aboutsummaryrefslogtreecommitdiff
path: root/bl31
diff options
context:
space:
mode:
authorAlexei Fedorov <Alexei.Fedorov@arm.com>2019-09-13 14:11:59 +0100
committerAlexei Fedorov <Alexei.Fedorov@arm.com>2019-09-13 14:11:59 +0100
commited108b56051de5da8024568a06781ce287e86c78 (patch)
tree71b3c4864bdffb66bcc8e8a8273f484a8acfd05a /bl31
parent2fc6ffc451c9af16e03eff51e779c33828e9ab07 (diff)
downloadtrusted-firmware-a-ed108b56051de5da8024568a06781ce287e86c78.tar.gz
Refactor ARMv8.3 Pointer Authentication support code
This patch provides the following features and makes modifications listed below: - Individual APIAKey key generation for each CPU. - New key generation on every BL31 warm boot and TSP CPU On event. - Per-CPU storage of APIAKey added in percpu_data[] of cpu_data structure. - `plat_init_apiakey()` function replaced with `plat_init_apkey()` which returns 128-bit value and uses Generic timer physical counter value to increase the randomness of the generated key. The new function can be used for generation of all ARMv8.3-PAuth keys - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`. - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively; pauth_disable_el1()` and `pauth_disable_el3()` functions disable PAuth for EL1 and EL3 respectively; `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from cpu-data structure. - Combined `save_gp_pauth_registers()` function replaces calls to `save_gp_registers()` and `pauth_context_save()`; `restore_gp_pauth_registers()` replaces `pauth_context_restore()` and `restore_gp_registers()` calls. - `restore_gp_registers_eret()` function removed with corresponding code placed in `el3_exit()`. - Fixed the issue when `pauth_t pauth_ctx` structure allocated space for 12 uint64_t PAuth registers instead of 10 by removal of macro CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h` and assigning its value to CTX_PAUTH_REGS_END. - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions in `msr spsel` instruction instead of hard-coded values. - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI. Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Diffstat (limited to 'bl31')
-rw-r--r--bl31/aarch64/bl31_entrypoint.S32
-rw-r--r--bl31/aarch64/ea_delegate.S40
-rw-r--r--bl31/aarch64/runtime_exceptions.S57
-rw-r--r--bl31/bl31_main.c17
4 files changed, 51 insertions, 95 deletions
diff --git a/bl31/aarch64/bl31_entrypoint.S b/bl31/aarch64/bl31_entrypoint.S
index e7ad5a8977..1ad26e4fee 100644
--- a/bl31/aarch64/bl31_entrypoint.S
+++ b/bl31/aarch64/bl31_entrypoint.S
@@ -98,26 +98,16 @@ func bl31_entrypoint
mov x3, x23
bl bl31_setup
- /* --------------------------------------------------------------------
- * Enable pointer authentication
- * --------------------------------------------------------------------
- */
#if ENABLE_PAUTH
- mrs x0, sctlr_el3
- orr x0, x0, #SCTLR_EnIA_BIT
-#if ENABLE_BTI
/* --------------------------------------------------------------------
- * Enable PAC branch type compatibility
+ * Program APIAKey_EL1 and enable pointer authentication
* --------------------------------------------------------------------
*/
- bic x0, x0, #SCTLR_BT_BIT
-#endif /* ENABLE_BTI */
- msr sctlr_el3, x0
- isb
+ bl pauth_init_enable_el3
#endif /* ENABLE_PAUTH */
/* --------------------------------------------------------------------
- * Jump to main function.
+ * Jump to main function
* --------------------------------------------------------------------
*/
bl bl31_main
@@ -209,24 +199,12 @@ func bl31_warm_entrypoint
#endif
bl bl31_plat_enable_mmu
- /* --------------------------------------------------------------------
- * Enable pointer authentication
- * --------------------------------------------------------------------
- */
#if ENABLE_PAUTH
- bl pauth_load_bl_apiakey
-
- mrs x0, sctlr_el3
- orr x0, x0, #SCTLR_EnIA_BIT
-#if ENABLE_BTI
/* --------------------------------------------------------------------
- * Enable PAC branch type compatibility
+ * Program APIAKey_EL1 and enable pointer authentication
* --------------------------------------------------------------------
*/
- bic x0, x0, #SCTLR_BT_BIT
-#endif /* ENABLE_BTI */
- msr sctlr_el3, x0
- isb
+ bl pauth_init_enable_el3
#endif /* ENABLE_PAUTH */
bl psci_warmboot_entrypoint
diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S
index 8dca10cf93..6e71a063a2 100644
--- a/bl31/aarch64/ea_delegate.S
+++ b/bl31/aarch64/ea_delegate.S
@@ -65,22 +65,16 @@ func enter_lower_el_sync_ea
mrs x30, esr_el3
tbz x30, #ESR_ISS_EABORT_EA_BIT, 2f
- /* Save GP registers */
- bl save_gp_registers
-
/*
- * If Secure Cycle Counter is not disabled in MDCR_EL3
- * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
- * disable all event counters and cycle counter.
+ * Save general purpose and ARMv8.3-PAuth registers (if enabled).
+ * If Secure Cycle Counter is not disabled in MDCR_EL3 when
+ * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter.
*/
- bl save_pmcr_disable_pmu
+ bl save_gp_pmcr_pauth_regs
- /* Save ARMv8.3-PAuth registers and load firmware key */
-#if CTX_INCLUDE_PAUTH_REGS
- bl pauth_context_save
-#endif
#if ENABLE_PAUTH
- bl pauth_load_bl_apiakey
+ /* Load and program APIAKey firmware key */
+ bl pauth_load_bl31_apiakey
#endif
/* Setup exception class and syndrome arguments for platform handler */
@@ -110,22 +104,16 @@ func enter_lower_el_async_ea
*/
str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
- /* Save GP registers */
- bl save_gp_registers
-
/*
- * If Secure Cycle Counter is not disabled in MDCR_EL3
- * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
- * disable all event counters and cycle counter.
+ * Save general purpose and ARMv8.3-PAuth registers (if enabled).
+ * If Secure Cycle Counter is not disabled in MDCR_EL3 when
+ * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter.
*/
- bl save_pmcr_disable_pmu
+ bl save_gp_pmcr_pauth_regs
- /* Save ARMv8.3-PAuth registers and load firmware key */
-#if CTX_INCLUDE_PAUTH_REGS
- bl pauth_context_save
-#endif
#if ENABLE_PAUTH
- bl pauth_load_bl_apiakey
+ /* Load and program APIAKey firmware key */
+ bl pauth_load_bl31_apiakey
#endif
/* Setup exception class and syndrome arguments for platform handler */
@@ -247,7 +235,7 @@ func ea_proceed
/* Switch to runtime stack */
ldr x5, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
- msr spsel, #0
+ msr spsel, #MODE_SP_EL0
mov sp, x5
mov x29, x30
@@ -269,7 +257,7 @@ func ea_proceed
#endif
/* Make SP point to context */
- msr spsel, #1
+ msr spsel, #MODE_SP_ELX
/* Restore EL3 state and ESR */
ldp x1, x2, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index 1cbec8fd91..51f5b7b34b 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -65,19 +65,17 @@
mrs x30, DISR_EL1
tbz x30, #DISR_A_BIT, 1f
- /* Save GP registers and restore them afterwards */
- bl save_gp_registers
-
/*
- * If Secure Cycle Counter is not disabled in MDCR_EL3
- * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
- * disable all event counters and cycle counter.
+ * Save general purpose and ARMv8.3-PAuth registers (if enabled).
+ * If Secure Cycle Counter is not disabled in MDCR_EL3 when
+ * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter.
*/
- bl save_pmcr_disable_pmu
+ bl save_gp_pmcr_pauth_regs
bl handle_lower_el_ea_esb
- bl restore_gp_registers
+ /* Restore general purpose, PMCR_EL0 and ARMv8.3-PAuth registers */
+ bl restore_gp_pmcr_pauth_regs
1:
#else
/* Unmask the SError interrupt */
@@ -129,21 +127,16 @@
*/
.macro handle_interrupt_exception label
- bl save_gp_registers
-
/*
- * If Secure Cycle Counter is not disabled in MDCR_EL3
- * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
- * disable all event counters and cycle counter.
+ * Save general purpose and ARMv8.3-PAuth registers (if enabled).
+ * If Secure Cycle Counter is not disabled in MDCR_EL3 when
+ * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter.
*/
- bl save_pmcr_disable_pmu
+ bl save_gp_pmcr_pauth_regs
- /* Save ARMv8.3-PAuth registers and load firmware key */
-#if CTX_INCLUDE_PAUTH_REGS
- bl pauth_context_save
-#endif
#if ENABLE_PAUTH
- bl pauth_load_bl_apiakey
+ /* Load and program APIAKey firmware key */
+ bl pauth_load_bl31_apiakey
#endif
/* Save the EL3 system registers needed to return from this exception */
@@ -154,7 +147,7 @@
/* Switch to the runtime stack i.e. SP_EL0 */
ldr x2, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
mov x20, sp
- msr spsel, #0
+ msr spsel, #MODE_SP_EL0
mov sp, x2
/*
@@ -368,22 +361,16 @@ smc_handler32:
smc_handler64:
/* NOTE: The code below must preserve x0-x4 */
- /* Save general purpose registers */
- bl save_gp_registers
-
/*
- * If Secure Cycle Counter is not disabled in MDCR_EL3
- * when ARMv8.5-PMU is implemented, save PMCR_EL0 and
- * disable all event counters and cycle counter.
+ * Save general purpose and ARMv8.3-PAuth registers (if enabled).
+ * If Secure Cycle Counter is not disabled in MDCR_EL3 when
+ * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter.
*/
- bl save_pmcr_disable_pmu
+ bl save_gp_pmcr_pauth_regs
- /* Save ARMv8.3-PAuth registers and load firmware key */
-#if CTX_INCLUDE_PAUTH_REGS
- bl pauth_context_save
-#endif
#if ENABLE_PAUTH
- bl pauth_load_bl_apiakey
+ /* Load and program APIAKey firmware key */
+ bl pauth_load_bl31_apiakey
#endif
/*
@@ -403,7 +390,7 @@ smc_handler64:
ldr x12, [x6, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]
/* Switch to SP_EL0 */
- msr spsel, #0
+ msr spsel, #MODE_SP_EL0
/*
* Save the SPSR_EL3, ELR_EL3, & SCR_EL3 in case there is a world
@@ -471,10 +458,12 @@ smc_prohibited:
mov x0, #SMC_UNK
eret
+#if DEBUG
rt_svc_fw_critical_error:
/* Switch to SP_ELx */
- msr spsel, #1
+ msr spsel, #MODE_SP_ELX
no_ret report_unhandled_exception
+#endif
endfunc smc_handler
/* ---------------------------------------------------------------------
diff --git a/bl31/bl31_main.c b/bl31/bl31_main.c
index 856ea9f62b..92a2027dd0 100644
--- a/bl31/bl31_main.c
+++ b/bl31/bl31_main.c
@@ -8,6 +8,7 @@
#include <string.h>
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <bl31/bl31.h>
#include <bl31/ehf.h>
@@ -72,16 +73,16 @@ void bl31_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
/* Perform early platform-specific setup */
bl31_early_platform_setup2(arg0, arg1, arg2, arg3);
- /*
- * Update pointer authentication key before the MMU is enabled. It is
- * saved in the rodata section, that can be writen before enabling the
- * MMU. This function must be called after the console is initialized
- * in the early platform setup.
- */
- bl_handle_pauth();
-
/* Perform late platform-specific setup */
bl31_plat_arch_setup();
+
+#if CTX_INCLUDE_PAUTH_REGS
+ /*
+ * Assert that the ARMv8.3-PAuth registers are present or an access
+ * fault will be triggered when they are being saved or restored.
+ */
+ assert(is_armv8_3_pauth_present());
+#endif /* CTX_INCLUDE_PAUTH_REGS */
}
/*******************************************************************************