Introduce BTI support in ROMLIB
When TF-A is compiled with BTI enabled, the branches in the ROMLIB
jumptable must be preceded by a "bti j" instruction.
Moreover, when the additional "bti" instruction is inserted, the
jumptable entries have a distance of 8 bytes between them instead of 4.
Hence, the wrappers are also modified accordinly.
If TF-A is compiled without BTI enabled, the ROMLIB jumptable and
wrappers are generated as before.
Change-Id: Iaa59897668f8e59888d39046233300c2241d8de7
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
diff --git a/lib/romlib/Makefile b/lib/romlib/Makefile
index 7a3a51e..bc05d0f 100644
--- a/lib/romlib/Makefile
+++ b/lib/romlib/Makefile
@@ -29,6 +29,11 @@
LDFLAGS += -Map=$(MAPFILE)
endif
+ifeq (${ARM_ARCH_MINOR},0)
+ ASFLAGS = -march=armv8-a
+else
+ ASFLAGS = -march=armv8.${ARM_ARCH_MINOR}-a
+endif
.PHONY: all clean distclean
@@ -60,13 +65,13 @@
$(LIB_DIR)/libwrappers.a: $(BUILD_DIR)/jmptbl.i $(WRAPPER_DIR)/jmpvar.o
@echo " AR $@"
- $(Q)./genwrappers.sh -b $(WRAPPER_DIR) -o $@ $(BUILD_DIR)/jmptbl.i
+ $(Q)./genwrappers.sh -b $(WRAPPER_DIR) -o $@ --bti=$(ENABLE_BTI) --asflags=$(ASFLAGS) $(BUILD_DIR)/jmptbl.i
$(BUILD_DIR)/jmptbl.i: $(BUILD_DIR)/jmptbl.s
$(BUILD_DIR)/jmptbl.s: ../../$(PLAT_DIR)/jmptbl.i
@echo " TBL $@"
- $(Q)./gentbl.sh -o $@ -b $(BUILD_DIR) ../../$(PLAT_DIR)/jmptbl.i
+ $(Q)./gentbl.sh -o $@ -b $(BUILD_DIR) --bti=$(ENABLE_BTI) ../../$(PLAT_DIR)/jmptbl.i
clean:
@rm -f $(BUILD_DIR)/*
diff --git a/lib/romlib/gentbl.sh b/lib/romlib/gentbl.sh
index e64cfe2..bfb1ec3cf 100755
--- a/lib/romlib/gentbl.sh
+++ b/lib/romlib/gentbl.sh
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -19,6 +19,10 @@
build=$2
shift 2
;;
+ --bti=*)
+ enable_bti=$(echo $1 | sed 's/--bti=\(.*\)/\1/')
+ shift 1
+ ;;
--)
shift
break
@@ -47,12 +51,15 @@
awk -v OFS="\t" '
BEGIN{print "#index\tlib\tfunction\t[patch]"}
{print NR-1, $0}' | tee $build/jmptbl.i |
-awk -v OFS="\n" '
+awk -v OFS="\n" -v BTI=$enable_bti '
BEGIN {print "\t.text",
"\t.globl\tjmptbl",
"jmptbl:"}
{sub(/[:blank:]*#.*/,"")}
-!/^$/ {if ($3 == "reserved")
+!/^$/ {
+ if (BTI == 1)
+ print "\tbti\tj"
+ if ($3 == "reserved")
print "\t.word\t0x0"
else
print "\tb\t" $3}' > $$.tmp &&
diff --git a/lib/romlib/genwrappers.sh b/lib/romlib/genwrappers.sh
index 07d59ac..e092548 100755
--- a/lib/romlib/genwrappers.sh
+++ b/lib/romlib/genwrappers.sh
@@ -19,6 +19,14 @@
build=$2
shift 2
;;
+ --bti=*)
+ enable_bti=$(echo $1 | sed 's/--bti=\(.*\)/\1/')
+ shift 1
+ ;;
+ --asflags=*)
+ asflags=$(echo $1 | sed 's/--asflags=\(.*\)/\1/')
+ shift 1
+ ;;
--)
shift
break
@@ -30,8 +38,13 @@
esac
done
-awk '{sub(/[:blank:]*#.*/,"")}
-!/^$/ && $NF != "patch" && $NF != "reserved" {print $1*4, $2, $3}' "$@" |
+awk -v BTI=$enable_bti '
+{sub(/[:blank:]*#.*/,"")}
+!/^$/ && $NF != "patch" && $NF != "reserved" {
+ if (BTI == 1)
+ print $1*8, $2, $3
+ else
+ print $1*4, $2, $3}' "$@" |
while read idx lib sym
do
file=$build/${lib}_$sym
@@ -39,14 +52,20 @@
cat <<EOF > $file.s
.globl $sym
$sym:
+EOF
+if [ $enable_bti = 1 ]
+then
+ echo "\tbti\tjc" >> $file.s
+fi
+ cat <<EOF >> $file.s
ldr x17, =jmptbl
- ldr x17, [x17]
mov x16, #$idx
+ ldr x17, [x17]
add x16, x16, x17
br x16
EOF
- ${CROSS_COMPILE}as -o $file.o $file.s
+ ${CROSS_COMPILE}as ${asflags} -o $file.o $file.s
done
${CROSS_COMPILE}ar -rc $out $build/*.o