diff options
author | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-09-13 14:11:59 +0100 |
---|---|---|
committer | Alexei Fedorov <Alexei.Fedorov@arm.com> | 2019-09-13 14:11:59 +0100 |
commit | ed108b56051de5da8024568a06781ce287e86c78 (patch) | |
tree | 71b3c4864bdffb66bcc8e8a8273f484a8acfd05a /bl1 | |
parent | 2fc6ffc451c9af16e03eff51e779c33828e9ab07 (diff) |
Refactor ARMv8.3 Pointer Authentication support code
This patch provides the following features and makes modifications
listed below:
- Individual APIAKey key generation for each CPU.
- New key generation on every BL31 warm boot and TSP CPU On event.
- Per-CPU storage of APIAKey added in percpu_data[]
of cpu_data structure.
- `plat_init_apiakey()` function replaced with `plat_init_apkey()`
which returns 128-bit value and uses Generic timer physical counter
value to increase the randomness of the generated key.
The new function can be used for generation of all ARMv8.3-PAuth keys
- ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`.
- New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions
generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively;
pauth_disable_el1()` and `pauth_disable_el3()` functions disable
PAuth for EL1 and EL3 respectively;
`pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from
cpu-data structure.
- Combined `save_gp_pauth_registers()` function replaces calls to
`save_gp_registers()` and `pauth_context_save()`;
`restore_gp_pauth_registers()` replaces `pauth_context_restore()`
and `restore_gp_registers()` calls.
- `restore_gp_registers_eret()` function removed with corresponding
code placed in `el3_exit()`.
- Fixed the issue when `pauth_t pauth_ctx` structure allocated space
for 12 uint64_t PAuth registers instead of 10 by removal of macro
CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h`
and assigning its value to CTX_PAUTH_REGS_END.
- Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions
in `msr spsel` instruction instead of hard-coded values.
- Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI.
Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Diffstat (limited to 'bl1')
-rw-r--r-- | bl1/aarch64/bl1_entrypoint.S | 19 | ||||
-rw-r--r-- | bl1/aarch64/bl1_exceptions.S | 17 | ||||
-rw-r--r-- | bl1/bl1_main.c | 19 |
3 files changed, 21 insertions, 34 deletions
diff --git a/bl1/aarch64/bl1_entrypoint.S b/bl1/aarch64/bl1_entrypoint.S index 0f8d5aac..855add34 100644 --- a/bl1/aarch64/bl1_entrypoint.S +++ b/bl1/aarch64/bl1_entrypoint.S @@ -38,15 +38,12 @@ func bl1_entrypoint */ bl bl1_setup +#if ENABLE_PAUTH /* -------------------------------------------------------------------- - * Enable pointer authentication + * Program APIAKey_EL1 and enable pointer authentication. * -------------------------------------------------------------------- */ -#if ENABLE_PAUTH - mrs x0, sctlr_el3 - orr x0, x0, #SCTLR_EnIA_BIT - msr sctlr_el3, x0 - isb + bl pauth_init_enable_el3 #endif /* ENABLE_PAUTH */ /* -------------------------------------------------------------------- @@ -56,16 +53,12 @@ func bl1_entrypoint */ bl bl1_main +#if ENABLE_PAUTH /* -------------------------------------------------------------------- - * Disable pointer authentication before jumping to BL31 or that will - * cause an authentication failure during the early platform init. + * Disable pointer authentication before jumping to next boot image. * -------------------------------------------------------------------- */ -#if ENABLE_PAUTH - mrs x0, sctlr_el3 - bic x0, x0, #SCTLR_EnIA_BIT - msr sctlr_el3, x0 - isb + bl pauth_disable_el3 #endif /* ENABLE_PAUTH */ /* -------------------------------------------------- diff --git a/bl1/aarch64/bl1_exceptions.S b/bl1/aarch64/bl1_exceptions.S index ed7c27a1..3e72e39f 100644 --- a/bl1/aarch64/bl1_exceptions.S +++ b/bl1/aarch64/bl1_exceptions.S @@ -164,7 +164,7 @@ func smc_handler64 * ---------------------------------------------- */ ldr x30, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP] - msr spsel, #0 + msr spsel, #MODE_SP_EL0 mov sp, x30 /* --------------------------------------------------------------------- @@ -217,19 +217,14 @@ unexpected_sync_exception: */ smc_handler: /* ----------------------------------------------------- - * Save the GP registers x0-x29. - * TODO: Revisit to store only SMCCC specified registers. - * ----------------------------------------------------- - */ - bl save_gp_registers - - /* ----------------------------------------------------- + * Save x0-x29 and ARMv8.3-PAuth (if enabled) registers. * If Secure Cycle Counter is not disabled in MDCR_EL3 * when ARMv8.5-PMU is implemented, save PMCR_EL0 and - * disable all event counters and cycle counter. + * disable Cycle Counter. + * TODO: Revisit to store only SMCCC specified registers. * ----------------------------------------------------- */ - bl save_pmcr_disable_pmu + bl save_gp_pmcr_pauth_regs /* ----------------------------------------------------- * Populate the parameters for the SMC handler. We @@ -255,7 +250,7 @@ smc_handler: * Switch back to SP_EL0 for the C runtime stack. * --------------------------------------------- */ - msr spsel, #0 + msr spsel, #MODE_SP_EL0 mov sp, x12 /* ----------------------------------------------------- diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c index d44b46dc..df01dbae 100644 --- a/bl1/bl1_main.c +++ b/bl1/bl1_main.c @@ -9,6 +9,7 @@ #include <platform_def.h> #include <arch.h> +#include <arch_features.h> #include <arch_helpers.h> #include <bl1/bl1.h> #include <common/bl_common.h> @@ -59,18 +60,16 @@ void bl1_setup(void) /* Perform early platform-specific setup */ bl1_early_platform_setup(); -#ifdef __aarch64__ - /* - * Update pointer authentication key before the MMU is enabled. It is - * saved in the rodata section, that can be writen before enabling the - * MMU. This function must be called after the console is initialized - * in the early platform setup. - */ - bl_handle_pauth(); -#endif /* __aarch64__ */ - /* Perform late platform-specific setup */ bl1_plat_arch_setup(); + +#if CTX_INCLUDE_PAUTH_REGS + /* + * Assert that the ARMv8.3-PAuth registers are present or an access + * fault will be triggered when they are being saved or restored. + */ + assert(is_armv8_3_pauth_present()); +#endif /* CTX_INCLUDE_PAUTH_REGS */ } /******************************************************************************* |