path: root/docs/firmware-design.rst
diff options
authorAntonio Nino Diaz <antonio.ninodiaz@arm.com>2019-02-19 11:53:51 +0000
committerAntonio Nino Diaz <antonio.ninodiaz@arm.com>2019-02-27 11:58:09 +0000
commitb86048c40cb7d9ccd7aeac1681945676a6dc36ff (patch)
tree3a501b3395633ab07d312068c1dacd591493c7ac /docs/firmware-design.rst
parent5283962ebaf77850d68bb457608ede5174e43159 (diff)
Add support for pointer authentication
The previous commit added the infrastructure to load and save ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but didn't actually enable pointer authentication in the firmware. This patch adds the functionality needed for platforms to provide authentication keys for the firmware, and a new option (ENABLE_PAUTH) to enable pointer authentication in the firmware itself. This option is disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be enabled. Change-Id: I35127ec271e1198d43209044de39fa712ef202a5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Diffstat (limited to 'docs/firmware-design.rst')
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst
index 808afeedb9..ead7297d9d 100644
--- a/docs/firmware-design.rst
+++ b/docs/firmware-design.rst
@@ -2566,6 +2566,11 @@ Armv8.3-A
must be set to 1. This will add all pointer authentication system registers
to the context that is saved when doing a world switch.
+ The Trusted Firmware itself has support for pointer authentication at runtime
+ that can be enabled by setting both options ``ENABLE_PAUTH`` and
+ ``CTX_INCLUDE_PAUTH_REGS`` to 1. This enables pointer authentication in BL1,
+ BL2, BL31, and the TSP if it is used.