mirror of
https://github.com/CTCaer/switch-l4t-atf.git
synced 2024-12-13 13:15:39 +00:00
ed108b5605
This patch provides the following features and makes modifications listed below: - Individual APIAKey key generation for each CPU. - New key generation on every BL31 warm boot and TSP CPU On event. - Per-CPU storage of APIAKey added in percpu_data[] of cpu_data structure. - `plat_init_apiakey()` function replaced with `plat_init_apkey()` which returns 128-bit value and uses Generic timer physical counter value to increase the randomness of the generated key. The new function can be used for generation of all ARMv8.3-PAuth keys - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`. - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively; pauth_disable_el1()` and `pauth_disable_el3()` functions disable PAuth for EL1 and EL3 respectively; `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from cpu-data structure. - Combined `save_gp_pauth_registers()` function replaces calls to `save_gp_registers()` and `pauth_context_save()`; `restore_gp_pauth_registers()` replaces `pauth_context_restore()` and `restore_gp_registers()` calls. - `restore_gp_registers_eret()` function removed with corresponding code placed in `el3_exit()`. - Fixed the issue when `pauth_t pauth_ctx` structure allocated space for 12 uint64_t PAuth registers instead of 10 by removal of macro CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h` and assigning its value to CTX_PAUTH_REGS_END. - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions in `msr spsel` instruction instead of hard-coded values. - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI. Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
215 lines
7.2 KiB
C
215 lines
7.2 KiB
C
/*
|
|
* Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#include <assert.h>
|
|
#include <string.h>
|
|
|
|
#include <arch.h>
|
|
#include <arch_features.h>
|
|
#include <arch_helpers.h>
|
|
#include <bl31/bl31.h>
|
|
#include <bl31/ehf.h>
|
|
#include <common/bl_common.h>
|
|
#include <common/debug.h>
|
|
#include <common/runtime_svc.h>
|
|
#include <drivers/console.h>
|
|
#include <lib/el3_runtime/context_mgmt.h>
|
|
#include <lib/pmf/pmf.h>
|
|
#include <lib/runtime_instr.h>
|
|
#include <plat/common/platform.h>
|
|
#include <services/std_svc.h>
|
|
|
|
#if ENABLE_RUNTIME_INSTRUMENTATION
|
|
PMF_REGISTER_SERVICE_SMC(rt_instr_svc, PMF_RT_INSTR_SVC_ID,
|
|
RT_INSTR_TOTAL_IDS, PMF_STORE_ENABLE)
|
|
#endif
|
|
|
|
/*******************************************************************************
|
|
* This function pointer is used to initialise the BL32 image. It's initialized
|
|
* by SPD calling bl31_register_bl32_init after setting up all things necessary
|
|
* for SP execution. In cases where both SPD and SP are absent, or when SPD
|
|
* finds it impossible to execute SP, this pointer is left as NULL
|
|
******************************************************************************/
|
|
static int32_t (*bl32_init)(void);
|
|
|
|
/*******************************************************************************
|
|
* Variable to indicate whether next image to execute after BL31 is BL33
|
|
* (non-secure & default) or BL32 (secure).
|
|
******************************************************************************/
|
|
static uint32_t next_image_type = NON_SECURE;
|
|
|
|
/*
|
|
* Implement the ARM Standard Service function to get arguments for a
|
|
* particular service.
|
|
*/
|
|
uintptr_t get_arm_std_svc_args(unsigned int svc_mask)
|
|
{
|
|
/* Setup the arguments for PSCI Library */
|
|
DEFINE_STATIC_PSCI_LIB_ARGS_V1(psci_args, bl31_warm_entrypoint);
|
|
|
|
/* PSCI is the only ARM Standard Service implemented */
|
|
assert(svc_mask == PSCI_FID_MASK);
|
|
|
|
return (uintptr_t)&psci_args;
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* Simple function to initialise all BL31 helper libraries.
|
|
******************************************************************************/
|
|
void __init bl31_lib_init(void)
|
|
{
|
|
cm_init();
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* Setup function for BL31.
|
|
******************************************************************************/
|
|
void bl31_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
|
|
u_register_t arg3)
|
|
{
|
|
/* Perform early platform-specific setup */
|
|
bl31_early_platform_setup2(arg0, arg1, arg2, arg3);
|
|
|
|
/* Perform late platform-specific setup */
|
|
bl31_plat_arch_setup();
|
|
|
|
#if CTX_INCLUDE_PAUTH_REGS
|
|
/*
|
|
* Assert that the ARMv8.3-PAuth registers are present or an access
|
|
* fault will be triggered when they are being saved or restored.
|
|
*/
|
|
assert(is_armv8_3_pauth_present());
|
|
#endif /* CTX_INCLUDE_PAUTH_REGS */
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* BL31 is responsible for setting up the runtime services for the primary cpu
|
|
* before passing control to the bootloader or an Operating System. This
|
|
* function calls runtime_svc_init() which initializes all registered runtime
|
|
* services. The run time services would setup enough context for the core to
|
|
* switch to the next exception level. When this function returns, the core will
|
|
* switch to the programmed exception level via an ERET.
|
|
******************************************************************************/
|
|
void bl31_main(void)
|
|
{
|
|
NOTICE("BL31: %s\n", version_string);
|
|
NOTICE("BL31: %s\n", build_message);
|
|
|
|
/* Perform platform setup in BL31 */
|
|
bl31_platform_setup();
|
|
|
|
/* Initialise helper libraries */
|
|
bl31_lib_init();
|
|
|
|
#if EL3_EXCEPTION_HANDLING
|
|
INFO("BL31: Initialising Exception Handling Framework\n");
|
|
ehf_init();
|
|
#endif
|
|
|
|
/* Initialize the runtime services e.g. psci. */
|
|
INFO("BL31: Initializing runtime services\n");
|
|
runtime_svc_init();
|
|
|
|
/*
|
|
* All the cold boot actions on the primary cpu are done. We now need to
|
|
* decide which is the next image (BL32 or BL33) and how to execute it.
|
|
* If the SPD runtime service is present, it would want to pass control
|
|
* to BL32 first in S-EL1. In that case, SPD would have registered a
|
|
* function to initialize bl32 where it takes responsibility of entering
|
|
* S-EL1 and returning control back to bl31_main. Once this is done we
|
|
* can prepare entry into BL33 as normal.
|
|
*/
|
|
|
|
/*
|
|
* If SPD had registered an init hook, invoke it.
|
|
*/
|
|
if (bl32_init != NULL) {
|
|
INFO("BL31: Initializing BL32\n");
|
|
|
|
int32_t rc = (*bl32_init)();
|
|
|
|
if (rc == 0)
|
|
WARN("BL31: BL32 initialization failed\n");
|
|
}
|
|
/*
|
|
* We are ready to enter the next EL. Prepare entry into the image
|
|
* corresponding to the desired security state after the next ERET.
|
|
*/
|
|
bl31_prepare_next_image_entry();
|
|
|
|
console_flush();
|
|
|
|
/*
|
|
* Perform any platform specific runtime setup prior to cold boot exit
|
|
* from BL31
|
|
*/
|
|
bl31_plat_runtime_setup();
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* Accessor functions to help runtime services decide which image should be
|
|
* executed after BL31. This is BL33 or the non-secure bootloader image by
|
|
* default but the Secure payload dispatcher could override this by requesting
|
|
* an entry into BL32 (Secure payload) first. If it does so then it should use
|
|
* the same API to program an entry into BL33 once BL32 initialisation is
|
|
* complete.
|
|
******************************************************************************/
|
|
void bl31_set_next_image_type(uint32_t security_state)
|
|
{
|
|
assert(sec_state_is_valid(security_state));
|
|
next_image_type = security_state;
|
|
}
|
|
|
|
uint32_t bl31_get_next_image_type(void)
|
|
{
|
|
return next_image_type;
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* This function programs EL3 registers and performs other setup to enable entry
|
|
* into the next image after BL31 at the next ERET.
|
|
******************************************************************************/
|
|
void __init bl31_prepare_next_image_entry(void)
|
|
{
|
|
entry_point_info_t *next_image_info;
|
|
uint32_t image_type;
|
|
|
|
#if CTX_INCLUDE_AARCH32_REGS
|
|
/*
|
|
* Ensure that the build flag to save AArch32 system registers in CPU
|
|
* context is not set for AArch64-only platforms.
|
|
*/
|
|
if (el_implemented(1) == EL_IMPL_A64ONLY) {
|
|
ERROR("EL1 supports AArch64-only. Please set build flag "
|
|
"CTX_INCLUDE_AARCH32_REGS = 0\n");
|
|
panic();
|
|
}
|
|
#endif
|
|
|
|
/* Determine which image to execute next */
|
|
image_type = bl31_get_next_image_type();
|
|
|
|
/* Program EL3 registers to enable entry into the next EL */
|
|
next_image_info = bl31_plat_get_next_image_ep_info(image_type);
|
|
assert(next_image_info != NULL);
|
|
assert(image_type == GET_SECURITY_STATE(next_image_info->h.attr));
|
|
|
|
INFO("BL31: Preparing for EL3 exit to %s world\n",
|
|
(image_type == SECURE) ? "secure" : "normal");
|
|
print_entry_point_info(next_image_info);
|
|
cm_init_my_context(next_image_info);
|
|
cm_prepare_el3_exit(image_type);
|
|
}
|
|
|
|
/*******************************************************************************
|
|
* This function initializes the pointer to BL32 init function. This is expected
|
|
* to be called by the SPD after it finishes all its initialization
|
|
******************************************************************************/
|
|
void bl31_register_bl32_init(int32_t (*func)(void))
|
|
{
|
|
bl32_init = func;
|
|
}
|