From 5f432df7e2d26d6d57d750cbee1a573c1f886e26 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Sat, 7 Aug 2021 12:56:10 +0200 Subject: [PATCH] boot/arm-trusted-firmware: change ENABLE_STACK_PROTECTOR value when disabled Since commit cf176128ec4ad60c29c8828cab1887f69edb9473 ("boot/arm-trusted-firmware: add SSP option"), we are passing ENABLE_STACK_PROTECTOR=none when we want to disable SSP usage in TF-A. While this works fine in recent versions of TF-A, older versions such as TF-A will end up passing -fstack-protector-none in this situation, which fails as this is not a valid gcc option (the valid gcc option is -fno-stack-protector). To solve this, we pass ENABLE_STACK_PROTECTOR=0 which was in older TF-A versions used to say "don't do anything with SSP", and is also still supported in newer versions of TF-A. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/1478738580 Signed-off-by: Thomas Petazzoni --- boot/arm-trusted-firmware/Config.in | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/boot/arm-trusted-firmware/Config.in b/boot/arm-trusted-firmware/Config.in index 7e46a10270..9e171f414f 100644 --- a/boot/arm-trusted-firmware/Config.in +++ b/boot/arm-trusted-firmware/Config.in @@ -204,7 +204,10 @@ config BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP config BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP_LEVEL string - default "none" if !BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP + # While newer versions of TF-A support "none" as + # ENABLE_STACK_PROTECTOR value, older versions (e.g 2.0) only + # supported "0" to disable SSP. + default "0" if !BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP default "default" if BR2_SSP_REGULAR default "strong" if BR2_SSP_STRONG default "all" if BR2_SSP_ALL