diff options
author | Antonio Nino Diaz <antonio.ninodiaz@arm.com> | 2019-02-19 11:53:51 +0000 |
---|---|---|
committer | Antonio Nino Diaz <antonio.ninodiaz@arm.com> | 2019-02-27 11:58:09 +0000 |
commit | b86048c40cb7d9ccd7aeac1681945676a6dc36ff (patch) | |
tree | 3a501b3395633ab07d312068c1dacd591493c7ac /include | |
parent | 5283962ebaf77850d68bb457608ede5174e43159 (diff) | |
download | trusted-firmware-a-b86048c40cb7d9ccd7aeac1681945676a6dc36ff.tar.gz |
Add support for pointer authentication
The previous commit added the infrastructure to load and save
ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
didn't actually enable pointer authentication in the firmware.
This patch adds the functionality needed for platforms to provide
authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
enable pointer authentication in the firmware itself. This option is
disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
enabled.
Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/arch/aarch64/arch_features.h | 17 | ||||
-rw-r--r-- | include/arch/aarch64/arch_helpers.h | 3 | ||||
-rw-r--r-- | include/common/bl_common.h | 4 | ||||
-rw-r--r-- | include/plat/common/platform.h | 3 |
4 files changed, 24 insertions, 3 deletions
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h index da8b6e4f1c..495ecb3a2f 100644 --- a/include/arch/aarch64/arch_features.h +++ b/include/arch/aarch64/arch_features.h @@ -23,6 +23,23 @@ static inline bool is_armv8_2_ttcnp_present(void) ID_AA64MMFR2_EL1_CNP_MASK) != 0U; } +static inline bool is_armv8_3_pauth_present(void) +{ + uint64_t mask = (ID_AA64ISAR1_GPI_MASK << ID_AA64ISAR1_GPI_SHIFT) | + (ID_AA64ISAR1_GPA_MASK << ID_AA64ISAR1_GPA_SHIFT) | + (ID_AA64ISAR1_API_MASK << ID_AA64ISAR1_API_SHIFT) | + (ID_AA64ISAR1_APA_MASK << ID_AA64ISAR1_APA_SHIFT); + + /* If any of the fields is not zero, PAuth is present */ + return (read_id_aa64isar1_el1() & mask) != 0U; +} + +static inline bool is_armv8_3_pauth_api_present(void) +{ + return ((read_id_aa64isar1_el1() >> ID_AA64ISAR1_API_SHIFT) & + ID_AA64ISAR1_API_MASK) != 0U; +} + static inline bool is_armv8_4_ttst_present(void) { return ((read_id_aa64mmfr2_el1() >> ID_AA64MMFR2_EL1_ST_SHIFT) & diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h index 4e459bbb9a..e07db300b5 100644 --- a/include/arch/aarch64/arch_helpers.h +++ b/include/arch/aarch64/arch_helpers.h @@ -454,7 +454,8 @@ DEFINE_RENAME_SYSREG_READ_FUNC(erxmisc1_el1, ERXMISC1_EL1) DEFINE_RENAME_SYSREG_READ_FUNC(id_aa64mmfr2_el1, ID_AA64MMFR2_EL1) /* Armv8.3 Pointer Authentication Registers */ -DEFINE_RENAME_SYSREG_RW_FUNCS(apgakeylo_el1, APGAKeyLo_EL1) +DEFINE_RENAME_SYSREG_RW_FUNCS(apiakeyhi_el1, APIAKeyHi_EL1) +DEFINE_RENAME_SYSREG_RW_FUNCS(apiakeylo_el1, APIAKeyLo_EL1) #define IS_IN_EL(x) \ (GET_EL(read_CurrentEl()) == MODE_EL##x) diff --git a/include/common/bl_common.h b/include/common/bl_common.h index fd7656eb5d..9817ec7fa3 100644 --- a/include/common/bl_common.h +++ b/include/common/bl_common.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -207,6 +207,8 @@ struct mmap_region; void setup_page_tables(const struct mmap_region *bl_regions, const struct mmap_region *plat_regions); +void bl_handle_pauth(void); + #endif /*__ASSEMBLY__*/ #endif /* BL_COMMON_H */ diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 13767ff0a4..4832e491cd 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -104,6 +104,7 @@ const char *plat_log_get_prefix(unsigned int log_level); void bl2_plat_preload_setup(void); int plat_try_next_boot_source(void); int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size); +uint64_t *plat_init_apiakey(void); /******************************************************************************* * Mandatory BL1 functions |