feat(tc): enable stack protector

Enable the compiler's stack protector for detecting stack overflow
issues.

Though TC platform can generate RNG from RSE via MHU channel, the
stack protector canary is used prior to MHU channel initialization.

Thus, currently here simply returns a value of the combination of a
timer's value and a compile-time constant.

Signed-off-by: Leo Yan <leo.yan@arm.com>
Signed-off-by: Icen Zeyada <Icen.Zeyada2@arm.com>
Change-Id: I68fcc7782637b2b6b4dbbc81bc15df8c5ce0040b

plat/arm/board/tc/platform.mk

@@ -160,6 +160,11 @@ INTERCONNECT_SOURCES	:=	${TC_BASE}/tc_interconnect.c \
 PLAT_BL_COMMON_SOURCES	+=	${TC_BASE}/tc_plat.c	\
 				${TC_BASE}/include/tc_helpers.S
 
+
+ifneq (${ENABLE_STACK_PROTECTOR},0)
+PLAT_BL_COMMON_SOURCES	+=	${TC_BASE}/tc_stack_protector.c
+endif
+
 BL1_SOURCES		+=	${INTERCONNECT_SOURCES}	\
 				${TC_CPU_SOURCES}	\
 				${TC_BASE}/tc_trusted_boot.c	\

plat/arm/board/tc/tc_stack_protector.c

@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2024, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <arch_helpers.h>
+#include <plat/common/platform.h>
+
+#define RANDOM_CANARY_VALUE ((u_register_t) 3288484550995823360ULL)
+
+u_register_t plat_get_stack_protector_canary(void)
+{
+	/*
+	 * On the Total Compute platform, it can generate RNG via MHU channel
+	 * and communicate with RSE. But the stack protector canary function
+	 * is needed prior to MHU channel gets ready.
+	 *
+	 * Since now MHU module cannot distinguish if MHU channel has been
+	 * initialized or not, if it arbitrarily tries to send message, it will
+	 * cause panic. For this reason, this function cannot rollback to
+	 * dummy random number based on the MHU failure.
+	 *
+	 * For above reasons, simply return a value of the combination of a
+	 * timer's value and a compile-time constant.
+	 */
+	return RANDOM_CANARY_VALUE ^ read_cntpct_el0();
+}