diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S index 48f6981..710b458 100644 --- a/bl32/tsp/aarch64/tsp_entrypoint.S +++ b/bl32/tsp/aarch64/tsp_entrypoint.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -122,12 +122,21 @@ #endif /* --------------------------------------------- - * Perform early platform setup & platform - * specific early arch. setup e.g. mmu setup + * Perform TSP setup * --------------------------------------------- */ - bl tsp_early_platform_setup - bl tsp_plat_arch_setup + bl tsp_setup + + /* --------------------------------------------- + * Enable pointer authentication + * --------------------------------------------- + */ +#if ENABLE_PAUTH + mrs x0, sctlr_el1 + orr x0, x0, #SCTLR_EnIA_BIT + msr sctlr_el1, x0 + isb +#endif /* ENABLE_PAUTH */ /* --------------------------------------------- * Jump to main function. diff --git a/bl32/tsp/tsp.mk b/bl32/tsp/tsp.mk index 4ea3dfb..b1fe7ff 100644 --- a/bl32/tsp/tsp.mk +++ b/bl32/tsp/tsp.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -17,6 +17,11 @@ BL32_LINKERFILE := bl32/tsp/tsp.ld.S +# This flag determines whether pointer authentication is used in the TSP or not +ifeq ($(ENABLE_PAUTH),1) +BL32_CFLAGS += -msign-return-address=non-leaf +endif + # This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous # method) or configures BL31 to pass control to BL32 instead of BL33 # (asynchronous method). diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c index 407ed47..30bf6ff 100644 --- a/bl32/tsp/tsp_main.c +++ b/bl32/tsp/tsp_main.c @@ -72,6 +72,26 @@ } /******************************************************************************* + * Setup function for TSP. + ******************************************************************************/ +void tsp_setup(void) +{ + /* Perform early platform-specific setup */ + tsp_early_platform_setup(); + + /* + * Update pointer authentication key before the MMU is enabled. It is + * saved in the rodata section, that can be writen before enabling the + * MMU. This function must be called after the console is initialized + * in the early platform setup. + */ + bl_handle_pauth(); + + /* Perform late platform-specific setup */ + tsp_plat_arch_setup(); +} + +/******************************************************************************* * TSP main entry point where it gets the opportunity to initialize its secure * state/applications. Once the state is initialized, it must return to the * SPD with a pointer to the 'tsp_vector_table' jump table. diff --git a/include/bl32/tsp/tsp.h b/include/bl32/tsp/tsp.h index ed4792e..18d3079 100644 --- a/include/bl32/tsp/tsp.h +++ b/include/bl32/tsp/tsp.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -104,6 +104,7 @@ tsp_vector_isn_t abort_yield_smc_entry; } tsp_vectors_t; +void tsp_setup(void); #endif /* __ASSEMBLY__ */