Introduce BTI support in ROMLIB

When TF-A is compiled with BTI enabled, the branches in the ROMLIB
jumptable must be preceded by a "bti j" instruction.

Moreover, when the additional "bti" instruction is inserted, the
jumptable entries have a distance of 8 bytes between them instead of 4.
Hence, the wrappers are also modified accordinly.

If TF-A is compiled without BTI enabled, the ROMLIB jumptable and
wrappers are generated as before.

Change-Id: Iaa59897668f8e59888d39046233300c2241d8de7
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>

Makefile

@@ -901,7 +901,7 @@ ${SPTOOL}:
 
 .PHONY: libraries
 romlib.bin: libraries
-	${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all
+	${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all
 
 cscope:
 	@echo "  CSCOPE"

lib/romlib/Makefile

@@ -29,6 +29,11 @@ ifeq ($(DEBUG),1)
    LDFLAGS += -Map=$(MAPFILE)
 endif
 
+ifeq (${ARM_ARCH_MINOR},0)
+	ASFLAGS = -march=armv8-a
+else
+	ASFLAGS = -march=armv8.${ARM_ARCH_MINOR}-a
+endif
 
 .PHONY: all clean distclean
 
@@ -60,13 +65,13 @@ $(WRAPPER_DIR)/jmpvar.s: $(BUILD_DIR)/romlib.elf
 
 $(LIB_DIR)/libwrappers.a: $(BUILD_DIR)/jmptbl.i $(WRAPPER_DIR)/jmpvar.o
 	@echo "  AR      $@"
-	$(Q)./genwrappers.sh -b $(WRAPPER_DIR) -o $@ $(BUILD_DIR)/jmptbl.i
+	$(Q)./genwrappers.sh -b $(WRAPPER_DIR) -o $@ --bti=$(ENABLE_BTI) --asflags=$(ASFLAGS) $(BUILD_DIR)/jmptbl.i
 
 $(BUILD_DIR)/jmptbl.i: $(BUILD_DIR)/jmptbl.s
 
 $(BUILD_DIR)/jmptbl.s: ../../$(PLAT_DIR)/jmptbl.i
 	@echo "  TBL     $@"
-	$(Q)./gentbl.sh -o $@ -b $(BUILD_DIR) ../../$(PLAT_DIR)/jmptbl.i
+	$(Q)./gentbl.sh -o $@ -b $(BUILD_DIR) --bti=$(ENABLE_BTI) ../../$(PLAT_DIR)/jmptbl.i
 
 clean:
 	@rm -f $(BUILD_DIR)/*

lib/romlib/gentbl.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 
@@ -19,6 +19,10 @@ do
 		build=$2
 		shift 2
 		;;
+	--bti=*)
+		enable_bti=$(echo $1 | sed 's/--bti=\(.*\)/\1/')
+		shift 1
+		;;
 	--)
 		shift
 		break
@@ -47,12 +51,15 @@ if (NF == 2 && $1 == "include") {
 awk -v OFS="\t" '
 BEGIN{print "#index\tlib\tfunction\t[patch]"}
 {print NR-1, $0}' | tee $build/jmptbl.i |
-awk -v OFS="\n" '
+awk -v OFS="\n" -v BTI=$enable_bti '
 BEGIN {print "\t.text",
              "\t.globl\tjmptbl",
              "jmptbl:"}
       {sub(/[:blank:]*#.*/,"")}
-!/^$/ {if ($3 == "reserved")
+!/^$/ {
+	if (BTI == 1)
+		print "\tbti\tj"
+	if ($3 == "reserved")
 		print "\t.word\t0x0"
 	else
 		print "\tb\t" $3}' > $$.tmp &&

lib/romlib/genwrappers.sh

@@ -19,6 +19,14 @@ do
 		build=$2
 		shift 2
 		;;
+	--bti=*)
+		enable_bti=$(echo $1 | sed 's/--bti=\(.*\)/\1/')
+		shift 1
+		;;
+	--asflags=*)
+		asflags=$(echo $1 | sed 's/--asflags=\(.*\)/\1/')
+		shift 1
+		;;
 	--)
 		shift
 		break
@@ -30,8 +38,13 @@ do
 	esac
 done
 
-awk  '{sub(/[:blank:]*#.*/,"")}
-!/^$/ && $NF != "patch" && $NF != "reserved" {print $1*4, $2, $3}' "$@" |
+awk -v BTI=$enable_bti '
+{sub(/[:blank:]*#.*/,"")}
+!/^$/ && $NF != "patch" && $NF != "reserved" {
+		if (BTI == 1)
+			print $1*8, $2, $3
+		else
+			print $1*4, $2, $3}' "$@" |
 while read idx lib sym
 do
 	file=$build/${lib}_$sym
@@ -39,14 +52,20 @@ do
 	cat <<EOF > $file.s
 	.globl	$sym
 $sym:
+EOF
+if [ $enable_bti = 1 ]
+then
+	echo "\tbti\tjc" >> $file.s
+fi
+	cat <<EOF >> $file.s
 	ldr	x17, =jmptbl
-	ldr	x17, [x17]
 	mov	x16, #$idx
+	ldr	x17, [x17]
 	add	x16, x16, x17
 	br	x16
 EOF
 
-	${CROSS_COMPILE}as -o $file.o $file.s
+	${CROSS_COMPILE}as ${asflags} -o $file.o $file.s
 done
 
 ${CROSS_COMPILE}ar -rc $out $build/*.o