[Buildroot] [PATCH v2 01/28] boot/arm-trusted-firmware: option to disable stack protection
Sergey Matyukevich
geomatsi at gmail.com
Wed Jun 9 22:03:56 UTC 2021
Hello Thomas,
> > +config BR2_TARGET_ARM_TRUSTED_FIRMWARE_DISABLE_SSP
> > + bool "Disable stack protection"
> > + help
> > + Select this option to explicitly disable stack protection checks in GCC.
> > + Such checks need to be disabled if ATF platform port does not implement
> > + plat_get_stack_protector_canary() hook.
>
> It's a bit annoying that we have to tell TF-A about this. If TF-A
> doesn't implement plat_get_stack_protector_canary() for a certain
> platform, why does it try to enable SSP ? It feels like something that
> should be fixed in TF-A.
TF-A does not attempt to enable those protection checks. This is
controlled by its ENABLE_STACK_PROTECTOR build flag, which default
value is 'none'. This is Buildroot who tries to enable TF-A stack
protection checks depending on BR2_SSP_* toolchain features only:
see arm-trusted-firmware.mk.
Regards,
Sergey
More information about the buildroot
mailing list