mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 01:24:27 +00:00
ed108b5605
This patch provides the following features and makes modifications listed below: - Individual APIAKey key generation for each CPU. - New key generation on every BL31 warm boot and TSP CPU On event. - Per-CPU storage of APIAKey added in percpu_data[] of cpu_data structure. - `plat_init_apiakey()` function replaced with `plat_init_apkey()` which returns 128-bit value and uses Generic timer physical counter value to increase the randomness of the generated key. The new function can be used for generation of all ARMv8.3-PAuth keys - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`. - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively; pauth_disable_el1()` and `pauth_disable_el3()` functions disable PAuth for EL1 and EL3 respectively; `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from cpu-data structure. - Combined `save_gp_pauth_registers()` function replaces calls to `save_gp_registers()` and `pauth_context_save()`; `restore_gp_pauth_registers()` replaces `pauth_context_restore()` and `restore_gp_registers()` calls. - `restore_gp_registers_eret()` function removed with corresponding code placed in `el3_exit()`. - Fixed the issue when `pauth_t pauth_ctx` structure allocated space for 12 uint64_t PAuth registers instead of 10 by removal of macro CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h` and assigning its value to CTX_PAUTH_REGS_END. - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions in `msr spsel` instruction instead of hard-coded values. - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI. Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
69 lines
2.2 KiB
ArmAsm
69 lines
2.2 KiB
ArmAsm
/*
|
|
* Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#include <arch.h>
|
|
#include <el3_common_macros.S>
|
|
|
|
.globl bl1_entrypoint
|
|
|
|
|
|
/* -----------------------------------------------------
|
|
* bl1_entrypoint() is the entry point into the trusted
|
|
* firmware code when a cpu is released from warm or
|
|
* cold reset.
|
|
* -----------------------------------------------------
|
|
*/
|
|
|
|
func bl1_entrypoint
|
|
/* ---------------------------------------------------------------------
|
|
* If the reset address is programmable then bl1_entrypoint() is
|
|
* executed only on the cold boot path. Therefore, we can skip the warm
|
|
* boot mailbox mechanism.
|
|
* ---------------------------------------------------------------------
|
|
*/
|
|
el3_entrypoint_common \
|
|
_init_sctlr=1 \
|
|
_warm_boot_mailbox=!PROGRAMMABLE_RESET_ADDRESS \
|
|
_secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \
|
|
_init_memory=1 \
|
|
_init_c_runtime=1 \
|
|
_exception_vectors=bl1_exceptions
|
|
|
|
/* --------------------------------------------------------------------
|
|
* Perform BL1 setup
|
|
* --------------------------------------------------------------------
|
|
*/
|
|
bl bl1_setup
|
|
|
|
#if ENABLE_PAUTH
|
|
/* --------------------------------------------------------------------
|
|
* Program APIAKey_EL1 and enable pointer authentication.
|
|
* --------------------------------------------------------------------
|
|
*/
|
|
bl pauth_init_enable_el3
|
|
#endif /* ENABLE_PAUTH */
|
|
|
|
/* --------------------------------------------------------------------
|
|
* Initialize platform and jump to our c-entry point
|
|
* for this type of reset.
|
|
* --------------------------------------------------------------------
|
|
*/
|
|
bl bl1_main
|
|
|
|
#if ENABLE_PAUTH
|
|
/* --------------------------------------------------------------------
|
|
* Disable pointer authentication before jumping to next boot image.
|
|
* --------------------------------------------------------------------
|
|
*/
|
|
bl pauth_disable_el3
|
|
#endif /* ENABLE_PAUTH */
|
|
|
|
/* --------------------------------------------------
|
|
* Do the transition to next boot image.
|
|
* --------------------------------------------------
|
|
*/
|
|
b el3_exit
|
|
endfunc bl1_entrypoint
|