mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 17:44:19 +00:00
fd7b287cbe
The current stack-protector support is for none, "strong" or "all". The default use of the flag enables the stack-protection to all functions that declare a character array of eight bytes or more in length on their stack. This option can be tuned with the --param=ssp-buffer-size=N option. Change-Id: I11ad9568187d58de1b962b8ae04edd1dc8578fb0 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
26 lines
669 B
Makefile
26 lines
669 B
Makefile
#
|
|
# Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
|
|
#
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
|
#
|
|
|
|
# Boolean macro to be used in C code
|
|
STACK_PROTECTOR_ENABLED := 0
|
|
|
|
ifeq (${ENABLE_STACK_PROTECTOR},0)
|
|
ENABLE_STACK_PROTECTOR := none
|
|
endif
|
|
|
|
ifneq (${ENABLE_STACK_PROTECTOR},none)
|
|
STACK_PROTECTOR_ENABLED := 1
|
|
BL_COMMON_SOURCES += lib/stack_protector/stack_protector.c \
|
|
lib/stack_protector/${ARCH}/asm_stack_protector.S
|
|
|
|
ifeq (${ENABLE_STACK_PROTECTOR},default)
|
|
TF_CFLAGS += -fstack-protector
|
|
else
|
|
TF_CFLAGS += -fstack-protector-${ENABLE_STACK_PROTECTOR}
|
|
endif
|
|
endif
|
|
|
|
$(eval $(call add_define,STACK_PROTECTOR_ENABLED))
|