Commit 79627dc3 authored by Sandrine Bailleux's avatar Sandrine Bailleux
Browse files

Fill exception vectors with zero bytes

The documentation of the GNU assembler specifies the following about
the .align assembler directive:
 "the padding bytes are normally zero. However, on some systems, if
 the section is marked as containing code and the fill value is
 omitted, the space is filled with no-op instructions."
(see https://sourceware.org/binutils/docs/as/Align.html)

When building Trusted Firmware, the AArch64 GNU assembler uses a
mix of zero bytes and no-op instructions as the padding bytes to
align exception vectors.

This patch mandates to use zero bytes to be stored in the padding
bytes in the exception vectors. In the AArch64 instruction set, no
valid instruction encodes as zero so this effectively inserts
illegal instructions. Should this code end up being executed for
any reason, it would crash immediately. This gives us an extra
protection against misbehaving code at no extra cost.

Change-Id: I4f2abb39d0320ca0f9d467fc5af0cb92ae297351
parent e0ae9fab
...@@ -69,20 +69,26 @@ ...@@ -69,20 +69,26 @@
/* /*
* Declare the exception vector table, enforcing it is aligned on a * Declare the exception vector table, enforcing it is aligned on a
* 2KB boundary, as required by the ARMv8 architecture. * 2KB boundary, as required by the ARMv8 architecture.
* Use zero bytes as the fill value to be stored in the padding bytes
* so that it inserts illegal AArch64 instructions. This increases
* security, robustness and potentially facilitates debugging.
*/ */
.macro vector_base label .macro vector_base label
.section .vectors, "ax" .section .vectors, "ax"
.align 11 .align 11, 0
\label: \label:
.endm .endm
/* /*
* Create an entry in the exception vector table, enforcing it is * Create an entry in the exception vector table, enforcing it is
* aligned on a 128-byte boundary, as required by the ARMv8 architecture. * aligned on a 128-byte boundary, as required by the ARMv8 architecture.
* Use zero bytes as the fill value to be stored in the padding bytes
* so that it inserts illegal AArch64 instructions. This increases
* security, robustness and potentially facilitates debugging.
*/ */
.macro vector_entry label .macro vector_entry label
.section .vectors, "ax" .section .vectors, "ax"
.align 7 .align 7, 0
\label: \label:
.endm .endm
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment