diff --git a/Makefile b/Makefile index a238ee444..1baacf0f1 100644 --- a/Makefile +++ b/Makefile @@ -277,6 +277,10 @@ ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" ENABLE_FEAT_ECV = 1 endif +ifeq "8.4" "$(word 1, $(sort 8.4 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))" +ENABLE_FEAT_DIT = 1 +endif + ifneq ($(findstring armclang,$(notdir $(CC))),) TF_CFLAGS_aarch32 = -target arm-arm-none-eabi $(march32-directive) TF_CFLAGS_aarch64 = -target aarch64-arm-none-eabi $(march64-directive) @@ -1040,6 +1044,7 @@ $(eval $(call assert_booleans,\ USE_SP804_TIMER \ ENABLE_FEAT_RNG \ ENABLE_FEAT_SB \ + ENABLE_FEAT_DIT \ PSA_FWU_SUPPORT \ ENABLE_TRBE_FOR_NS \ ENABLE_SYS_REG_TRACE_FOR_NS \ @@ -1154,6 +1159,7 @@ $(eval $(call add_defines,\ USE_SP804_TIMER \ ENABLE_FEAT_RNG \ ENABLE_FEAT_SB \ + ENABLE_FEAT_DIT \ NR_OF_FW_BANKS \ NR_OF_IMAGES_IN_FW_BANK \ PSA_FWU_SUPPORT \ diff --git a/bl1/aarch64/bl1_exceptions.S b/bl1/aarch64/bl1_exceptions.S index 9dc9e6cd5..c54219fc1 100644 --- a/bl1/aarch64/bl1_exceptions.S +++ b/bl1/aarch64/bl1_exceptions.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -224,7 +224,7 @@ smc_handler: * TODO: Revisit to store only SMCCC specified registers. * ----------------------------------------------------- */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry #if ENABLE_PAUTH /* ----------------------------------------------------- diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S index f9c789f54..fa6ede823 100644 --- a/bl31/aarch64/ea_delegate.S +++ b/bl31/aarch64/ea_delegate.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -92,8 +92,9 @@ func enter_lower_el_sync_ea * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter. + * Also set the PSTATE to a known state. */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry #if ENABLE_PAUTH /* Load and program APIAKey firmware key */ @@ -139,8 +140,9 @@ handle_lower_el_async_ea: * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter. + * Also set the PSTATE to a known state. */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry #if ENABLE_PAUTH /* Load and program APIAKey firmware key */ diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S index 0d0a12d3e..bf5bd8d8d 100644 --- a/bl31/aarch64/runtime_exceptions.S +++ b/bl31/aarch64/runtime_exceptions.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -71,8 +71,9 @@ * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter. + * Also set the PSTATE to a known state. */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry bl handle_lower_el_ea_esb @@ -209,8 +210,9 @@ exp_from_EL3: * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter. + * Also set the PSTATE to a known state. */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry #if ENABLE_PAUTH /* Load and program APIAKey firmware key */ @@ -462,8 +464,9 @@ smc_handler64: * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when * ARMv8.5-PMU is implemented, save PMCR_EL0 and disable Cycle Counter. + * Also set the PSTATE to a known state. */ - bl save_gp_pmcr_pauth_regs + bl prepare_el3_entry #if ENABLE_PAUTH /* Load and program APIAKey firmware key */ diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c index 55e153212..522c1b403 100644 --- a/bl32/tsp/tsp_main.c +++ b/bl32/tsp/tsp_main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -370,6 +370,7 @@ tsp_args_t *tsp_smc_handler(uint64_t func, uint64_t service_arg1; uint64_t results[2]; uint32_t linear_id = plat_my_core_pos(); + u_register_t dit; /* Update this cpu's statistics */ tsp_stats[linear_id].smc_count++; @@ -424,6 +425,23 @@ tsp_args_t *tsp_smc_handler(uint64_t func, results[0] /= service_arg0 ? service_arg0 : 1; results[1] /= service_arg1 ? service_arg1 : 1; break; + case TSP_CHECK_DIT: + if (!is_armv8_4_dit_present()) { +#if LOG_LEVEL >= LOG_LEVEL_ERROR + spin_lock(&console_lock); + ERROR("DIT not supported\n"); + spin_unlock(&console_lock); +#endif + results[0] = 0; + results[1] = 0xffff; + break; + } + dit = read_dit(); + results[0] = dit == service_arg0; + results[1] = dit; + /* Toggle the dit bit */ + write_dit(service_arg0 != 0U ? 0 : DIT_BIT); + break; default: break; } diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h index 46cd1c982..a260f0316 100644 --- a/include/arch/aarch64/arch_features.h +++ b/include/arch/aarch64/arch_features.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2021, Arm Limited. All rights reserved. + * Copyright (c) 2019-2022, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -46,6 +46,12 @@ static inline bool is_armv8_3_pauth_present(void) return (read_id_aa64isar1_el1() & mask) != 0U; } +static inline bool is_armv8_4_dit_present(void) +{ + return ((read_id_aa64pfr0_el1() >> ID_AA64PFR0_DIT_SHIFT) & + ID_AA64PFR0_DIT_MASK) == 1U; +} + static inline bool is_armv8_4_ttst_present(void) { return ((read_id_aa64mmfr2_el1() >> ID_AA64MMFR2_EL1_ST_SHIFT) & diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h index 733bb23c4..009eb90e9 100644 --- a/include/arch/aarch64/arch_helpers.h +++ b/include/arch/aarch64/arch_helpers.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -529,6 +529,9 @@ DEFINE_RENAME_SYSREG_READ_FUNC(id_aa64mmfr2_el1, ID_AA64MMFR2_EL1) DEFINE_RENAME_SYSREG_RW_FUNCS(apiakeyhi_el1, APIAKeyHi_EL1) DEFINE_RENAME_SYSREG_RW_FUNCS(apiakeylo_el1, APIAKeyLo_EL1) +/* Armv8.4 Data Independent Timing Register */ +DEFINE_RENAME_SYSREG_RW_FUNCS(dit, DIT) + /* Armv8.5 MTE Registers */ DEFINE_RENAME_SYSREG_RW_FUNCS(tfsre0_el1, TFSRE0_EL1) DEFINE_RENAME_SYSREG_RW_FUNCS(tfsr_el1, TFSR_EL1) diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S index f29def7f3..d47244ebd 100644 --- a/include/arch/aarch64/el3_common_macros.S +++ b/include/arch/aarch64/el3_common_macros.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2021, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,6 +9,7 @@ #include #include +#include #include #include @@ -237,15 +238,20 @@ /* * If Data Independent Timing (DIT) functionality is implemented, - * always enable DIT in EL3 + * always enable DIT in EL3. + * First assert that the FEAT_DIT build flag matches the feature id + * register value for DIT. */ +#if ENABLE_FEAT_DIT +#if ENABLE_ASSERTIONS mrs x0, id_aa64pfr0_el1 ubfx x0, x0, #ID_AA64PFR0_DIT_SHIFT, #ID_AA64PFR0_DIT_LENGTH cmp x0, #ID_AA64PFR0_DIT_SUPPORTED - bne 1f + ASM_ASSERT(eq) +#endif /* ENABLE_ASSERTIONS */ mov x0, #DIT_BIT msr DIT, x0 -1: +#endif .endm /* ----------------------------------------------------------------------------- diff --git a/include/bl32/tsp/tsp.h b/include/bl32/tsp/tsp.h index 637e14abf..285bfbe29 100644 --- a/include/bl32/tsp/tsp.h +++ b/include/bl32/tsp/tsp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -41,6 +41,7 @@ #define TSP_MUL 0x2002 #define TSP_DIV 0x2003 #define TSP_HANDLE_SEL1_INTR_AND_RETURN 0x2004 +#define TSP_CHECK_DIT 0x2005 /* * Identify a TSP service from function ID filtering the last 16 bits from the diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S index c9035e8e3..c1c061237 100644 --- a/lib/el3_runtime/aarch64/context.S +++ b/lib/el3_runtime/aarch64/context.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -21,7 +21,7 @@ .global fpregs_context_save .global fpregs_context_restore #endif - .global save_gp_pmcr_pauth_regs + .global prepare_el3_entry .global restore_gp_pmcr_pauth_regs .global save_and_update_ptw_el1_sys_regs .global el3_exit @@ -682,8 +682,24 @@ func fpregs_context_restore endfunc fpregs_context_restore #endif /* CTX_INCLUDE_FPREGS */ + /* + * Set the PSTATE bits not set when the exception was taken as + * described in the AArch64.TakeException() pseudocode function + * in ARM DDI 0487F.c page J1-7635 to a default value. + */ + .macro set_unset_pstate_bits + /* + * If Data Independent Timing (DIT) functionality is implemented, + * always enable DIT in EL3 + */ +#if ENABLE_FEAT_DIT + mov x8, #DIT_BIT + msr DIT, x8 +#endif /* ENABLE_FEAT_DIT */ + .endm /* set_unset_pstate_bits */ + /* ------------------------------------------------------------------ - * The following function is used to save and restore all the general + * The following macro is used to save and restore all the general * purpose and ARMv8.3-PAuth (if enabled) registers. * It also checks if Secure Cycle Counter is not disabled in MDCR_EL3 * when ARMv8.5-PMU is implemented, and if called from Non-secure @@ -693,12 +709,10 @@ endfunc fpregs_context_restore * when a world switch occurs but that type of implementation is more * complex. So currently we will always save and restore these * registers on entry and exit of EL3. - * These are not macros to ensure their invocation fits within the 32 - * instructions per exception vector. * clobbers: x18 * ------------------------------------------------------------------ */ -func save_gp_pmcr_pauth_regs + .macro save_gp_pmcr_pauth_regs stp x0, x1, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X0] stp x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2] stp x4, x5, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X4] @@ -769,9 +783,28 @@ func save_gp_pmcr_pauth_regs stp x26, x27, [x19, #CTX_PACDBKEY_LO] stp x28, x29, [x19, #CTX_PACGAKEY_LO] #endif /* CTX_INCLUDE_PAUTH_REGS */ + .endm /* save_gp_pmcr_pauth_regs */ +/* ----------------------------------------------------------------- + * This function saves the context and sets the PSTATE to a known + * state, preparing entry to el3. + * Save all the general purpose and ARMv8.3-PAuth (if enabled) + * registers. + * Then set any of the PSTATE bits that are not set by hardware + * according to the Aarch64.TakeException pseudocode in the Arm + * Architecture Reference Manual to a default value for EL3. + * clobbers: x17 + * ----------------------------------------------------------------- + */ +func prepare_el3_entry + save_gp_pmcr_pauth_regs + /* + * Set the PSTATE bits not described in the Aarch64.TakeException + * pseudocode to their default values. + */ + set_unset_pstate_bits ret -endfunc save_gp_pmcr_pauth_regs +endfunc prepare_el3_entry /* ------------------------------------------------------------------ * This function restores ARMv8.3-PAuth (if enabled) and all general diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 551b68977..b39dcf40f 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2016-2021, Arm Limited. All rights reserved. +# Copyright (c) 2016-2022, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -145,6 +145,9 @@ ENABLE_FEAT_FGT := 0 # Flag to enable access to the CNTPOFF_EL2 register ENABLE_FEAT_ECV := 0 +# Flag to enable use of the DIT feature. +ENABLE_FEAT_DIT := 0 + # By default BL31 encryption disabled ENCRYPT_BL31 := 0 diff --git a/services/spd/tspd/tspd_main.c b/services/spd/tspd/tspd_main.c index 29fc238ae..6cb4992a2 100644 --- a/services/spd/tspd/tspd_main.c +++ b/services/spd/tspd/tspd_main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -570,6 +570,11 @@ static uintptr_t tspd_smc_handler(uint32_t smc_fid, case TSP_YIELD_FID(TSP_SUB): case TSP_YIELD_FID(TSP_MUL): case TSP_YIELD_FID(TSP_DIV): + /* + * Request from non-secure client to perform a check + * of the DIT PSTATE bit. + */ + case TSP_YIELD_FID(TSP_CHECK_DIT): if (ns) { /* * This is a fresh request from the non-secure client.