Stack_seal_mitigation: Seal thread stacks for IPC mode Seal all thread stacks (PSP) by putting two seal words for IPC mode. It should be noted that stack sealing mitigation is mostly relevant for Trust zone based ARMv8-M CPUs wherein the attack is launched from the Non Secure side. For ARMv6-M and ARMv7-M, the stack sealing could be skipped. Change-Id: I74e287a4bf0d28b7d4fdd1302d6429175c1bf77f Signed-off-by: Ken Liu <ken.liu@arm.com>

commit: c0b5f6dae81ad9158f08227bd03a26519e7b4848 [log] [tgz]
author: Ken Liu <ken.liu@arm.com> Sat Jul 25 12:05:50 2020 +0800
committer: Soby Mathew <soby.mathew@arm.com> Fri Oct 16 17:02:07 2020 +0100
tree: 7c28e33cf28f5e97a6b2b444db09b45ee6ba4869
parent: 05e13bac2c5a0c035b51e5e9513d4a59a966ce5e [diff]
diff --git a/secure_fw/spm/include/tfm_arch_v8m.h b/secure_fw/spm/include/tfm_arch_v8m.h
index a0912c4..58576d3 100644
--- a/secure_fw/spm/include/tfm_arch_v8m.h
+++ b/secure_fw/spm/include/tfm_arch_v8m.h

@@ -110,6 +110,26 @@
 }
 
 /**
+ * \brief Seal the thread stack.
+ *
+ * This function must be called only when the caller is using MSP.
+ *
+ * \param[in] stk        Thread stack address.
+ *
+ * \retval stack         Updated thread stack address.
+ */
+__STATIC_INLINE uintptr_t tfm_arch_seal_thread_stack(uintptr_t stk)
+{
+    TFM_CORE_ASSERT((stk & 0x7) == 0);
+    stk -= TFM_STACK_SEALED_SIZE;
+
+    *((uint32_t *)stk)       = TFM_STACK_SEAL_VALUE;
+    *((uint32_t *)(stk + 4)) = TFM_STACK_SEAL_VALUE;
+
+    return stk;
+}
+
+/**
  * \brief Update architecture context value into hardware
  *
  * \param[in] p_actx        Pointer of context data
commit	c0b5f6dae81ad9158f08227bd03a26519e7b4848	[log] [tgz]
author	Ken Liu <ken.liu@arm.com>	Sat Jul 25 12:05:50 2020 +0800
committer	Soby Mathew <soby.mathew@arm.com>	Fri Oct 16 17:02:07 2020 +0100
tree	7c28e33cf28f5e97a6b2b444db09b45ee6ba4869
parent	05e13bac2c5a0c035b51e5e9513d4a59a966ce5e [diff]