andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge changes I15e7cc43,Id7411bd5,I92bafe70,I8f1c0658 into integration 

* changes:
  stm32mp1: enable PIE for BL32
  stm32mp1: set BL sizes regardless of flags
  Add PIE support for AARCH32
  Avoid the use of linker *_SIZE__ macros
This commit is contained in:
Manish Pandey 2021-04-29 13:57:31 +02:00 committed by TrustedFirmware Code Review
parent 800b8849c0 62fbb31516
commit 08e7cc533e
18 changed files with 240 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -579,11 +579,9 @@ endif
endif
BL31_CFLAGS += -fpie
BL31_LDFLAGS += $(PIE_LDFLAGS)
ifeq ($(ARCH),aarch64)
BL32_CFLAGS += -fpie
BL32_LDFLAGS += $(PIE_LDFLAGS)
endif
endif
ifeq (${ARCH},aarch64)
BL1_CPPFLAGS += -DIMAGE_AT_EL3

5
bl1/aarch32/bl1_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -49,7 +49,8 @@ func bl1_entrypoint
_secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \
_init_memory=1 \
_init_c_runtime=1 \
_exception_vectors=bl1_vector_table
_exception_vectors=bl1_vector_table \
_pie_fixup_size=0
/* -----------------------------------------------------
* Perform BL1 setup

5
bl2/aarch32/bl2_el3_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -26,7 +26,8 @@ func bl2_entrypoint
_secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \
_init_memory=1 \
_init_c_runtime=1 \
_exception_vectors=bl2_vector_table
_exception_vectors=bl2_vector_table \
_pie_fixup_size=0
/*
* Restore parameters of boot rom

8
bl2/aarch32/bl2_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -80,12 +80,14 @@ func bl2_entrypoint
* ---------------------------------------------
*/
ldr r0, =__BSS_START__
ldr r1, =__BSS_SIZE__
ldr r1, =__BSS_END__
sub r1, r1, r0
bl zeromem
#if USE_COHERENT_MEM
ldr r0, =__COHERENT_RAM_START__
ldr r1, =__COHERENT_RAM_UNALIGNED_SIZE__
ldr r1, =__COHERENT_RAM_END_UNALIGNED__
sub r1, r1, r0
bl zeromem
#endif

5
bl2u/aarch32/bl2u_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -79,7 +79,8 @@ func bl2u_entrypoint
* ---------------------------------------------
*/
ldr r0, =__BSS_START__
ldr r1, =__BSS_SIZE__
ldr r1, =__BSS_END__
sub r1, r1, r0
bl zeromem
/* --------------------------------------------

9
bl2u/aarch64/bl2u_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -69,8 +69,11 @@ func bl2u_entrypoint
* - the coherent memory section.
* ---------------------------------------------
*/
ldr x0, =__BSS_START__
ldr x1, =__BSS_SIZE__
adrp x0, __BSS_START__
add x0, x0, :lo12:__BSS_START__
adrp x1, __BSS_END__
add x1, x1, :lo12:__BSS_END__
sub x1, x1, x0
bl zeromem
/* --------------------------------------------

13
bl32/sp_min/aarch32/entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -23,6 +23,8 @@
.globl sp_min_handle_smc
.globl sp_min_handle_fiq
#define FIXUP_SIZE ((BL32_LIMIT) - (BL32_BASE))
.macro route_fiq_to_sp_min reg
/* -----------------------------------------------------
* FIQs are secure interrupts trapped by Monitor and non
@ -87,7 +89,8 @@ func sp_min_entrypoint
_secondary_cold_boot=0 \
_init_memory=0 \
_init_c_runtime=1 \
_exception_vectors=sp_min_vector_table
_exception_vectors=sp_min_vector_table \
_pie_fixup_size=FIXUP_SIZE
/* ---------------------------------------------------------------------
* Relay the previous bootloader's arguments to the platform layer
@ -106,7 +109,8 @@ func sp_min_entrypoint
_secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \
_init_memory=1 \
_init_c_runtime=1 \
_exception_vectors=sp_min_vector_table
_exception_vectors=sp_min_vector_table \
_pie_fixup_size=FIXUP_SIZE
/* ---------------------------------------------------------------------
* For RESET_TO_SP_MIN systems, BL32 (SP_MIN) is the first bootloader
@ -306,7 +310,8 @@ func sp_min_warm_entrypoint
_secondary_cold_boot=0 \
_init_memory=0 \
_init_c_runtime=0 \
_exception_vectors=sp_min_vector_table
_exception_vectors=sp_min_vector_table \
_pie_fixup_size=0
/*
* We're about to enable MMU and participate in PSCI state coordination.

7
bl32/sp_min/sp_min.ld.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -92,6 +92,7 @@ SECTIONS
__RW_START__ = . ;
DATA_SECTION >RAM
RELA_SECTION >RAM
#ifdef BL32_PROGBITS_LIMIT
ASSERT(. <= BL32_PROGBITS_LIMIT, "BL32 progbits has exceeded its limit.")
@ -141,5 +142,9 @@ SECTIONS
__BL32_END__ = .;
/DISCARD/ : {
*(.dynsym .dynstr .hash .gnu.hash)
}
ASSERT(. <= BL32_LIMIT, "BL32 image has exceeded its limit.")
}

16
bl32/tsp/aarch64/tsp_entrypoint.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -114,13 +114,19 @@ func tsp_entrypoint _align=3
* - the coherent memory section.
* ---------------------------------------------
*/
ldr x0, =__BSS_START__
ldr x1, =__BSS_SIZE__
adrp x0, __BSS_START__
add x0, x0, :lo12:__BSS_START__
adrp x1, __BSS_END__
add x1, x1, :lo12:__BSS_END__
sub x1, x1, x0
bl zeromem
#if USE_COHERENT_MEM
ldr x0, =__COHERENT_RAM_START__
ldr x1, =__COHERENT_RAM_UNALIGNED_SIZE__
adrp x0, __COHERENT_RAM_START__
add x0, x0, :lo12:__COHERENT_RAM_START__
adrp x1, __COHERENT_RAM_END_UNALIGNED__
add x1, x1, :lo12:__COHERENT_RAM_END_UNALIGNED__
sub x1, x1, x0
bl zeromem
#endif

5
docs/getting_started/build-options.rst
View File

@ -252,7 +252,8 @@ Common build options
- ``ENABLE_PIE``: Boolean option to enable Position Independent Executable(PIE)
support within generic code in TF-A. This option is currently only supported
in BL2_AT_EL3, BL31, and BL32 (TSP). Default is 0.
in BL2_AT_EL3, BL31, and BL32 (TSP) for AARCH64 binaries, and in BL32
(SP_min) for AARCH32. Default is 0.
- ``ENABLE_PMF``: Boolean option to enable support for optional Performance
Measurement Framework(PMF). Default is 0.
@ -847,4 +848,4 @@ commands can be used:
--------------
*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*

44
include/arch/aarch32/el3_common_macros.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -10,6 +10,9 @@
#include <arch.h>
#include <asm_macros.S>
#include <assert_macros.S>
#include <lib/xlat_tables/xlat_tables_defs.h>
#define PAGE_START_MASK ~(PAGE_SIZE_MASK)
/*
* Helper macro to initialise EL3 registers we care about.
@ -199,11 +202,18 @@
*
* _exception_vectors:
* Address of the exception vectors to program in the VBAR_EL3 register.
*
* _pie_fixup_size:
* Size of memory region to fixup Global Descriptor Table (GDT).
*
* A non-zero value is expected when firmware needs GDT to be fixed-up.
*
* -----------------------------------------------------------------------------
*/
.macro el3_entrypoint_common \
_init_sctlr, _warm_boot_mailbox, _secondary_cold_boot, \
_init_memory, _init_c_runtime, _exception_vectors
_init_memory, _init_c_runtime, _exception_vectors, \
_pie_fixup_size
/* Make sure we are in Secure Mode */
#if ENABLE_ASSERTIONS
@ -259,6 +269,27 @@
bxne r0
.endif /* _warm_boot_mailbox */
.if \_pie_fixup_size
#if ENABLE_PIE
/*
* ------------------------------------------------------------
* If PIE is enabled fixup the Global descriptor Table only
* once during primary core cold boot path.
*
* Compile time base address, required for fixup, is calculated
* using "pie_fixup" label present within first page.
* ------------------------------------------------------------
*/
pie_fixup:
ldr r0, =pie_fixup
ldr r1, =PAGE_START_MASK
and r0, r0, r1
mov_imm r1, \_pie_fixup_size
add r1, r1, r0
bl fixup_gdt_reloc
#endif /* ENABLE_PIE */
.endif /* _pie_fixup_size */
/* ---------------------------------------------------------------------
* Set the exception vectors (VBAR/MVBAR).
* ---------------------------------------------------------------------
@ -339,12 +370,14 @@
*/
mov r7, r12
ldr r0, =__BSS_START__
ldr r1, =__BSS_SIZE__
ldr r1, =__BSS_END__
sub r1, r1, r0
bl zeromem
#if USE_COHERENT_MEM
ldr r0, =__COHERENT_RAM_START__
ldr r1, =__COHERENT_RAM_UNALIGNED_SIZE__
ldr r1, =__COHERENT_RAM_END_UNALIGNED__
sub r1, r1, r0
bl zeromem
#endif
@ -358,7 +391,8 @@
*/
ldr r0, =__DATA_RAM_START__
ldr r1, =__DATA_ROM_START__
ldr r2, =__DATA_SIZE__
ldr r2, =__DATA_RAM_END__
sub r2, r2, r0
bl memcpy4
#endif
.endif /* _init_c_runtime */

14
include/common/bl_common.ld.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -105,10 +105,18 @@
* .rela.dyn needs to come after .data for the read-elf utility to parse
* this section correctly.
*/
#if __aarch64__
#define RELA_DYN_NAME .rela.dyn
#define RELOC_SECTIONS_PATTERN *(.rela*)
#else
#define RELA_DYN_NAME .rel.dyn
#define RELOC_SECTIONS_PATTERN *(.rel*)
#endif
#define RELA_SECTION \
.rela.dyn : ALIGN(STRUCT_ALIGN) { \
RELA_DYN_NAME : ALIGN(STRUCT_ALIGN) { \
__RELA_START__ = .; \
*(.rela*) \
RELOC_SECTIONS_PATTERN \
__RELA_END__ = .; \
}

128
lib/aarch32/misc_helpers.S
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -7,6 +7,8 @@
#include <arch.h>
#include <asm_macros.S>
#include <assert_macros.S>
#include <common/bl_common.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
.globl smc
.globl zeromem
@ -14,6 +16,9 @@
.globl memcpy4
.globl disable_mmu_icache_secure
.globl disable_mmu_secure
.globl fixup_gdt_reloc
#define PAGE_START_MASK ~(PAGE_SIZE_MASK)
func smc
/*
@ -187,3 +192,124 @@ func disable_mmu_icache_secure
ldr r1, =(SCTLR_M_BIT | SCTLR_C_BIT | SCTLR_I_BIT)
b do_disable_mmu
endfunc disable_mmu_icache_secure
/* ---------------------------------------------------------------------------
* Helper to fixup Global Descriptor table (GDT) and dynamic relocations
* (.rel.dyn) at runtime.
*
* This function is meant to be used when the firmware is compiled with -fpie
* and linked with -pie options. We rely on the linker script exporting
* appropriate markers for start and end of the section. For GOT, we
* expect __GOT_START__ and __GOT_END__. Similarly for .rela.dyn, we expect
* __RELA_START__ and __RELA_END__.
*
* The function takes the limits of the memory to apply fixups to as
* arguments (which is usually the limits of the relocable BL image).
* r0 - the start of the fixup region
* r1 - the limit of the fixup region
* These addresses have to be 4KB page aligned.
* ---------------------------------------------------------------------------
*/
/* Relocation codes */
#define R_ARM_RELATIVE 23
func fixup_gdt_reloc
mov r6, r0
mov r7, r1
#if ENABLE_ASSERTIONS
/* Test if the limits are 4K aligned */
orr r0, r0, r1
mov r1, #(PAGE_SIZE_MASK)
tst r0, r1
ASM_ASSERT(eq)
#endif
/*
* Calculate the offset based on return address in lr.
* Assume that this function is called within a page at the start of
* fixup region.
*/
ldr r1, =PAGE_START_MASK
and r2, lr, r1
subs r0, r2, r6 /* Diff(S) = Current Address - Compiled Address */
beq 3f /* Diff(S) = 0. No relocation needed */
ldr r1, =__GOT_START__
add r1, r1, r0
ldr r2, =__GOT_END__
add r2, r2, r0
/*
* GOT is an array of 32_bit addresses which must be fixed up as
* new_addr = old_addr + Diff(S).
* The new_addr is the address currently the binary is executing from
* and old_addr is the address at compile time.
*/
1: ldr r3, [r1]
/* Skip adding offset if address is < lower limit */
cmp r3, r6
blo 2f
/* Skip adding offset if address is > upper limit */
cmp r3, r7
bhi 2f
add r3, r3, r0
str r3, [r1]
2: add r1, r1, #4
cmp r1, r2
blo 1b
/* Starting dynamic relocations. Use ldr to get RELA_START and END */
3: ldr r1, =__RELA_START__
add r1, r1, r0
ldr r2, =__RELA_END__
add r2, r2, r0
/*
* According to ELF-32 specification, the RELA data structure is as
* follows:
* typedef struct {
* Elf32_Addr r_offset;
* Elf32_Xword r_info;
* } Elf32_Rela;
*
* r_offset is address of reference
* r_info is symbol index and type of relocation (in this case
* code 23 which corresponds to R_ARM_RELATIVE).
*
* Size of Elf32_Rela structure is 8 bytes.
*/
/* Skip R_ARM_NONE entry with code 0 */
1: ldr r3, [r1, #4]
ands r3, r3, #0xff
beq 2f
#if ENABLE_ASSERTIONS
/* Assert that the relocation type is R_ARM_RELATIVE */
cmp r3, #R_ARM_RELATIVE
ASM_ASSERT(eq)
#endif
ldr r3, [r1] /* r_offset */
add r3, r0, r3 /* Diff(S) + r_offset */
ldr r4, [r3]
/* Skip adding offset if address is < lower limit */
cmp r4, r6
blo 2f
/* Skip adding offset if address is >= upper limit */
cmp r4, r7
bhs 2f
add r4, r0, r4
str r4, [r3]
2: add r1, r1, #8
cmp r1, r2
blo 1b
bx lr
endfunc fixup_gdt_reloc

7
plat/st/stm32mp1/bl2_plat_setup.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -188,11 +188,6 @@ void bl2_el3_plat_arch_setup(void)
mmap_add_region(STM32MP_OPTEE_BASE, STM32MP_OPTEE_BASE,
STM32MP_OPTEE_SIZE,
MT_MEMORY | MT_RW | MT_SECURE);
#else
/* Prevent corruption of preloaded BL32 */
mmap_add_region(BL32_BASE, BL32_BASE,
BL32_LIMIT - BL32_BASE,
MT_RO_DATA | MT_SECURE);
#endif
/* Prevent corruption of preloaded Device Tree */
mmap_add_region(DTB_BASE, DTB_BASE,

7
plat/st/stm32mp1/include/platform_def.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -68,10 +68,15 @@
* BL32 specific defines.
******************************************************************************/
#ifndef AARCH32_SP_OPTEE
#if ENABLE_PIE
#define BL32_BASE 0
#define BL32_LIMIT STM32MP_BL32_SIZE
#else
#define BL32_BASE STM32MP_BL32_BASE
#define BL32_LIMIT (STM32MP_BL32_BASE + \
STM32MP_BL32_SIZE)
#endif
#endif
/*******************************************************************************
* BL33 specific defines.

8
plat/st/stm32mp1/plat_bl2_mem_params_desc.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -28,7 +28,7 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
SECURE | EXECUTABLE | EP_FIRST_EXE),
#if !defined(AARCH32_SP_OPTEE)
.ep_info.pc = BL32_BASE,
.ep_info.pc = STM32MP_BL32_BASE,
#endif
.ep_info.spsr = SPSR_MODE32(MODE32_svc, SPSR_T_ARM,
SPSR_E_LITTLE,
@ -42,8 +42,8 @@ static bl_mem_params_node_t bl2_mem_params_descs[] = {
.image_info.image_base = STM32MP_OPTEE_BASE,
.image_info.image_max_size = STM32MP_OPTEE_SIZE,
#else
.image_info.image_base = BL32_BASE,
.image_info.image_max_size = BL32_LIMIT - BL32_BASE,
.image_info.image_base = STM32MP_BL32_BASE,
.image_info.image_max_size = STM32MP_BL32_SIZE,
#endif
.next_handoff_image_id = BL33_IMAGE_ID,
},

4
plat/st/stm32mp1/platform.mk
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@ -9,6 +9,8 @@ ARM_WITH_NEON := yes
BL2_AT_EL3 := 1
USE_COHERENT_MEM := 0
ENABLE_PIE := 1
STM32_TF_VERSION ?= 0
# Enable dynamic memory mapping

16
plat/st/stm32mp1/stm32mp1_def.h
View File

@ -117,30 +117,14 @@ enum ddr_type {
#define STM32MP_OPTEE_SIZE (STM32MP_DTB_BASE - \
STM32MP_OPTEE_BASE)
#else
#if STACK_PROTECTOR_ENABLED
#define STM32MP_BL32_SIZE U(0x00012000) /* 72 KB for BL32 */
#else
#define STM32MP_BL32_SIZE U(0x00011000) /* 68 KB for BL32 */
#endif
#endif
#define STM32MP_BL32_BASE (STM32MP_SEC_SYSRAM_BASE + \
STM32MP_SEC_SYSRAM_SIZE - \
STM32MP_BL32_SIZE)
#ifdef AARCH32_SP_OPTEE
#if STACK_PROTECTOR_ENABLED
#define STM32MP_BL2_SIZE U(0x0001A000) /* 100 KB for BL2 */
#else
#define STM32MP_BL2_SIZE U(0x00018000) /* 92 KB for BL2 */
#endif
#else
#if STACK_PROTECTOR_ENABLED
#define STM32MP_BL2_SIZE U(0x00019000) /* 96 KB for BL2 */
#else
#define STM32MP_BL2_SIZE U(0x00017000) /* 88 KB for BL2 */
#endif
#endif
#define STM32MP_BL2_BASE (STM32MP_BL32_BASE - \
STM32MP_BL2_SIZE)