| commit | dc0d931a8a4c34283f56c5b5aeca597e97b2b86a | [log] [tgz] |
|---|---|---|
| author | gerrit.automerge <gerrit.automerge@amlogic.com> | Thu Apr 18 17:26:00 2024 +0800 |
| committer | gerrit.automerge <gerrit.automerge@amlogic.com> | Thu Apr 18 17:26:00 2024 +0800 |
| tree | cc06e307d3bb5c7310b4ecddc4262af20f002c51 | |
| parent | 2ed2f6c508a18333d37f8bdae038bbf2467dc6a1 [diff] |
commit f70c8216c1a42a0db25a60ae2bea9a90d3b59893
Author: Shuo Liu <shuo.liu@amlogic.com>
Date: Fri Mar 8 15:20:38 2024 +0800
Makefile: add security enhanced compilation options for CA and SO on Linux [2/5]
PD#RSP-6128
Problem:
Need to meet the requirements of security hardening check on Linux
Solution:
Add security enhanced compilation options to CFLAGS and LDFLAGS
Verify:
Local checksec tool check OK
Change-Id: I577b061731994d9baa461d43f3342e3e4504e5a9
Signed-off-by: Shuo Liu <shuo.liu@amlogic.com>
Change-Id: Ie129c6f280d275c6bae403a1479d30a4e2d5642a
Signed-off-by: gerrit.automerge <gerrit.automerge@amlogic.com>
$ make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf-
$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu-
$ mm
$ ./ta_export/scripts/gen_cert_key.py
--root_rsa_key=ta_export/keys/root_rsa_prv_key.pem
--ta_rsa_key=ta_export/keys/ta_rsa_pub_key.pem
--uuid=8aaaf200-2450-11e4-abe2-0002a5d5c51b
--ta_rsa_key_sig=ta_rsa_key.sig
--root_aes_key=ta_export/keys/root_aes_key.bin
--ta_aes_key=ta_export/keys/ta_aes_key.bin
--ta_aes_iv=ta_export/keys/ta_aes_iv.bin
--ta_aes_key_iv_enc=ta_aes_key_enc.bin $ ./ta_export/scripts/sign_ta.py
--ta_rsa_key=ta_export/keys/ta_rsa_prv_key.pem
--ta_rsa_key_sig=ta_rsa_key.sig
--ta_aes_key=ta_export/keys/ta_aes_key.bin
--ta_aes_iv=ta_export/keys/ta_aes_iv.bin
--ta_aes_key_iv_enc=ta_aes_key_enc.bin
--in=8aaaf200-2450-11e4-abe2-0002a5d5c51b.ta
--out=8aaaf200-2450-11e4-abe2-0002a5d5c51b.ta