feat(security): add support for SLS mitigation This patch enables support for the gcc compiler option "-mharden-sls", the default is not to use this option. Setting HARDEN_SLS=1 sets "-mharden-sls=all" that enables all hardening against straight line speculation. Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I59f5963c22431571f5aebe7e0c5642b32362f4c9

commit: 538516f5d3db6e2c30dfa9f0b82859389f529e78 [log] [tgz]
author: Bipin Ravi <bipin.ravi@arm.com> Thu Sep 28 13:17:24 2023 -0500
committer: Bipin Ravi <bipin.ravi@arm.com> Tue Nov 21 15:27:00 2023 -0600
tree: 8a92eff20b463b40a07ae435fcb1c0a6762b54e0
parent: 7bcd3cf5572a1fa4db65f3fc2f4b01fe3c6709c1 [diff] [blame]
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index ea22655..57529ee 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk

@@ -150,6 +150,10 @@
 # Enable Handoff protocol using transfer lists
 TRANSFER_LIST			:= 0
 
+# Enables support for the gcc compiler option "-mharden-sls=all".
+# By default, disables all SLS hardening.
+HARDEN_SLS			:= 0
+
 # Secure hash algorithm flag, accepts 3 values: sha256, sha384 and sha512.
 # The default value is sha256.
 HASH_ALG			:= sha256
commit	538516f5d3db6e2c30dfa9f0b82859389f529e78	[log] [tgz]
author	Bipin Ravi <bipin.ravi@arm.com>	Thu Sep 28 13:17:24 2023 -0500
committer	Bipin Ravi <bipin.ravi@arm.com>	Tue Nov 21 15:27:00 2023 -0600
tree	8a92eff20b463b40a07ae435fcb1c0a6762b54e0
parent	7bcd3cf5572a1fa4db65f3fc2f4b01fe3c6709c1 [diff] [blame]