An oversimplified view of FEAT_PAuth is that it's a symmetric encryption
of the LR. PAC instructions execute as NOPs until explicitly turned on.
So in a function that turns PAuth on, the signing would have executed as
a NOP and the authentication will encrypt the address, leading to a
failure. That's why enablement is in assembly - we have full control of
when pointer authentications happen.
However, assembly is hard to read, is opaque to the compiler for
optimisations, and we need to call into C anyway for the platform hook
to get the key. So convert it to C. We can instruct the compiler to not
generate branch protection for the enable function only and as long as
the caller doesn't do branch protection (and all callers are entrypoints
written in assembly) everything will work.
Change-Id: I8917a26e1293033c910e3058664e3ca9207359b7
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
RECLAIM_INIT_CODE is useful to remove code that is only necessary during
boot. However, these functions are generally called once and as such
prime candidates for inlining. When building with LTO, the compiler is
pretty good at inlining every single one, making this option pointless.
So tell the compiler to not inline these functions. This ensures they
are kept separate and they can be garbage collected later. This is
expected to cost a little bit of speed due to the extra branching.
Change-Id: Ie83a9ec8db03cb42139742fc6d728d12ce8549d3
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Align entire TF-A to use Arm in copyright header.
Change-Id: Ief9992169efdab61d0da6bd8c5180de7a4bc2244
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Modern C compilers warn about unannotated switch/case fallthrough code,
and require either a comment with some magic words, or an explicit
compiler attribute.
Since some TF-A static analysis CI check suggests having a "fallthrough;"
statement instead of a comment, introduce a macro that implements that
statement, and emits the proper compiler attribute.
Change-Id: Ib34e615fb48d0f4a340aabfad4472e08d5c70248
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This patch introduces a build flag "RECLAIM_INIT_CODE" to mark boot time
code which allows platforms to place this memory in an appropriate
section to be reclaimed later. This features is primarily targeted for
BL31. Appropriate documentation updates are also done.
Change-Id: If0ca062851614805d769c332c771083d46599194
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
