BL2: Enable pointer authentication support

The size increase after enabling options related to ARMv8.3-PAuth is:

+----------------------------+-------+-------+-------+--------+
|                            |  text |  bss  |  data | rodata |
+----------------------------+-------+-------+-------+--------+
| CTX_INCLUDE_PAUTH_REGS = 1 |   +40 |   +0  |   +0  |   +0   |
|                            |  0.2% |       |       |        |
+----------------------------+-------+-------+-------+--------+
| ENABLE_PAUTH = 1           |  +664 |   +0  |  +16  |   +0   |
|                            |  3.1% |       |  0.9% |        |
+----------------------------+-------+-------+-------+--------+

Results calculated with the following build configuration:

    make PLAT=fvp SPD=tspd DEBUG=1 \
    SDEI_SUPPORT=1                 \
    EL3_EXCEPTION_HANDLING=1       \
    TSP_NS_INTR_ASYNC_PREEMPT=1    \
    CTX_INCLUDE_PAUTH_REGS=1       \
    ENABLE_PAUTH=1

The changes for BL2_AT_EL3 aren't done in this commit.

Change-Id: I8c803b40c7160525a06173bc6cdca21c4505837d
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

bl2/aarch32/bl2_entrypoint.S

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -108,16 +108,15 @@ func bl2_entrypoint
 #endif
 
 	/* ---------------------------------------------
-	 * Perform early platform setup & platform
-	 * specific early arch. setup e.g. mmu setup
+	 * Perform BL2 setup
 	 * ---------------------------------------------
 	 */
 	mov	r0, r9
 	mov	r1, r10
 	mov	r2, r11
 	mov	r3, r12
-	bl	bl2_early_platform_setup2
-	bl	bl2_plat_arch_setup
+
+	bl	bl2_setup
 
 	/* ---------------------------------------------
 	 * Jump to main function.

bl2/aarch64/bl2_entrypoint.S

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -106,17 +106,25 @@ func bl2_entrypoint
 #endif
 
 	/* ---------------------------------------------
-	 * Perform early platform setup & platform
-	 * specific early arch. setup e.g. mmu setup
+	 * Perform BL2 setup
 	 * ---------------------------------------------
 	 */
 	mov	x0, x20
 	mov	x1, x21
 	mov	x2, x22
 	mov	x3, x23
-	bl	bl2_early_platform_setup2
+	bl	bl2_setup
 
-	bl	bl2_plat_arch_setup
+	/* ---------------------------------------------
+	 * Enable pointer authentication
+	 * ---------------------------------------------
+	 */
+#if ENABLE_PAUTH
+	mrs	x0, sctlr_el1
+	orr	x0, x0, #SCTLR_EnIA_BIT
+	msr	sctlr_el1, x0
+	isb
+#endif /* ENABLE_PAUTH */
 
 	/* ---------------------------------------------
 	 * Jump to main function.

bl2/bl2.mk

@@ -1,10 +1,11 @@
 #
-# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
 
-BL2_SOURCES		+=	bl2/bl2_main.c				\
+BL2_SOURCES		+=	bl2/bl2_image_load_v2.c			\
+				bl2/bl2_main.c				\
 				bl2/${ARCH}/bl2_arch_setup.c		\
 				lib/locks/exclusive/${ARCH}/spinlock.S	\
 				plat/common/${ARCH}/platform_up_stack.S	\
@@ -14,7 +15,9 @@ ifeq (${ARCH},aarch64)
 BL2_SOURCES		+=	common/aarch64/early_exceptions.S
 endif
 
-BL2_SOURCES		+=	bl2/bl2_image_load_v2.c
+ifeq (${ENABLE_PAUTH},1)
+BL2_CFLAGS		+=	-msign-return-address=non-leaf
+endif
 
 ifeq (${BL2_AT_EL3},0)
 BL2_SOURCES		+=	bl2/${ARCH}/bl2_entrypoint.S

bl2/bl2_main.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -21,6 +21,29 @@
 #define NEXT_IMAGE	"BL31"
 #endif
 
+/*******************************************************************************
+ * Setup function for BL2.
+ ******************************************************************************/
+void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
+	       u_register_t arg3)
+{
+	/* Perform early platform-specific setup */
+	bl2_early_platform_setup2(arg0, arg1, arg2, arg3);
+
+#ifdef AARCH64
+	/*
+	 * Update pointer authentication key before the MMU is enabled. It is
+	 * saved in the rodata section, that can be writen before enabling the
+	 * MMU. This function must be called after the console is initialized
+	 * in the early platform setup.
+	 */
+	bl_handle_pauth();
+#endif /* AARCH64 */
+
+	/* Perform late platform-specific setup */
+	bl2_plat_arch_setup();
+}
+
 /*******************************************************************************
  * The only thing to do in BL2 is to load further images and pass control to
  * next BL. The memory occupied by BL2 will be reclaimed by BL3x stages. BL2

include/bl2/bl2.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -7,6 +7,10 @@
 #ifndef BL2_H
 #define BL2_H
 
+#include <stdint.h>
+
+void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
+	       u_register_t arg3);
 void bl2_main(void);
 
 #endif /* BL2_H */