mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 01:24:27 +00:00
79c0c7fac0
In preparation for SMCCC_ARCH_FEATURE_AVAILABILITY, it is useful for context to be directly related to the underlying system. Currently, certain bits like SCR_EL3.APK are always set with the understanding that they will only take effect if the feature is present. However, that is problematic for SMCCC_ARCH_FEATURE_AVAILABILITY (an SMCCC call to report which features firmware enables), as simply reading the enable bit may contradict the ID register, like the APK bit above for a system with no Pauth present. This patch is to clean up these cases. Add a check for PAuth's presence so that the APK bit remains unset if not present. Also move SPE and TRBE enablement to only the NS context. They already only enable the features for NS only and disable them for Secure and Realm worlds. This change only makes these worlds' context read 0 for easy bitmasking. There's only a single snag on SPE and TRBE. Currently, their fields have the same values and any world asymmetry is handled by hardware. Since we don't want to do that, the buffers' ownership will change if we just set the fields to 0 for non-NS worlds. Doing that, however, exposes Secure state to a potential denial of service attack - a malicious NS can enable profiling and call an SMC. Then, the owning security state will change and since no SPE/TRBE registers are contexted, Secure state will start generating records. Always have NS world own the buffers to prevent this. Finally, get rid of manage_extensions_common() as it's just a level of indirection to enable a single feature. Change-Id: I487bd4c70ac3e2105583917a0e5499e0ee248ed9 Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com> |
||
|---|---|---|
| .. | ||
| aarch32 | ||
| aarch64 | ||
| bl_aux_params | ||
| compiler-rt | ||
| coreboot | ||
| cpus | ||
| debugfs | ||
| el3_runtime | ||
| extensions | ||
| fconf | ||
| gpt_rme | ||
| hob | ||
| libc | ||
| libfdt | ||
| locks | ||
| mpmm | ||
| optee | ||
| pmf | ||
| psa | ||
| psci | ||
| romlib | ||
| semihosting | ||
| stack_protector | ||
| transfer_list | ||
| utils | ||
| xlat_mpu | ||
| xlat_tables | ||
| xlat_tables_v2 | ||
| zlib | ||