Skip to content

GitLab

Unverified Commit 57bc6424 authored by Antonio Niño Díaz's avatar Antonio Niño Díaz Committed by GitHub
Browse files

Merge pull request #1829 from antonio-nino-diaz-arm/an/pauth 

Add Pointer Authentication (ARMv8.3-PAuth) support to the TF
parents fc159c62 67b6ff9f
master v2.5 v2.5-rc1 v2.5-rc0 v2.4 v2.4-rc2 v2.4-rc1 v2.4-rc0 v2.3 v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.2 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.1 v2.1-rc1 v2.1-rc0 arm_cca_v0.2 arm_cca_v0.1
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 378 additions and 68 deletions
+378 -68
Makefile
View file @ 57bc6424
...@@ -184,6 +184,14 @@ TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align ...@@ -184,6 +184,14 @@ TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align
ASFLAGS_aarch32 = $(march32-directive) ASFLAGS_aarch32 = $(march32-directive)
ASFLAGS_aarch64 = -march=armv8-a ASFLAGS_aarch64 = -march=armv8-a
# Set the compiler to ARMv8.3 mode so that it uses all the ARMv8.3-PAuth
# instructions. Keeping it in 8.0 would make the compiler emit
# backwards-compatible hint instructions, which needs more space.
ifeq (${ENABLE_PAUTH},1)
TF_CFLAGS_aarch64 += -march=armv8.3-a
ASFLAGS_aarch64 += -march=armv8.3-a
endif
WARNING1 := -Wextra WARNING1 := -Wextra
WARNING1 += -Wunused -Wno-unused-parameter WARNING1 += -Wunused -Wno-unused-parameter
WARNING1 += -Wmissing-declarations WARNING1 += -Wmissing-declarations
...@@ -459,6 +467,15 @@ ifeq ($(DYN_DISABLE_AUTH), 1) ...@@ -459,6 +467,15 @@ ifeq ($(DYN_DISABLE_AUTH), 1)
endif endif
endif endif
# If pointer authentication is used in the firmware, make sure that all the
# registers associated to it are also saved and restored. Not doing it would
# leak the value of the key used by EL3 to EL1 and S-EL1.
ifeq ($(ENABLE_PAUTH),1)
ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
$(error ENABLE_PAUTH=1 requires CTX_INCLUDE_PAUTH_REGS=1)
endif
endif
################################################################################ ################################################################################
# Process platform overrideable behaviour # Process platform overrideable behaviour
################################################################################ ################################################################################
...@@ -580,12 +597,14 @@ $(eval $(call assert_boolean,COLD_BOOT_SINGLE_CPU)) ...@@ -580,12 +597,14 @@ $(eval $(call assert_boolean,COLD_BOOT_SINGLE_CPU))
$(eval $(call assert_boolean,CREATE_KEYS)) $(eval $(call assert_boolean,CREATE_KEYS))
$(eval $(call assert_boolean,CTX_INCLUDE_AARCH32_REGS)) $(eval $(call assert_boolean,CTX_INCLUDE_AARCH32_REGS))
$(eval $(call assert_boolean,CTX_INCLUDE_FPREGS)) $(eval $(call assert_boolean,CTX_INCLUDE_FPREGS))
$(eval $(call assert_boolean,CTX_INCLUDE_PAUTH_REGS))
$(eval $(call assert_boolean,DEBUG)) $(eval $(call assert_boolean,DEBUG))
$(eval $(call assert_boolean,DYN_DISABLE_AUTH)) $(eval $(call assert_boolean,DYN_DISABLE_AUTH))
$(eval $(call assert_boolean,EL3_EXCEPTION_HANDLING)) $(eval $(call assert_boolean,EL3_EXCEPTION_HANDLING))
$(eval $(call assert_boolean,ENABLE_AMU)) $(eval $(call assert_boolean,ENABLE_AMU))
$(eval $(call assert_boolean,ENABLE_ASSERTIONS)) $(eval $(call assert_boolean,ENABLE_ASSERTIONS))
$(eval $(call assert_boolean,ENABLE_MPAM_FOR_LOWER_ELS)) $(eval $(call assert_boolean,ENABLE_MPAM_FOR_LOWER_ELS))
$(eval $(call assert_boolean,ENABLE_PAUTH))
$(eval $(call assert_boolean,ENABLE_PIE)) $(eval $(call assert_boolean,ENABLE_PIE))
$(eval $(call assert_boolean,ENABLE_PMF)) $(eval $(call assert_boolean,ENABLE_PMF))
$(eval $(call assert_boolean,ENABLE_PSCI_STAT)) $(eval $(call assert_boolean,ENABLE_PSCI_STAT))
...@@ -633,10 +652,12 @@ $(eval $(call add_define,ARM_ARCH_MINOR)) ...@@ -633,10 +652,12 @@ $(eval $(call add_define,ARM_ARCH_MINOR))
$(eval $(call add_define,COLD_BOOT_SINGLE_CPU)) $(eval $(call add_define,COLD_BOOT_SINGLE_CPU))
$(eval $(call add_define,CTX_INCLUDE_AARCH32_REGS)) $(eval $(call add_define,CTX_INCLUDE_AARCH32_REGS))
$(eval $(call add_define,CTX_INCLUDE_FPREGS)) $(eval $(call add_define,CTX_INCLUDE_FPREGS))
$(eval $(call add_define,CTX_INCLUDE_PAUTH_REGS))
$(eval $(call add_define,EL3_EXCEPTION_HANDLING)) $(eval $(call add_define,EL3_EXCEPTION_HANDLING))
$(eval $(call add_define,ENABLE_AMU)) $(eval $(call add_define,ENABLE_AMU))
$(eval $(call add_define,ENABLE_ASSERTIONS)) $(eval $(call add_define,ENABLE_ASSERTIONS))
$(eval $(call add_define,ENABLE_MPAM_FOR_LOWER_ELS)) $(eval $(call add_define,ENABLE_MPAM_FOR_LOWER_ELS))
$(eval $(call add_define,ENABLE_PAUTH))
$(eval $(call add_define,ENABLE_PIE)) $(eval $(call add_define,ENABLE_PIE))
$(eval $(call add_define,ENABLE_PMF)) $(eval $(call add_define,ENABLE_PMF))
$(eval $(call add_define,ENABLE_PSCI_STAT)) $(eval $(call add_define,ENABLE_PSCI_STAT))
......
bl1/aarch32/bl1_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -52,12 +52,10 @@ func bl1_entrypoint ...@@ -52,12 +52,10 @@ func bl1_entrypoint
_exception_vectors=bl1_vector_table _exception_vectors=bl1_vector_table
/* ----------------------------------------------------- /* -----------------------------------------------------
* Perform early platform setup & platform * Perform BL1 setup
* specific early arch. setup e.g. mmu setup
* ----------------------------------------------------- * -----------------------------------------------------
*/ */
bl bl1_early_platform_setup bl bl1_setup
bl bl1_plat_arch_setup
/* ----------------------------------------------------- /* -----------------------------------------------------
* Jump to main function. * Jump to main function.
......
bl1/aarch64/bl1_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -32,24 +32,42 @@ func bl1_entrypoint ...@@ -32,24 +32,42 @@ func bl1_entrypoint
_init_c_runtime=1 \ _init_c_runtime=1 \
_exception_vectors=bl1_exceptions _exception_vectors=bl1_exceptions
/* --------------------------------------------- /* --------------------------------------------------------------------
* Architectural init. can be generic e.g. * Perform BL1 setup
* enabling stack alignment and platform spec- * --------------------------------------------------------------------
* ific e.g. MMU & page table setup as per the
* platform memory map. Perform the latter here
* and the former in bl1_main.
* ---------------------------------------------
*/ */
bl bl1_early_platform_setup bl bl1_setup
bl bl1_plat_arch_setup
/* -------------------------------------------------- /* --------------------------------------------------------------------
* Enable pointer authentication
* --------------------------------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el3
orr x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el3, x0
isb
#endif /* ENABLE_PAUTH */
/* --------------------------------------------------------------------
* Initialize platform and jump to our c-entry point * Initialize platform and jump to our c-entry point
* for this type of reset. * for this type of reset.
* -------------------------------------------------- * --------------------------------------------------------------------
*/ */
bl bl1_main bl bl1_main
/* --------------------------------------------------------------------
* Disable pointer authentication before jumping to BL31 or that will
* cause an authentication failure during the early platform init.
* --------------------------------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el3
bic x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el3, x0
isb
#endif /* ENABLE_PAUTH */
/* -------------------------------------------------- /* --------------------------------------------------
* Do the transition to next boot image. * Do the transition to next boot image.
* -------------------------------------------------- * --------------------------------------------------
......
bl1/bl1.mk
View file @ 57bc6424
# #
# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
...@@ -21,6 +21,10 @@ BL1_SOURCES += lib/cpus/aarch64/dsu_helpers.S \ ...@@ -21,6 +21,10 @@ BL1_SOURCES += lib/cpus/aarch64/dsu_helpers.S \
lib/el3_runtime/aarch64/context.S lib/el3_runtime/aarch64/context.S
endif endif
ifeq (${ENABLE_PAUTH},1)
BL1_CFLAGS += -msign-return-address=non-leaf
endif
ifeq (${TRUSTED_BOARD_BOOT},1) ifeq (${TRUSTED_BOARD_BOOT},1)
BL1_SOURCES += bl1/bl1_fwu.c BL1_SOURCES += bl1/bl1_fwu.c
endif endif
......
bl1/bl1_main.c
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -51,6 +51,28 @@ void bl1_calc_bl2_mem_layout(const meminfo_t *bl1_mem_layout, ...@@ -51,6 +51,28 @@ void bl1_calc_bl2_mem_layout(const meminfo_t *bl1_mem_layout,
flush_dcache_range((unsigned long)bl2_mem_layout, sizeof(meminfo_t)); flush_dcache_range((unsigned long)bl2_mem_layout, sizeof(meminfo_t));
} }
/*******************************************************************************
* Setup function for BL1.
******************************************************************************/
void bl1_setup(void)
{
/* Perform early platform-specific setup */
bl1_early_platform_setup();
#ifdef AARCH64
/*
* Update pointer authentication key before the MMU is enabled. It is
* saved in the rodata section, that can be writen before enabling the
* MMU. This function must be called after the console is initialized
* in the early platform setup.
*/
bl_handle_pauth();
#endif /* AARCH64 */
/* Perform late platform-specific setup */
bl1_plat_arch_setup();
}
/******************************************************************************* /*******************************************************************************
* Function to perform late architectural and platform specific initialization. * Function to perform late architectural and platform specific initialization.
* It also queries the platform to load and run next BL image. Only called * It also queries the platform to load and run next BL image. Only called
......
bl2/aarch32/bl2_el3_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -36,8 +36,11 @@ func bl2_entrypoint ...@@ -36,8 +36,11 @@ func bl2_entrypoint
mov r2, r11 mov r2, r11
mov r3, r12 mov r3, r12
bl bl2_el3_early_platform_setup /* ---------------------------------------------
bl bl2_el3_plat_arch_setup * Perform BL2 setup
* ---------------------------------------------
*/
bl bl2_el3_setup
/* --------------------------------------------- /* ---------------------------------------------
* Jump to main function. * Jump to main function.
......
bl2/aarch32/bl2_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -108,16 +108,15 @@ func bl2_entrypoint ...@@ -108,16 +108,15 @@ func bl2_entrypoint
#endif #endif
/* --------------------------------------------- /* ---------------------------------------------
* Perform early platform setup & platform * Perform BL2 setup
* specific early arch. setup e.g. mmu setup
* --------------------------------------------- * ---------------------------------------------
*/ */
mov r0, r9 mov r0, r9
mov r1, r10 mov r1, r10
mov r2, r11 mov r2, r11
mov r3, r12 mov r3, r12
bl bl2_early_platform_setup2
bl bl2_plat_arch_setup bl bl2_setup
/* --------------------------------------------- /* ---------------------------------------------
* Jump to main function. * Jump to main function.
......
bl2/aarch64/bl2_el3_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -29,16 +29,31 @@ func bl2_entrypoint ...@@ -29,16 +29,31 @@ func bl2_entrypoint
_init_c_runtime=1 \ _init_c_runtime=1 \
_exception_vectors=bl2_el3_exceptions _exception_vectors=bl2_el3_exceptions
/* /* ---------------------------------------------
* Restore parameters of boot rom * Restore parameters of boot rom
* ---------------------------------------------
*/ */
mov x0, x20 mov x0, x20
mov x1, x21 mov x1, x21
mov x2, x22 mov x2, x22
mov x3, x23 mov x3, x23
bl bl2_el3_early_platform_setup /* ---------------------------------------------
bl bl2_el3_plat_arch_setup * Perform BL2 setup
* ---------------------------------------------
*/
bl bl2_el3_setup
/* ---------------------------------------------
* Enable pointer authentication
* ---------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el3
orr x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el3, x0
isb
#endif /* ENABLE_PAUTH */
/* --------------------------------------------- /* ---------------------------------------------
* Jump to main function. * Jump to main function.
...@@ -55,16 +70,29 @@ endfunc bl2_entrypoint ...@@ -55,16 +70,29 @@ endfunc bl2_entrypoint
func bl2_run_next_image func bl2_run_next_image
mov x20,x0 mov x20,x0
/* /* ---------------------------------------------
* MMU needs to be disabled because both BL2 and BL31 execute * MMU needs to be disabled because both BL2 and BL31 execute
* in EL3, and therefore share the same address space. * in EL3, and therefore share the same address space.
* BL31 will initialize the address space according to its * BL31 will initialize the address space according to its
* own requirement. * own requirement.
*/ * ---------------------------------------------
*/
bl disable_mmu_icache_el3 bl disable_mmu_icache_el3
tlbi alle3 tlbi alle3
bl bl2_el3_plat_prepare_exit bl bl2_el3_plat_prepare_exit
/* ---------------------------------------------
* Disable pointer authentication before jumping to BL31 or that will
* cause an authentication failure during the early platform init.
* ---------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el3
bic x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el3, x0
isb
#endif /* ENABLE_PAUTH */
ldp x0, x1, [x20, #ENTRY_POINT_INFO_PC_OFFSET] ldp x0, x1, [x20, #ENTRY_POINT_INFO_PC_OFFSET]
msr elr_el3, x0 msr elr_el3, x0
msr spsr_el3, x1 msr spsr_el3, x1
......
bl2/aarch64/bl2_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -106,17 +106,25 @@ func bl2_entrypoint ...@@ -106,17 +106,25 @@ func bl2_entrypoint
#endif #endif
/* --------------------------------------------- /* ---------------------------------------------
* Perform early platform setup & platform * Perform BL2 setup
* specific early arch. setup e.g. mmu setup
* --------------------------------------------- * ---------------------------------------------
*/ */
mov x0, x20 mov x0, x20
mov x1, x21 mov x1, x21
mov x2, x22 mov x2, x22
mov x3, x23 mov x3, x23
bl bl2_early_platform_setup2 bl bl2_setup
bl bl2_plat_arch_setup /* ---------------------------------------------
* Enable pointer authentication
* ---------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el1
orr x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el1, x0
isb
#endif /* ENABLE_PAUTH */
/* --------------------------------------------- /* ---------------------------------------------
* Jump to main function. * Jump to main function.
......
bl2/bl2.mk
View file @ 57bc6424
# #
# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
BL2_SOURCES += bl2/bl2_main.c \ BL2_SOURCES += bl2/bl2_image_load_v2.c \
bl2/bl2_main.c \
bl2/${ARCH}/bl2_arch_setup.c \ bl2/${ARCH}/bl2_arch_setup.c \
lib/locks/exclusive/${ARCH}/spinlock.S \ lib/locks/exclusive/${ARCH}/spinlock.S \
plat/common/${ARCH}/platform_up_stack.S \ plat/common/${ARCH}/platform_up_stack.S \
...@@ -14,7 +15,9 @@ ifeq (${ARCH},aarch64) ...@@ -14,7 +15,9 @@ ifeq (${ARCH},aarch64)
BL2_SOURCES += common/aarch64/early_exceptions.S BL2_SOURCES += common/aarch64/early_exceptions.S
endif endif
BL2_SOURCES += bl2/bl2_image_load_v2.c ifeq (${ENABLE_PAUTH},1)
BL2_CFLAGS += -msign-return-address=non-leaf
endif
ifeq (${BL2_AT_EL3},0) ifeq (${BL2_AT_EL3},0)
BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S
......
bl2/bl2_main.c
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -21,6 +21,55 @@ ...@@ -21,6 +21,55 @@
#define NEXT_IMAGE "BL31" #define NEXT_IMAGE "BL31"
#endif #endif
#if !BL2_AT_EL3
/*******************************************************************************
* Setup function for BL2.
******************************************************************************/
void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
u_register_t arg3)
{
/* Perform early platform-specific setup */
bl2_early_platform_setup2(arg0, arg1, arg2, arg3);
#ifdef AARCH64
/*
* Update pointer authentication key before the MMU is enabled. It is
* saved in the rodata section, that can be writen before enabling the
* MMU. This function must be called after the console is initialized
* in the early platform setup.
*/
bl_handle_pauth();
#endif /* AARCH64 */
/* Perform late platform-specific setup */
bl2_plat_arch_setup();
}
#else /* if BL2_AT_EL3 */
/*******************************************************************************
* Setup function for BL2 when BL2_AT_EL3=1.
******************************************************************************/
void bl2_el3_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
u_register_t arg3)
{
/* Perform early platform-specific setup */
bl2_el3_early_platform_setup(arg0, arg1, arg2, arg3);
#ifdef AARCH64
/*
* Update pointer authentication key before the MMU is enabled. It is
* saved in the rodata section, that can be writen before enabling the
* MMU. This function must be called after the console is initialized
* in the early platform setup.
*/
bl_handle_pauth();
#endif /* AARCH64 */
/* Perform late platform-specific setup */
bl2_el3_plat_arch_setup();
}
#endif /* BL2_AT_EL3 */
/******************************************************************************* /*******************************************************************************
* The only thing to do in BL2 is to load further images and pass control to * The only thing to do in BL2 is to load further images and pass control to
* next BL. The memory occupied by BL2 will be reclaimed by BL3x stages. BL2 * next BL. The memory occupied by BL2 will be reclaimed by BL3x stages. BL2
...@@ -65,11 +114,11 @@ void bl2_main(void) ...@@ -65,11 +114,11 @@ void bl2_main(void)
* be passed to next BL image as an argument. * be passed to next BL image as an argument.
*/ */
smc(BL1_SMC_RUN_IMAGE, (unsigned long)next_bl_ep_info, 0, 0, 0, 0, 0, 0); smc(BL1_SMC_RUN_IMAGE, (unsigned long)next_bl_ep_info, 0, 0, 0, 0, 0, 0);
#else #else /* if BL2_AT_EL3 */
NOTICE("BL2: Booting " NEXT_IMAGE "\n"); NOTICE("BL2: Booting " NEXT_IMAGE "\n");
print_entry_point_info(next_bl_ep_info); print_entry_point_info(next_bl_ep_info);
console_flush(); console_flush();
bl2_run_next_image(next_bl_ep_info); bl2_run_next_image(next_bl_ep_info);
#endif #endif /* BL2_AT_EL3 */
} }
bl31/aarch64/bl31_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -87,29 +87,39 @@ func bl31_entrypoint ...@@ -87,29 +87,39 @@ func bl31_entrypoint
bl fixup_gdt_reloc bl fixup_gdt_reloc
#endif /* ENABLE_PIE */ #endif /* ENABLE_PIE */
/* --------------------------------------------- /* --------------------------------------------------------------------
* Perform platform specific early arch. setup * Perform BL31 setup
* --------------------------------------------- * --------------------------------------------------------------------
*/ */
mov x0, x20 mov x0, x20
mov x1, x21 mov x1, x21
mov x2, x22 mov x2, x22
mov x3, x23 mov x3, x23
bl bl31_early_platform_setup2 bl bl31_setup
bl bl31_plat_arch_setup
/* --------------------------------------------------------------------
* Enable pointer authentication
* --------------------------------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el3
orr x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el3, x0
isb
#endif /* ENABLE_PAUTH */
/* --------------------------------------------- /* --------------------------------------------------------------------
* Jump to main function. * Jump to main function.
* --------------------------------------------- * --------------------------------------------------------------------
*/ */
bl bl31_main bl bl31_main
/* ------------------------------------------------------------- /* --------------------------------------------------------------------
* Clean the .data & .bss sections to main memory. This ensures * Clean the .data & .bss sections to main memory. This ensures
* that any global data which was initialised by the primary CPU * that any global data which was initialised by the primary CPU
* is visible to secondary CPUs before they enable their data * is visible to secondary CPUs before they enable their data
* caches and participate in coherency. * caches and participate in coherency.
* ------------------------------------------------------------- * --------------------------------------------------------------------
*/ */
adr x0, __DATA_START__ adr x0, __DATA_START__
adr x1, __DATA_END__ adr x1, __DATA_END__
......
bl31/aarch64/ea_delegate.S
View file @ 57bc6424
/* /*
* Copyright (c) 2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -68,6 +68,14 @@ func enter_lower_el_sync_ea ...@@ -68,6 +68,14 @@ func enter_lower_el_sync_ea
/* Save GP registers */ /* Save GP registers */
bl save_gp_registers bl save_gp_registers
/* Save ARMv8.3-PAuth registers and load firmware key */
#if CTX_INCLUDE_PAUTH_REGS
bl pauth_context_save
#endif
#if ENABLE_PAUTH
bl pauth_load_bl_apiakey
#endif
/* Setup exception class and syndrome arguments for platform handler */ /* Setup exception class and syndrome arguments for platform handler */
mov x0, #ERROR_EA_SYNC mov x0, #ERROR_EA_SYNC
mrs x1, esr_el3 mrs x1, esr_el3
...@@ -98,6 +106,14 @@ func enter_lower_el_async_ea ...@@ -98,6 +106,14 @@ func enter_lower_el_async_ea
/* Save GP registers */ /* Save GP registers */
bl save_gp_registers bl save_gp_registers
/* Save ARMv8.3-PAuth registers and load firmware key */
#if CTX_INCLUDE_PAUTH_REGS
bl pauth_context_save
#endif
#if ENABLE_PAUTH
bl pauth_load_bl_apiakey
#endif
/* Setup exception class and syndrome arguments for platform handler */ /* Setup exception class and syndrome arguments for platform handler */
mov x0, #ERROR_EA_ASYNC mov x0, #ERROR_EA_ASYNC
mrs x1, esr_el3 mrs x1, esr_el3
......
bl31/aarch64/runtime_exceptions.S
View file @ 57bc6424
...@@ -120,7 +120,17 @@ ...@@ -120,7 +120,17 @@
* --------------------------------------------------------------------- * ---------------------------------------------------------------------
*/ */
.macro handle_interrupt_exception label .macro handle_interrupt_exception label
bl save_gp_registers bl save_gp_registers
/* Save ARMv8.3-PAuth registers and load firmware key */
#if CTX_INCLUDE_PAUTH_REGS
bl pauth_context_save
#endif
#if ENABLE_PAUTH
bl pauth_load_bl_apiakey
#endif
/* Save the EL3 system registers needed to return from this exception */ /* Save the EL3 system registers needed to return from this exception */
mrs x0, spsr_el3 mrs x0, spsr_el3
mrs x1, elr_el3 mrs x1, elr_el3
...@@ -320,14 +330,25 @@ smc_handler32: ...@@ -320,14 +330,25 @@ smc_handler32:
tbnz x0, #FUNCID_CC_SHIFT, smc_prohibited tbnz x0, #FUNCID_CC_SHIFT, smc_prohibited
smc_handler64: smc_handler64:
/* NOTE: The code below must preserve x0-x4 */
/* Save general purpose registers */
bl save_gp_registers
/* Save ARMv8.3-PAuth registers and load firmware key */
#if CTX_INCLUDE_PAUTH_REGS
bl pauth_context_save
#endif
#if ENABLE_PAUTH
bl pauth_load_bl_apiakey
#endif
/* /*
* Populate the parameters for the SMC handler. * Populate the parameters for the SMC handler.
* We already have x0-x4 in place. x5 will point to a cookie (not used * We already have x0-x4 in place. x5 will point to a cookie (not used
* now). x6 will point to the context structure (SP_EL3) and x7 will * now). x6 will point to the context structure (SP_EL3) and x7 will
* contain flags we need to pass to the handler. * contain flags we need to pass to the handler.
*/ */
bl save_gp_registers
mov x5, xzr mov x5, xzr
mov x6, sp mov x6, sp
......
bl31/bl31.mk
View file @ 57bc6424
...@@ -75,6 +75,10 @@ ifeq (${ENABLE_MPAM_FOR_LOWER_ELS},1) ...@@ -75,6 +75,10 @@ ifeq (${ENABLE_MPAM_FOR_LOWER_ELS},1)
BL31_SOURCES += lib/extensions/mpam/mpam.c BL31_SOURCES += lib/extensions/mpam/mpam.c
endif endif
ifeq (${ENABLE_PAUTH},1)
BL31_CFLAGS += -msign-return-address=non-leaf
endif
ifeq (${WORKAROUND_CVE_2017_5715},1) ifeq (${WORKAROUND_CVE_2017_5715},1)
BL31_SOURCES += lib/cpus/aarch64/wa_cve_2017_5715_bpiall.S \ BL31_SOURCES += lib/cpus/aarch64/wa_cve_2017_5715_bpiall.S \
lib/cpus/aarch64/wa_cve_2017_5715_mmu.S lib/cpus/aarch64/wa_cve_2017_5715_mmu.S
......
bl31/bl31_main.c
View file @ 57bc6424
...@@ -63,6 +63,27 @@ void __init bl31_lib_init(void) ...@@ -63,6 +63,27 @@ void __init bl31_lib_init(void)
cm_init(); cm_init();
} }
/*******************************************************************************
* Setup function for BL31.
******************************************************************************/
void bl31_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
u_register_t arg3)
{
/* Perform early platform-specific setup */
bl31_early_platform_setup2(arg0, arg1, arg2, arg3);
/*
* Update pointer authentication key before the MMU is enabled. It is
* saved in the rodata section, that can be writen before enabling the
* MMU. This function must be called after the console is initialized
* in the early platform setup.
*/
bl_handle_pauth();
/* Perform late platform-specific setup */
bl31_plat_arch_setup();
}
/******************************************************************************* /*******************************************************************************
* BL31 is responsible for setting up the runtime services for the primary cpu * BL31 is responsible for setting up the runtime services for the primary cpu
* before passing control to the bootloader or an Operating System. This * before passing control to the bootloader or an Operating System. This
......
bl32/tsp/aarch64/tsp_entrypoint.S
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -122,12 +122,21 @@ func tsp_entrypoint _align=3 ...@@ -122,12 +122,21 @@ func tsp_entrypoint _align=3
#endif #endif
/* --------------------------------------------- /* ---------------------------------------------
* Perform early platform setup & platform * Perform TSP setup
* specific early arch. setup e.g. mmu setup
* --------------------------------------------- * ---------------------------------------------
*/ */
bl tsp_early_platform_setup bl tsp_setup
bl tsp_plat_arch_setup
/* ---------------------------------------------
* Enable pointer authentication
* ---------------------------------------------
*/
#if ENABLE_PAUTH
mrs x0, sctlr_el1
orr x0, x0, #SCTLR_EnIA_BIT
msr sctlr_el1, x0
isb
#endif /* ENABLE_PAUTH */
/* --------------------------------------------- /* ---------------------------------------------
* Jump to main function. * Jump to main function.
......
bl32/tsp/tsp.mk
View file @ 57bc6424
# #
# Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
...@@ -17,6 +17,11 @@ BL32_SOURCES += bl32/tsp/tsp_main.c \ ...@@ -17,6 +17,11 @@ BL32_SOURCES += bl32/tsp/tsp_main.c \
BL32_LINKERFILE := bl32/tsp/tsp.ld.S BL32_LINKERFILE := bl32/tsp/tsp.ld.S
# This flag determines whether pointer authentication is used in the TSP or not
ifeq ($(ENABLE_PAUTH),1)
BL32_CFLAGS += -msign-return-address=non-leaf
endif
# This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous # This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous
# method) or configures BL31 to pass control to BL32 instead of BL33 # method) or configures BL31 to pass control to BL32 instead of BL33
# (asynchronous method). # (asynchronous method).
......
bl32/tsp/tsp_main.c
View file @ 57bc6424
...@@ -71,6 +71,26 @@ static tsp_args_t *set_smc_args(uint64_t arg0, ...@@ -71,6 +71,26 @@ static tsp_args_t *set_smc_args(uint64_t arg0,
return pcpu_smc_args; return pcpu_smc_args;
} }
/*******************************************************************************
* Setup function for TSP.
******************************************************************************/
void tsp_setup(void)
{
/* Perform early platform-specific setup */
tsp_early_platform_setup();
/*
* Update pointer authentication key before the MMU is enabled. It is
* saved in the rodata section, that can be writen before enabling the
* MMU. This function must be called after the console is initialized
* in the early platform setup.
*/
bl_handle_pauth();
/* Perform late platform-specific setup */
tsp_plat_arch_setup();
}
/******************************************************************************* /*******************************************************************************
* TSP main entry point where it gets the opportunity to initialize its secure * TSP main entry point where it gets the opportunity to initialize its secure
* state/applications. Once the state is initialized, it must return to the * state/applications. Once the state is initialized, it must return to the
......
common/bl_common.c
View file @ 57bc6424
/* /*
* Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
...@@ -9,6 +9,7 @@ ...@@ -9,6 +9,7 @@
#include <string.h> #include <string.h>
#include <arch.h> #include <arch.h>
#include <arch_features.h>
#include <arch_helpers.h> #include <arch_helpers.h>
#include <common/bl_common.h> #include <common/bl_common.h>
#include <common/debug.h> #include <common/debug.h>
...@@ -243,3 +244,53 @@ void print_entry_point_info(const entry_point_info_t *ep_info) ...@@ -243,3 +244,53 @@ void print_entry_point_info(const entry_point_info_t *ep_info)
#endif #endif
#undef PRINT_IMAGE_ARG #undef PRINT_IMAGE_ARG
} }
#ifdef AARCH64
/*******************************************************************************
* Handle all possible cases regarding ARMv8.3-PAuth.
******************************************************************************/
void bl_handle_pauth(void)
{
#if ENABLE_PAUTH
/*
* ENABLE_PAUTH = 1 && CTX_INCLUDE_PAUTH_REGS = 1
*
* Check that the system supports address authentication to avoid
* getting an access fault when accessing the registers. This is all
* that is needed to check. If any of the authentication mechanisms is
* supported, the system knows about ARMv8.3-PAuth, so all the registers
* are available and accessing them won't generate a fault.
*
* Obtain 128-bit instruction key A from the platform and save it to the
* system registers. Pointer authentication can't be enabled here or the
* authentication will fail when returning from this function.
*/
assert(is_armv8_3_pauth_api_present());
uint64_t *apiakey = plat_init_apiakey();
write_apiakeylo_el1(apiakey[0]);
write_apiakeyhi_el1(apiakey[1]);
#else /* if !ENABLE_PAUTH */
# if CTX_INCLUDE_PAUTH_REGS
/*
* ENABLE_PAUTH = 0 && CTX_INCLUDE_PAUTH_REGS = 1
*
* Assert that the ARMv8.3-PAuth registers are present or an access
* fault will be triggered when they are being saved or restored.
*/
assert(is_armv8_3_pauth_present());
# else
/*
* ENABLE_PAUTH = 0 && CTX_INCLUDE_PAUTH_REGS = 0
*
* Pointer authentication is allowed in the Non-secure world, but
* prohibited in the Secure world. The Trusted Firmware doesn't save the
* registers during a world switch. No check needed.
*/
# endif /* CTX_INCLUDE_PAUTH_REGS */
#endif /* ENABLE_PAUTH */
}
#endif /* AARCH64 */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment