BL2: Enable pointer authentication support
The size increase after enabling options related to ARMv8.3-PAuth is:
+----------------------------+-------+-------+-------+--------+
| | text | bss | data | rodata |
+----------------------------+-------+-------+-------+--------+
| CTX_INCLUDE_PAUTH_REGS = 1 | +40 | +0 | +0 | +0 |
| | 0.2% | | | |
+----------------------------+-------+-------+-------+--------+
| ENABLE_PAUTH = 1 | +664 | +0 | +16 | +0 |
| | 3.1% | | 0.9% | |
+----------------------------+-------+-------+-------+--------+
Results calculated with the following build configuration:
make PLAT=fvp SPD=tspd DEBUG=1 \
SDEI_SUPPORT=1 \
EL3_EXCEPTION_HANDLING=1 \
TSP_NS_INTR_ASYNC_PREEMPT=1 \
CTX_INCLUDE_PAUTH_REGS=1 \
ENABLE_PAUTH=1
The changes for BL2_AT_EL3 aren't done in this commit.
Change-Id: I8c803b40c7160525a06173bc6cdca21c4505837d
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
diff --git a/bl2/aarch32/bl2_entrypoint.S b/bl2/aarch32/bl2_entrypoint.S
index e7b98af..23d1513 100644
--- a/bl2/aarch32/bl2_entrypoint.S
+++ b/bl2/aarch32/bl2_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -108,16 +108,15 @@
#endif
/* ---------------------------------------------
- * Perform early platform setup & platform
- * specific early arch. setup e.g. mmu setup
+ * Perform BL2 setup
* ---------------------------------------------
*/
mov r0, r9
mov r1, r10
mov r2, r11
mov r3, r12
- bl bl2_early_platform_setup2
- bl bl2_plat_arch_setup
+
+ bl bl2_setup
/* ---------------------------------------------
* Jump to main function.
diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S
index d938947..611b807 100644
--- a/bl2/aarch64/bl2_entrypoint.S
+++ b/bl2/aarch64/bl2_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -106,17 +106,25 @@
#endif
/* ---------------------------------------------
- * Perform early platform setup & platform
- * specific early arch. setup e.g. mmu setup
+ * Perform BL2 setup
* ---------------------------------------------
*/
mov x0, x20
mov x1, x21
mov x2, x22
mov x3, x23
- bl bl2_early_platform_setup2
+ bl bl2_setup
- bl bl2_plat_arch_setup
+ /* ---------------------------------------------
+ * Enable pointer authentication
+ * ---------------------------------------------
+ */
+#if ENABLE_PAUTH
+ mrs x0, sctlr_el1
+ orr x0, x0, #SCTLR_EnIA_BIT
+ msr sctlr_el1, x0
+ isb
+#endif /* ENABLE_PAUTH */
/* ---------------------------------------------
* Jump to main function.
diff --git a/bl2/bl2.mk b/bl2/bl2.mk
index f905bc2..9523918 100644
--- a/bl2/bl2.mk
+++ b/bl2/bl2.mk
@@ -1,10 +1,11 @@
#
-# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
-BL2_SOURCES += bl2/bl2_main.c \
+BL2_SOURCES += bl2/bl2_image_load_v2.c \
+ bl2/bl2_main.c \
bl2/${ARCH}/bl2_arch_setup.c \
lib/locks/exclusive/${ARCH}/spinlock.S \
plat/common/${ARCH}/platform_up_stack.S \
@@ -14,7 +15,9 @@
BL2_SOURCES += common/aarch64/early_exceptions.S
endif
-BL2_SOURCES += bl2/bl2_image_load_v2.c
+ifeq (${ENABLE_PAUTH},1)
+BL2_CFLAGS += -msign-return-address=non-leaf
+endif
ifeq (${BL2_AT_EL3},0)
BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index 019088d..e7ab7bb 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -22,6 +22,29 @@
#endif
/*******************************************************************************
+ * Setup function for BL2.
+ ******************************************************************************/
+void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
+ u_register_t arg3)
+{
+ /* Perform early platform-specific setup */
+ bl2_early_platform_setup2(arg0, arg1, arg2, arg3);
+
+#ifdef AARCH64
+ /*
+ * Update pointer authentication key before the MMU is enabled. It is
+ * saved in the rodata section, that can be writen before enabling the
+ * MMU. This function must be called after the console is initialized
+ * in the early platform setup.
+ */
+ bl_handle_pauth();
+#endif /* AARCH64 */
+
+ /* Perform late platform-specific setup */
+ bl2_plat_arch_setup();
+}
+
+/*******************************************************************************
* The only thing to do in BL2 is to load further images and pass control to
* next BL. The memory occupied by BL2 will be reclaimed by BL3x stages. BL2
* runs entirely in S-EL1.