feat(plat/versal): add support for SLS mitigation
This patch adds the option HARDEN_SLS_ALL that can be used to enable
the -mharden-sls=all, which mitigates the straight-line speculation
vulnerability. Enable this by adding the option HARDEN_SLS_ALL=1,
default this will be disabled.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I0d498d9e96903fcb879993ad491949f6f17769b2
diff --git a/docs/plat/xilinx-versal.rst b/docs/plat/xilinx-versal.rst
index 3d4c4a4..d65b048 100644
--- a/docs/plat/xilinx-versal.rst
+++ b/docs/plat/xilinx-versal.rst
@@ -24,6 +24,11 @@
make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal bl31 VERSAL_CONSOLE=dcc
```
+To build TF-A with Straight-Line Speculation(SLS)
+```bash
+make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal bl31 HARDEN_SLS_ALL=1
+```
+
Xilinx Versal platform specific build options
---------------------------------------------
diff --git a/plat/xilinx/versal/platform.mk b/plat/xilinx/versal/platform.mk
index a0b317f..a8b2c94 100644
--- a/plat/xilinx/versal/platform.mk
+++ b/plat/xilinx/versal/platform.mk
@@ -9,6 +9,7 @@
override RESET_TO_BL31 := 1
PL011_GENERIC_UART := 1
IPI_CRC_CHECK := 0
+HARDEN_SLS_ALL := 0
ifdef VERSAL_ATF_MEM_BASE
$(eval $(call add_define,VERSAL_ATF_MEM_BASE))
@@ -87,3 +88,7 @@
plat/xilinx/versal/pm_service/pm_svc_main.c \
plat/xilinx/versal/pm_service/pm_api_sys.c \
plat/xilinx/versal/pm_service/pm_client.c
+
+ifeq ($(HARDEN_SLS_ALL), 1)
+TF_CFLAGS_aarch64 += -mharden-sls=all
+endif