diff options
author | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-05-24 12:17:09 +0100 |
---|---|---|
committer | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-05-24 14:44:45 +0100 |
commit | 9fc59639e649f614318f78ae2ca103fe102405ec (patch) | |
tree | dc3edbb0a38dcc6b033c088dbaa156cfec653baa /bl32 | |
parent | ced1711297347f24fee45e75e73c7767507a0982 (diff) |
Add support for Branch Target Identification
This patch adds the functionality needed for platforms to provide
Branch Target Identification (BTI) extension, introduced to AArch64
in Armv8.5-A by adding BTI instruction used to mark valid targets
for indirect branches. The patch sets new GP bit [50] to the stage 1
Translation Table Block and Page entries to denote guarded EL3 code
pages which will cause processor to trap instructions in protected
pages trying to perform an indirect branch to any instruction other
than BTI.
BTI feature is selected by BRANCH_PROTECTION option which supersedes
the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
and is disabled by default. Enabling BTI requires compiler support
and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
The assembly macros and helpers are modified to accommodate the BTI
instruction.
This is an experimental feature.
Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
is now made as an internal flag and BRANCH_PROTECTION flag should be
used instead to enable Pointer Authentication.
Note. USE_LIBROM=1 option is currently not supported.
Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Diffstat (limited to 'bl32')
-rw-r--r-- | bl32/tsp/aarch64/tsp_entrypoint.S | 10 | ||||
-rw-r--r-- | bl32/tsp/tsp.mk | 5 |
2 files changed, 8 insertions, 7 deletions
diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S index cd08ce7d..fd6b0fbc 100644 --- a/bl32/tsp/aarch64/tsp_entrypoint.S +++ b/bl32/tsp/aarch64/tsp_entrypoint.S @@ -136,6 +136,13 @@ func tsp_entrypoint _align=3 #if ENABLE_PAUTH mrs x0, sctlr_el1 orr x0, x0, #SCTLR_EnIA_BIT +#if ENABLE_BTI + /* --------------------------------------------- + * Enable PAC branch type compatibility + * --------------------------------------------- + */ + bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT) +#endif /* ENABLE_BTI */ msr sctlr_el1, x0 isb #endif /* ENABLE_PAUTH */ @@ -164,7 +171,7 @@ endfunc tsp_entrypoint * TSPD for the various entrypoints * ------------------------------------------- */ -func tsp_vector_table +vector_base tsp_vector_table b tsp_yield_smc_entry b tsp_fast_smc_entry b tsp_cpu_on_entry @@ -175,7 +182,6 @@ func tsp_vector_table b tsp_system_off_entry b tsp_system_reset_entry b tsp_abort_yield_smc_entry -endfunc tsp_vector_table /*--------------------------------------------- * This entrypoint is used by the TSPD when this diff --git a/bl32/tsp/tsp.mk b/bl32/tsp/tsp.mk index b1fe7ff6..3fd6d995 100644 --- a/bl32/tsp/tsp.mk +++ b/bl32/tsp/tsp.mk @@ -17,11 +17,6 @@ BL32_SOURCES += bl32/tsp/tsp_main.c \ BL32_LINKERFILE := bl32/tsp/tsp.ld.S -# This flag determines whether pointer authentication is used in the TSP or not -ifeq ($(ENABLE_PAUTH),1) -BL32_CFLAGS += -msign-return-address=non-leaf -endif - # This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous # method) or configures BL31 to pass control to BL32 instead of BL33 # (asynchronous method). |