diff --git a/bl1/aarch32/bl1_entrypoint.S b/bl1/aarch32/bl1_entrypoint.S index 3f0cbaf4b..6a155660b 100644 --- a/bl1/aarch32/bl1_entrypoint.S +++ b/bl1/aarch32/bl1_entrypoint.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -52,12 +52,10 @@ func bl1_entrypoint _exception_vectors=bl1_vector_table /* ----------------------------------------------------- - * Perform early platform setup & platform - * specific early arch. setup e.g. mmu setup + * Perform BL1 setup * ----------------------------------------------------- */ - bl bl1_early_platform_setup - bl bl1_plat_arch_setup + bl bl1_setup /* ----------------------------------------------------- * Jump to main function. diff --git a/bl1/aarch64/bl1_entrypoint.S b/bl1/aarch64/bl1_entrypoint.S index f7e02e974..0f8d5aaca 100644 --- a/bl1/aarch64/bl1_entrypoint.S +++ b/bl1/aarch64/bl1_entrypoint.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -32,24 +32,42 @@ func bl1_entrypoint _init_c_runtime=1 \ _exception_vectors=bl1_exceptions - /* --------------------------------------------- - * Architectural init. can be generic e.g. - * enabling stack alignment and platform spec- - * ific e.g. MMU & page table setup as per the - * platform memory map. Perform the latter here - * and the former in bl1_main. - * --------------------------------------------- + /* -------------------------------------------------------------------- + * Perform BL1 setup + * -------------------------------------------------------------------- */ - bl bl1_early_platform_setup - bl bl1_plat_arch_setup + bl bl1_setup - /* -------------------------------------------------- + /* -------------------------------------------------------------------- + * Enable pointer authentication + * -------------------------------------------------------------------- + */ +#if ENABLE_PAUTH + mrs x0, sctlr_el3 + orr x0, x0, #SCTLR_EnIA_BIT + msr sctlr_el3, x0 + isb +#endif /* ENABLE_PAUTH */ + + /* -------------------------------------------------------------------- * Initialize platform and jump to our c-entry point * for this type of reset. - * -------------------------------------------------- + * -------------------------------------------------------------------- */ bl bl1_main + /* -------------------------------------------------------------------- + * Disable pointer authentication before jumping to BL31 or that will + * cause an authentication failure during the early platform init. + * -------------------------------------------------------------------- + */ +#if ENABLE_PAUTH + mrs x0, sctlr_el3 + bic x0, x0, #SCTLR_EnIA_BIT + msr sctlr_el3, x0 + isb +#endif /* ENABLE_PAUTH */ + /* -------------------------------------------------- * Do the transition to next boot image. * -------------------------------------------------- diff --git a/bl1/bl1.mk b/bl1/bl1.mk index ec7d7280b..7f1a82306 100644 --- a/bl1/bl1.mk +++ b/bl1/bl1.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -21,6 +21,10 @@ BL1_SOURCES += lib/cpus/aarch64/dsu_helpers.S \ lib/el3_runtime/aarch64/context.S endif +ifeq (${ENABLE_PAUTH},1) +BL1_CFLAGS += -msign-return-address=non-leaf +endif + ifeq (${TRUSTED_BOARD_BOOT},1) BL1_SOURCES += bl1/bl1_fwu.c endif diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c index d2c2b4173..fce14f55f 100644 --- a/bl1/bl1_main.c +++ b/bl1/bl1_main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -51,6 +51,28 @@ void bl1_calc_bl2_mem_layout(const meminfo_t *bl1_mem_layout, flush_dcache_range((unsigned long)bl2_mem_layout, sizeof(meminfo_t)); } +/******************************************************************************* + * Setup function for BL1. + ******************************************************************************/ +void bl1_setup(void) +{ + /* Perform early platform-specific setup */ + bl1_early_platform_setup(); + +#ifdef AARCH64 + /* + * Update pointer authentication key before the MMU is enabled. It is + * saved in the rodata section, that can be writen before enabling the + * MMU. This function must be called after the console is initialized + * in the early platform setup. + */ + bl_handle_pauth(); +#endif /* AARCH64 */ + + /* Perform late platform-specific setup */ + bl1_plat_arch_setup(); +} + /******************************************************************************* * Function to perform late architectural and platform specific initialization. * It also queries the platform to load and run next BL image. Only called diff --git a/include/bl1/bl1.h b/include/bl1/bl1.h index 7b5d87572..937b8c7e8 100644 --- a/include/bl1/bl1.h +++ b/include/bl1/bl1.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -83,6 +83,7 @@ register_t bl1_smc_handler(unsigned int smc_fid, void bl1_print_next_bl_ep_info(const struct entry_point_info *bl_ep_info); +void bl1_setup(void); void bl1_main(void); void bl1_plat_prepare_exit(entry_point_info_t *ep_info);