diff options
author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2020-05-20 08:11:13 +0000 |
---|---|---|
committer | TrustedFirmware Code Review <review@review.trustedfirmware.org> | 2020-05-20 08:11:13 +0000 |
commit | c6ef55c541d7d26df2ffb1b32ed788d301224302 (patch) | |
tree | bc2ee835f4b07fa5c6185b8922cbe31aa98cd4a5 | |
parent | f1a1653ce17861441383ae58a3df929cb521c9d8 (diff) | |
parent | 359acf7746e70e7e0ceddc75de08c59c167e2ab6 (diff) | |
download | trusted-firmware-a-c6ef55c541d7d26df2ffb1b32ed788d301224302.tar.gz |
Merge "Tegra: enable stack protection" into integration
-rw-r--r-- | plat/nvidia/tegra/common/tegra_common.mk | 5 | ||||
-rw-r--r-- | plat/nvidia/tegra/common/tegra_stack_protector.c | 28 | ||||
-rw-r--r-- | plat/nvidia/tegra/platform.mk | 3 |
3 files changed, 36 insertions, 0 deletions
diff --git a/plat/nvidia/tegra/common/tegra_common.mk b/plat/nvidia/tegra/common/tegra_common.mk index c946a7597b..79cc03ac96 100644 --- a/plat/nvidia/tegra/common/tegra_common.mk +++ b/plat/nvidia/tegra/common/tegra_common.mk @@ -1,5 +1,6 @@ # # Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2020, NVIDIA Corporation. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -32,3 +33,7 @@ BL31_SOURCES += drivers/delay_timer/delay_timer.c \ ${COMMON_DIR}/tegra_platform.c \ ${COMMON_DIR}/tegra_pm.c \ ${COMMON_DIR}/tegra_sip_calls.c + +ifneq ($(ENABLE_STACK_PROTECTOR), 0) +BL31_SOURCES += ${COMMON_DIR}/tegra_stack_protector.c +endif diff --git a/plat/nvidia/tegra/common/tegra_stack_protector.c b/plat/nvidia/tegra/common/tegra_stack_protector.c new file mode 100644 index 0000000000..f6c459a8e2 --- /dev/null +++ b/plat/nvidia/tegra/common/tegra_stack_protector.c @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <stdint.h> + +#include <arch_helpers.h> +#include <lib/mmio.h> +#include <plat/common/platform.h> +#include <platform_def.h> + +u_register_t plat_get_stack_protector_canary(void) +{ + u_register_t seed; + + /* + * Ideally, a random number should be returned instead. As the + * platform does not have any random number generator, this is + * better than nothing, but not really secure. + */ + seed = mmio_read_32(TEGRA_MISC_BASE + HARDWARE_REVISION_OFFSET); + seed <<= 32; + seed |= mmio_read_32(TEGRA_TMRUS_BASE); + + return seed ^ read_cntpct_el0(); +} diff --git a/plat/nvidia/tegra/platform.mk b/plat/nvidia/tegra/platform.mk index e03e1f37b7..aedd3c6ff3 100644 --- a/plat/nvidia/tegra/platform.mk +++ b/plat/nvidia/tegra/platform.mk @@ -49,6 +49,9 @@ ENABLE_TEGRA_WDT_LEGACY_FIQ_HANDLING ?= 0 # Flag to allow relocation of BL32 image to TZDRAM during boot RELOCATE_BL32_IMAGE ?= 0 +# Enable stack protection +ENABLE_STACK_PROTECTOR := strong + include plat/nvidia/tegra/common/tegra_common.mk include ${SOC_DIR}/platform_${TARGET_SOC}.mk |