diff options
Diffstat (limited to 'bl2')
| -rw-r--r-- | bl2/aarch64/bl2_el3_entrypoint.S | 40 | ||||
| -rw-r--r-- | bl2/aarch64/bl2_entrypoint.S | 15 | ||||
| -rw-r--r-- | bl2/bl2.ld.S | 12 | ||||
| -rw-r--r-- | bl2/bl2_el3.ld.S | 47 | ||||
| -rw-r--r-- | bl2/bl2_main.c | 54 |
5 files changed, 102 insertions, 66 deletions
diff --git a/bl2/aarch64/bl2_el3_entrypoint.S b/bl2/aarch64/bl2_el3_entrypoint.S index 261d29573..4eab39cd3 100644 --- a/bl2/aarch64/bl2_el3_entrypoint.S +++ b/bl2/aarch64/bl2_el3_entrypoint.S @@ -1,9 +1,11 @@ /* - * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ +#include <platform_def.h> + #include <arch.h> #include <asm_macros.S> #include <common/bl_common.h> @@ -13,6 +15,12 @@ .globl bl2_el3_run_image .globl bl2_run_next_image +#if BL2_IN_XIP_MEM +#define FIXUP_SIZE 0 +#else +#define FIXUP_SIZE ((BL2_LIMIT) - (BL2_BASE)) +#endif + func bl2_entrypoint /* Save arguments x0-x3 from previous Boot loader */ mov x20, x0 @@ -26,7 +34,8 @@ func bl2_entrypoint _secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \ _init_memory=1 \ _init_c_runtime=1 \ - _exception_vectors=bl2_el3_exceptions + _exception_vectors=bl2_el3_exceptions \ + _pie_fixup_size=FIXUP_SIZE /* --------------------------------------------- * Restore parameters of boot rom @@ -43,22 +52,12 @@ func bl2_entrypoint */ bl bl2_el3_setup - /* --------------------------------------------- - * Enable pointer authentication - * --------------------------------------------- - */ #if ENABLE_PAUTH - mrs x0, sctlr_el3 - orr x0, x0, #SCTLR_EnIA_BIT -#if ENABLE_BTI /* --------------------------------------------- - * Enable PAC branch type compatibility + * Program APIAKey_EL1 and enable pointer authentication. * --------------------------------------------- */ - bic x0, x0, #SCTLR_BT_BIT -#endif /* ENABLE_BTI */ - msr sctlr_el3, x0 - isb + bl pauth_init_enable_el3 #endif /* ENABLE_PAUTH */ /* --------------------------------------------- @@ -87,16 +86,13 @@ func bl2_run_next_image tlbi alle3 bl bl2_el3_plat_prepare_exit +#if ENABLE_PAUTH /* --------------------------------------------- - * Disable pointer authentication before jumping to BL31 or that will - * cause an authentication failure during the early platform init. + * Disable pointer authentication before jumping + * to next boot image. * --------------------------------------------- */ -#if ENABLE_PAUTH - mrs x0, sctlr_el3 - bic x0, x0, #SCTLR_EnIA_BIT - msr sctlr_el3, x0 - isb + bl pauth_disable_el3 #endif /* ENABLE_PAUTH */ ldp x0, x1, [x20, #ENTRY_POINT_INFO_PC_OFFSET] @@ -107,5 +103,5 @@ func bl2_run_next_image ldp x4, x5, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x20)] ldp x2, x3, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x10)] ldp x0, x1, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x0)] - eret + exception_return endfunc bl2_run_next_image diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S index 5e5b83b1d..a021e424a 100644 --- a/bl2/aarch64/bl2_entrypoint.S +++ b/bl2/aarch64/bl2_entrypoint.S @@ -117,22 +117,13 @@ func bl2_entrypoint mov x3, x23 bl bl2_setup - /* --------------------------------------------- - * Enable pointer authentication - * --------------------------------------------- - */ #if ENABLE_PAUTH - mrs x0, sctlr_el1 - orr x0, x0, #SCTLR_EnIA_BIT -#if ENABLE_BTI /* --------------------------------------------- - * Enable PAC branch type compatibility + * Program APIAKey_EL1 + * and enable pointer authentication. * --------------------------------------------- */ - bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT) -#endif /* ENABLE_BTI */ - msr sctlr_el1, x0 - isb + bl pauth_init_enable_el1 #endif /* ENABLE_PAUTH */ /* --------------------------------------------- diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S index 30cdf7d78..6230562ed 100644 --- a/bl2/bl2.ld.S +++ b/bl2/bl2.ld.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -27,7 +27,7 @@ SECTIONS .text . : { __TEXT_START__ = .; *bl2_entrypoint.o(.text*) - *(.text*) + *(SORT_BY_ALIGNMENT(.text*)) *(.vectors) . = ALIGN(PAGE_SIZE); __TEXT_END__ = .; @@ -44,7 +44,7 @@ SECTIONS .rodata . : { __RODATA_START__ = .; - *(.rodata*) + *(SORT_BY_ALIGNMENT(.rodata*)) /* Ensure 8-byte alignment for descriptors and ensure inclusion */ . = ALIGN(8); @@ -59,8 +59,8 @@ SECTIONS ro . : { __RO_START__ = .; *bl2_entrypoint.o(.text*) - *(.text*) - *(.rodata*) + *(SORT_BY_ALIGNMENT(.text*)) + *(SORT_BY_ALIGNMENT(.rodata*)) /* Ensure 8-byte alignment for descriptors and ensure inclusion */ . = ALIGN(8); @@ -93,7 +93,7 @@ SECTIONS */ .data . : { __DATA_START__ = .; - *(.data*) + *(SORT_BY_ALIGNMENT(.data*)) __DATA_END__ = .; } >RAM diff --git a/bl2/bl2_el3.ld.S b/bl2/bl2_el3.ld.S index 82b51a862..b6570ee3e 100644 --- a/bl2/bl2_el3.ld.S +++ b/bl2/bl2_el3.ld.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -44,7 +44,7 @@ SECTIONS *bl2_el3_entrypoint.o(.text*) *(.text.asm.*) __TEXT_RESIDENT_END__ = .; - *(.text*) + *(SORT_BY_ALIGNMENT(.text*)) *(.vectors) . = ALIGN(PAGE_SIZE); __TEXT_END__ = .; @@ -52,7 +52,7 @@ SECTIONS .rodata . : { __RODATA_START__ = .; - *(.rodata*) + *(SORT_BY_ALIGNMENT(.rodata*)) /* Ensure 8-byte alignment for descriptors and ensure inclusion */ . = ALIGN(8); @@ -69,6 +69,16 @@ SECTIONS KEEP(*(cpu_ops)) __CPU_OPS_END__ = .; + /* + * Keep the .got section in the RO section as it is patched + * prior to enabling the MMU and having the .got in RO is better for + * security. GOT is a table of addresses so ensure 8-byte alignment. + */ + . = ALIGN(8); + __GOT_START__ = .; + *(.got) + __GOT_END__ = .; + . = ALIGN(PAGE_SIZE); __RODATA_END__ = .; } >ROM @@ -82,8 +92,8 @@ SECTIONS *bl2_el3_entrypoint.o(.text*) *(.text.asm.*) __TEXT_RESIDENT_END__ = .; - *(.text*) - *(.rodata*) + *(SORT_BY_ALIGNMENT(.text*)) + *(SORT_BY_ALIGNMENT(.rodata*)) /* * Ensure 8-byte alignment for cpu_ops so that its fields are also @@ -100,6 +110,16 @@ SECTIONS KEEP(*(.img_parser_lib_descs)) __PARSER_LIB_DESCS_END__ = .; + /* + * Keep the .got section in the RO section as it is patched + * prior to enabling the MMU and having the .got in RO is better for + * security. GOT is a table of addresses so ensure 8-byte alignment. + */ + . = ALIGN(8); + __GOT_START__ = .; + *(.got) + __GOT_END__ = .; + *(.vectors) __RO_END_UNALIGNED__ = .; /* @@ -135,10 +155,21 @@ SECTIONS */ .data . : { __DATA_RAM_START__ = .; - *(.data*) + *(SORT_BY_ALIGNMENT(.data*)) __DATA_RAM_END__ = .; } >RAM AT>ROM + /* + * .rela.dyn needs to come after .data for the read-elf utility to parse + * this section correctly. Ensure 8-byte alignment so that the fields of + * RELA data structure are aligned. + */ + . = ALIGN(8); + __RELA_START__ = .; + .rela.dyn . : { + } >RAM + __RELA_END__ = .; + stacks (NOLOAD) : { __STACKS_START__ = .; *(tzfw_normal_stacks) @@ -195,6 +226,10 @@ SECTIONS __RW_END__ = .; __BL2_END__ = .; + /DISCARD/ : { + *(.dynsym .dynstr .hash .gnu.hash) + } + #if BL2_IN_XIP_MEM __BL2_RAM_START__ = ADDR(.data); __BL2_RAM_END__ = .; diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c index 79b0e717b..802c17464 100644 --- a/bl2/bl2_main.c +++ b/bl2/bl2_main.c @@ -4,13 +4,17 @@ * SPDX-License-Identifier: BSD-3-Clause */ +#include <assert.h> + #include <arch_helpers.h> +#include <arch_features.h> #include <bl1/bl1.h> #include <bl2/bl2.h> #include <common/bl_common.h> #include <common/debug.h> #include <drivers/auth/auth_mod.h> #include <drivers/console.h> +#include <lib/extensions/pauth.h> #include <plat/common/platform.h> #include "bl2_private.h" @@ -31,18 +35,16 @@ void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2, /* Perform early platform-specific setup */ bl2_early_platform_setup2(arg0, arg1, arg2, arg3); -#ifdef __aarch64__ - /* - * Update pointer authentication key before the MMU is enabled. It is - * saved in the rodata section, that can be writen before enabling the - * MMU. This function must be called after the console is initialized - * in the early platform setup. - */ - bl_handle_pauth(); -#endif /* __aarch64__ */ - /* Perform late platform-specific setup */ bl2_plat_arch_setup(); + +#if CTX_INCLUDE_PAUTH_REGS + /* + * Assert that the ARMv8.3-PAuth registers are present or an access + * fault will be triggered when they are being saved or restored. + */ + assert(is_armv8_3_pauth_present()); +#endif /* CTX_INCLUDE_PAUTH_REGS */ } #else /* if BL2_AT_EL3 */ @@ -55,18 +57,16 @@ void bl2_el3_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2, /* Perform early platform-specific setup */ bl2_el3_early_platform_setup(arg0, arg1, arg2, arg3); -#ifdef __aarch64__ - /* - * Update pointer authentication key before the MMU is enabled. It is - * saved in the rodata section, that can be writen before enabling the - * MMU. This function must be called after the console is initialized - * in the early platform setup. - */ - bl_handle_pauth(); -#endif /* __aarch64__ */ - /* Perform late platform-specific setup */ bl2_el3_plat_arch_setup(); + +#if CTX_INCLUDE_PAUTH_REGS + /* + * Assert that the ARMv8.3-PAuth registers are present or an access + * fault will be triggered when they are being saved or restored. + */ + assert(is_armv8_3_pauth_present()); +#endif /* CTX_INCLUDE_PAUTH_REGS */ } #endif /* BL2_AT_EL3 */ @@ -108,6 +108,13 @@ void bl2_main(void) console_flush(); +#if ENABLE_PAUTH + /* + * Disable pointer authentication before running next boot image + */ + pauth_disable_el1(); +#endif /* ENABLE_PAUTH */ + /* * Run next BL image via an SMC to BL1. Information on how to pass * control to the BL32 (if present) and BL33 software images will @@ -119,6 +126,13 @@ void bl2_main(void) print_entry_point_info(next_bl_ep_info); console_flush(); +#if ENABLE_PAUTH + /* + * Disable pointer authentication before running next boot image + */ + pauth_disable_el3(); +#endif /* ENABLE_PAUTH */ + bl2_run_next_image(next_bl_ep_info); #endif /* BL2_AT_EL3 */ } |