Juno: Initialize stack protector canary from the trusted entropy source
Change-Id: I7f3e4bfd46613c6311ba4015d56705414fd6feab Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
This commit is contained in:
parent
df9a39eaa9
commit
e6d2aea159
|
@ -83,6 +83,7 @@
|
||||||
#define TRNG_INTMASK 0x14
|
#define TRNG_INTMASK 0x14
|
||||||
#define TRNG_CONFIG 0x18
|
#define TRNG_CONFIG 0x18
|
||||||
#define TRNG_CONTROL 0x1C
|
#define TRNG_CONTROL 0x1C
|
||||||
|
#define TRNG_NBYTES 16 /* Number of bytes generated per round. */
|
||||||
|
|
||||||
/*******************************************************************************
|
/*******************************************************************************
|
||||||
* MMU-401 related constants
|
* MMU-401 related constants
|
||||||
|
|
|
@ -0,0 +1,55 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions are met:
|
||||||
|
*
|
||||||
|
* Redistributions of source code must retain the above copyright notice, this
|
||||||
|
* list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* Redistributions in binary form must reproduce the above copyright notice,
|
||||||
|
* this list of conditions and the following disclaimer in the documentation
|
||||||
|
* and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* Neither the name of ARM nor the names of its contributors may be used
|
||||||
|
* to endorse or promote products derived from this software without specific
|
||||||
|
* prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||||
|
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
||||||
|
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||||
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||||
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||||
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||||
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <arch_helpers.h>
|
||||||
|
#include <debug.h>
|
||||||
|
#include <utils.h>
|
||||||
|
#include "juno_decl.h"
|
||||||
|
#include "juno_def.h"
|
||||||
|
|
||||||
|
u_register_t plat_get_stack_protector_canary(void)
|
||||||
|
{
|
||||||
|
u_register_t c[TRNG_NBYTES / sizeof(u_register_t)];
|
||||||
|
u_register_t ret = 0;
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
if (juno_getentropy(c, sizeof(c)) != 0) {
|
||||||
|
ERROR("Not enough entropy to initialize canary value\n");
|
||||||
|
panic();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* On Juno we get 128-bits of entropy in one round.
|
||||||
|
* Fuse the values together to form the canary.
|
||||||
|
*/
|
||||||
|
for (i = 0; i < ARRAY_SIZE(c); i++)
|
||||||
|
ret ^= c[i];
|
||||||
|
return ret;
|
||||||
|
}
|
|
@ -42,6 +42,9 @@ JUNO_SECURITY_SOURCES := drivers/arm/tzc/tzc400.c \
|
||||||
plat/arm/board/juno/juno_trng.c \
|
plat/arm/board/juno/juno_trng.c \
|
||||||
plat/arm/common/arm_tzc400.c
|
plat/arm/common/arm_tzc400.c
|
||||||
|
|
||||||
|
ifneq (${ENABLE_STACK_PROTECTOR}, 0)
|
||||||
|
JUNO_SECURITY_SOURCES += plat/arm/board/juno/juno_stack_protector.c
|
||||||
|
endif
|
||||||
|
|
||||||
PLAT_INCLUDES := -Iplat/arm/board/juno/include
|
PLAT_INCLUDES := -Iplat/arm/board/juno/include
|
||||||
|
|
||||||
|
@ -52,7 +55,8 @@ BL1_SOURCES += lib/cpus/aarch64/cortex_a53.S \
|
||||||
lib/cpus/aarch64/cortex_a72.S \
|
lib/cpus/aarch64/cortex_a72.S \
|
||||||
plat/arm/board/juno/juno_bl1_setup.c \
|
plat/arm/board/juno/juno_bl1_setup.c \
|
||||||
plat/arm/board/juno/juno_err.c \
|
plat/arm/board/juno/juno_err.c \
|
||||||
${JUNO_INTERCONNECT_SOURCES}
|
${JUNO_INTERCONNECT_SOURCES} \
|
||||||
|
${JUNO_SECURITY_SOURCES}
|
||||||
|
|
||||||
BL2_SOURCES += plat/arm/board/juno/juno_err.c \
|
BL2_SOURCES += plat/arm/board/juno/juno_err.c \
|
||||||
${JUNO_SECURITY_SOURCES}
|
${JUNO_SECURITY_SOURCES}
|
||||||
|
|
Loading…
Reference in New Issue