From 83683ddd3d704e2d8c1fe9bef9eabb4639c0846a Mon Sep 17 00:00:00 2001 From: Tomas Pilar Date: Wed, 28 Oct 2020 15:35:53 +0000 Subject: plat/qemu: Use RNDR in stack protector When getting a stack protector canary value, check if cpu supports FEAT_RNG and use that. Fallback to old method of using a (hardcoded value ^ timer). Signed-off-by: Tomas Pilar Change-Id: I8181acf8e31661d4cc82bc3a4078f8751909e725 --- plat/qemu/common/qemu_stack_protector.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'plat') diff --git a/plat/qemu/common/qemu_stack_protector.c b/plat/qemu/common/qemu_stack_protector.c index c226158ad..15ce3d6d2 100644 --- a/plat/qemu/common/qemu_stack_protector.c +++ b/plat/qemu/common/qemu_stack_protector.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,17 +7,25 @@ #include #include +#include #include #define RANDOM_CANARY_VALUE ((u_register_t) 3288484550995823360ULL) u_register_t plat_get_stack_protector_canary(void) { +#if ENABLE_FEAT_RNG + /* Use the RNDR instruction if the CPU supports it */ + if (is_armv8_5_rng_present()) { + return read_rndr(); + } +#endif + /* - * Ideally, a random number should be returned instead of the + * Ideally, a random number should be returned above. If a random + * number generator is not supported, return instead a * combination of a timer's value and a compile-time constant. - * As the virt platform does not have any random number generator, - * this is better than nothing but not necessarily really secure. + * This is better than nothing but not necessarily really secure. */ return RANDOM_CANARY_VALUE ^ read_cntpct_el0(); } -- cgit v1.2.3