blob: 1a5524fd8d7a62afd0434443a0b58fa563ca376e [file] [log] [blame]
Security hardening
This page contains guidance on what to check for additional security measures,
including build options that can be modified to improve security or catch issues
early in development.
Build options
Several build options can be used to check for security issues. Refer to the
:ref:`User Guide` for detailed information on the specific build options.
- The ``BRANCH_PROTECTION`` build flag can be used to enable Pointer
Authentication and Branch Target Identification.
- The ``ENABLE_STACK_PROTECTOR`` build flag can be used to identify buffer
- The ``W`` build flag can be used to enable a number of compiler warning
options to detect potentially incorrect code.
- W=0 (default value)
The ``Wunused`` with ``Wno-unused-parameter``, ``Wdisabled-optimization``
and ``Wvla`` flags are enabled.
The ``Wunused-but-set-variable``, ``Wmaybe-uninitialized`` and
``Wpacked-bitfield-compat`` are GCC specific flags that are also enabled.
- W=1
Adds ``Wextra``, ``Wmissing-declarations``, ``Wmissing-format-attribute``,
``Wmissing-prototypes``, ``Wold-style-definition`` and
- W=2
Adds ``Waggregate-return``, ``Wcast-align``, ``Wnested-externs``,
``Wshadow``, ``Wlogical-op``, ``Wmissing-field-initializers`` and
- W=3
Adds ``Wbad-function-cast``, ``Wcast-qual``, ``Wconversion``, ``Wpacked``,
``Wpadded``, ``Wpointer-arith``, ``Wredundant-decls`` and
Refer to the GCC or Clang documentation for more information on the individual
options: and
NB: The ``Werror`` flag is enabled by default in TF-A and can be disabled by
setting the ``E`` build flag to 0.
*Copyright (c) 2019, Arm Limited. All rights reserved.*