STACK_PROTECTOR := none
BL_COMMON_SOURCES += lib/stack_protector/stack_protector.c \ endif
ifneq (${ENABLE_STACK_PROTECTOR},none)
STACK_PROTECTOR_ENABLED := 1
BL_COMMON_SOURCES += lib/stack_protector/stack_protector.c \
lib/stack_protector/${ARCH}/asm_stack_protector.S lib/stack_protector/${ARCH}/asm_stack_protector.S
TF_CFLAGS += -fstack-protector-${ENABLE_STACK_PROTECTOR} ifeq (${ENABLE_STACK_PROTECTOR},default)
TF_CFLAGS += -fstack-protector
else
TF_CFLAGS += -fstack-protector-${ENABLE_STACK_PROTECTOR}
endif
endif endif
$(eval $(call add_define,STACK_PROTECTOR_ENABLED)) $(eval $(call add_define,STACK_PROTECTOR_ENABLED))
plat/arm/board/juno/tsp/tsp-juno.mk
View file @ 29162843
# #
# Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2014-2019, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
BL32_SOURCES += plat/arm/board/juno/juno_topology.c \ BL32_SOURCES += plat/arm/board/juno/juno_topology.c \
plat/arm/css/common/css_topology.c \ plat/arm/css/common/css_topology.c \
${JUNO_GIC_SOURCES} ${JUNO_GIC_SOURCES} \
${JUNO_SECURITY_SOURCES}
include plat/arm/common/tsp/arm_tsp.mk include plat/arm/common/tsp/arm_tsp.mk
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment