diff options
author | Antonio Nino Diaz <antonio.ninodiaz@arm.com> | 2019-02-26 11:41:03 +0000 |
---|---|---|
committer | Antonio Nino Diaz <antonio.ninodiaz@arm.com> | 2019-02-27 11:58:10 +0000 |
commit | 67b6ff9f8ccd84cea1627d738f3e2d4eb0a789e1 (patch) | |
tree | ce226614498b06f2c9bb078ccb3cc1b189adf1b2 /bl32 | |
parent | 88cfd9a604cee29cc6536a43cd136b7eef0b78b9 (diff) |
TSP: Enable pointer authentication support
The size increase after enabling options related to ARMv8.3-PAuth is:
+----------------------------+-------+-------+-------+--------+
| | text | bss | data | rodata |
+----------------------------+-------+-------+-------+--------+
| CTX_INCLUDE_PAUTH_REGS = 1 | +40 | +0 | +0 | +0 |
| | 0.4% | | | |
+----------------------------+-------+-------+-------+--------+
| ENABLE_PAUTH = 1 | +352 | +0 | +16 | +0 |
| | 3.1% | | 15.8% | |
+----------------------------+-------+-------+-------+--------+
Results calculated with the following build configuration:
make PLAT=fvp SPD=tspd DEBUG=1 \
SDEI_SUPPORT=1 \
EL3_EXCEPTION_HANDLING=1 \
TSP_NS_INTR_ASYNC_PREEMPT=1 \
CTX_INCLUDE_PAUTH_REGS=1 \
ENABLE_PAUTH=1
Change-Id: I6cc1fe0b2345c547dcef66f98758c4eb55fe5ee4
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Diffstat (limited to 'bl32')
-rw-r--r-- | bl32/tsp/aarch64/tsp_entrypoint.S | 19 | ||||
-rw-r--r-- | bl32/tsp/tsp.mk | 7 | ||||
-rw-r--r-- | bl32/tsp/tsp_main.c | 20 |
3 files changed, 40 insertions, 6 deletions
diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S index 48f6981b..710b4588 100644 --- a/bl32/tsp/aarch64/tsp_entrypoint.S +++ b/bl32/tsp/aarch64/tsp_entrypoint.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -122,12 +122,21 @@ func tsp_entrypoint _align=3 #endif /* --------------------------------------------- - * Perform early platform setup & platform - * specific early arch. setup e.g. mmu setup + * Perform TSP setup * --------------------------------------------- */ - bl tsp_early_platform_setup - bl tsp_plat_arch_setup + bl tsp_setup + + /* --------------------------------------------- + * Enable pointer authentication + * --------------------------------------------- + */ +#if ENABLE_PAUTH + mrs x0, sctlr_el1 + orr x0, x0, #SCTLR_EnIA_BIT + msr sctlr_el1, x0 + isb +#endif /* ENABLE_PAUTH */ /* --------------------------------------------- * Jump to main function. diff --git a/bl32/tsp/tsp.mk b/bl32/tsp/tsp.mk index 4ea3dfb9..b1fe7ff6 100644 --- a/bl32/tsp/tsp.mk +++ b/bl32/tsp/tsp.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -17,6 +17,11 @@ BL32_SOURCES += bl32/tsp/tsp_main.c \ BL32_LINKERFILE := bl32/tsp/tsp.ld.S +# This flag determines whether pointer authentication is used in the TSP or not +ifeq ($(ENABLE_PAUTH),1) +BL32_CFLAGS += -msign-return-address=non-leaf +endif + # This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous # method) or configures BL31 to pass control to BL32 instead of BL33 # (asynchronous method). diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c index 407ed478..30bf6ffc 100644 --- a/bl32/tsp/tsp_main.c +++ b/bl32/tsp/tsp_main.c @@ -72,6 +72,26 @@ static tsp_args_t *set_smc_args(uint64_t arg0, } /******************************************************************************* + * Setup function for TSP. + ******************************************************************************/ +void tsp_setup(void) +{ + /* Perform early platform-specific setup */ + tsp_early_platform_setup(); + + /* + * Update pointer authentication key before the MMU is enabled. It is + * saved in the rodata section, that can be writen before enabling the + * MMU. This function must be called after the console is initialized + * in the early platform setup. + */ + bl_handle_pauth(); + + /* Perform late platform-specific setup */ + tsp_plat_arch_setup(); +} + +/******************************************************************************* * TSP main entry point where it gets the opportunity to initialize its secure * state/applications. Once the state is initialized, it must return to the * SPD with a pointer to the 'tsp_vector_table' jump table. |