Stack_seal_mitigation: Secure harden the Main Stack Pointer (MSP) Seal the MSP_S for both IPC mode and Library mode with the recommended stack seal value during runtime. Check the comments in the header file for more details. Change-Id: Icc36f318d5416aa2c3df8b4d647d892caddd20c3 Signed-off-by: Ken Liu <ken.liu@arm.com>

commit: 05e13bac2c5a0c035b51e5e9513d4a59a966ce5e [log] [tgz]
author: Ken Liu <ken.liu@arm.com> Sat Jul 25 10:31:33 2020 +0800
committer: Soby Mathew <soby.mathew@arm.com> Fri Oct 16 17:02:07 2020 +0100
tree: 46b3c15b8510faa5f403061272c5d35cae0b57e1
parent: 50e21099d0eb360ce2aad52192f8db6a8b7a137d [diff]
diff --git a/secure_fw/spm/cmsis_func/main.c b/secure_fw/spm/cmsis_func/main.c
index f22dfbf..920d0f5 100644
--- a/secure_fw/spm/cmsis_func/main.c
+++ b/secure_fw/spm/cmsis_func/main.c

@@ -120,8 +120,9 @@
 int main(void)
 {
     /* set Main Stack Pointer limit */
-    tfm_arch_set_msplim((uint32_t)&REGION_NAME(Image$$, ARM_LIB_STACK_MSP,
-                                               $$ZI$$Base));
+    tfm_arch_init_secure_msp((uint32_t)&REGION_NAME(Image$$,
+                                                    ARM_LIB_STACK_MSP,
+                                                    $$ZI$$Base));
 
     if (tfm_core_init() != TFM_SUCCESS) {
         tfm_core_panic();
commit	05e13bac2c5a0c035b51e5e9513d4a59a966ce5e	[log] [tgz]
author	Ken Liu <ken.liu@arm.com>	Sat Jul 25 10:31:33 2020 +0800
committer	Soby Mathew <soby.mathew@arm.com>	Fri Oct 16 17:02:07 2020 +0100
tree	46b3c15b8510faa5f403061272c5d35cae0b57e1
parent	50e21099d0eb360ce2aad52192f8db6a8b7a137d [diff]