diff options
| author | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-05-24 12:17:09 +0100 |
|---|---|---|
| committer | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-05-24 14:44:45 +0100 |
| commit | 9fc59639e649f614318f78ae2ca103fe102405ec (patch) | |
| tree | dc3edbb0a38dcc6b033c088dbaa156cfec653baa /bl2 | |
| parent | ced1711297347f24fee45e75e73c7767507a0982 (diff) | |
Add support for Branch Target Identification
This patch adds the functionality needed for platforms to provide
Branch Target Identification (BTI) extension, introduced to AArch64
in Armv8.5-A by adding BTI instruction used to mark valid targets
for indirect branches. The patch sets new GP bit [50] to the stage 1
Translation Table Block and Page entries to denote guarded EL3 code
pages which will cause processor to trap instructions in protected
pages trying to perform an indirect branch to any instruction other
than BTI.
BTI feature is selected by BRANCH_PROTECTION option which supersedes
the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
and is disabled by default. Enabling BTI requires compiler support
and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
The assembly macros and helpers are modified to accommodate the BTI
instruction.
This is an experimental feature.
Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
is now made as an internal flag and BRANCH_PROTECTION flag should be
used instead to enable Pointer Authentication.
Note. USE_LIBROM=1 option is currently not supported.
Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Diffstat (limited to 'bl2')
| -rw-r--r-- | bl2/aarch64/bl2_el3_entrypoint.S | 8 | ||||
| -rw-r--r-- | bl2/aarch64/bl2_entrypoint.S | 7 | ||||
| -rw-r--r-- | bl2/bl2.mk | 4 |
3 files changed, 14 insertions, 5 deletions
diff --git a/bl2/aarch64/bl2_el3_entrypoint.S b/bl2/aarch64/bl2_el3_entrypoint.S index d1e42471..261d2957 100644 --- a/bl2/aarch64/bl2_el3_entrypoint.S +++ b/bl2/aarch64/bl2_el3_entrypoint.S @@ -10,7 +10,6 @@ #include <el3_common_macros.S> .globl bl2_entrypoint - .globl bl2_vector_table .globl bl2_el3_run_image .globl bl2_run_next_image @@ -51,6 +50,13 @@ func bl2_entrypoint #if ENABLE_PAUTH mrs x0, sctlr_el3 orr x0, x0, #SCTLR_EnIA_BIT +#if ENABLE_BTI + /* --------------------------------------------- + * Enable PAC branch type compatibility + * --------------------------------------------- + */ + bic x0, x0, #SCTLR_BT_BIT +#endif /* ENABLE_BTI */ msr sctlr_el3, x0 isb #endif /* ENABLE_PAUTH */ diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S index c820cd13..5e5b83b1 100644 --- a/bl2/aarch64/bl2_entrypoint.S +++ b/bl2/aarch64/bl2_entrypoint.S @@ -124,6 +124,13 @@ func bl2_entrypoint #if ENABLE_PAUTH mrs x0, sctlr_el1 orr x0, x0, #SCTLR_EnIA_BIT +#if ENABLE_BTI + /* --------------------------------------------- + * Enable PAC branch type compatibility + * --------------------------------------------- + */ + bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT) +#endif /* ENABLE_BTI */ msr sctlr_el1, x0 isb #endif /* ENABLE_PAUTH */ @@ -15,10 +15,6 @@ ifeq (${ARCH},aarch64) BL2_SOURCES += common/aarch64/early_exceptions.S endif -ifeq (${ENABLE_PAUTH},1) -BL2_CFLAGS += -msign-return-address=non-leaf -endif - ifeq (${BL2_AT_EL3},0) BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S BL2_LINKERFILE := bl2/bl2.ld.S |