Add support for default stack-protector flag

The current stack-protector support is for none, "strong" or "all".
The default use of the flag enables the stack-protection to all
functions that declare a character array of eight bytes or more in
length on their stack.
This option can be tuned with the --param=ssp-buffer-size=N option.

Change-Id: I11ad9568187d58de1b962b8ae04edd1dc8578fb0
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

1 files changed, 6 insertions, 6 deletions

diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index b9f08716a..01cf17a23 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -460,12 +460,12 @@ Common build options
    architecture is AArch32.
 
 -  ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
-   checks in GCC. Allowed values are "all", "strong" and "0" (default).
-   "strong" is the recommended stack protection level if this feature is
-   desired. 0 disables the stack protection. For all values other than 0, the
-   ``plat_get_stack_protector_canary()`` platform hook needs to be implemented.
-   The value is passed as the last component of the option
-   ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
+   checks in GCC. Allowed values are "all", "strong", "default" and "none". The
+   default value is set to "none". "strong" is the recommended stack protection
+   level if this feature is desired. "none" disables the stack protection. For
+   all values other than "none", the ``plat_get_stack_protector_canary()``
+   platform hook needs to be implemented. The value is passed as the last
+   component of the option ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
 
 -  ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
    deprecated platform APIs, helper functions or drivers within Trusted