Merge pull request #1900 from soby-mathew/sm/revert_xlat_changes
xlat_tables_v2: Revert recent changes to remove recursion
diff --git a/Makefile b/Makefile
index 8656da5..11d0d7a 100644
--- a/Makefile
+++ b/Makefile
@@ -478,6 +478,12 @@
ifeq ($(ENABLE_PAUTH),1)
ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
$(error ENABLE_PAUTH=1 requires CTX_INCLUDE_PAUTH_REGS=1)
+ else
+ $(info ENABLE_PAUTH and CTX_INCLUDE_PAUTH_REGS are experimental features)
+ endif
+else
+ ifeq ($(CTX_INCLUDE_PAUTH_REGS),1)
+ $(info CTX_INCLUDE_PAUTH_REGS is an experimental feature)
endif
endif
diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst
index 52520ea..66b16fa 100644
--- a/docs/firmware-design.rst
+++ b/docs/firmware-design.rst
@@ -2565,11 +2565,16 @@
must be set to 1. This will add all pointer authentication system registers
to the context that is saved when doing a world switch.
- The Trusted Firmware itself has support for pointer authentication at runtime
+ The TF-A itself has support for pointer authentication at runtime
that can be enabled by setting both options ``ENABLE_PAUTH`` and
``CTX_INCLUDE_PAUTH_REGS`` to 1. This enables pointer authentication in BL1,
BL2, BL31, and the TSP if it is used.
+ These options are experimental features.
+
+ Note that Pointer Authentication is enabled for Non-secure world irrespective
+ of the value of these build flags if the CPU supports it.
+
If ``ARM_ARCH_MAJOR == 8`` and ``ARM_ARCH_MINOR >= 3`` the code footprint of
enabling PAuth is lower because the compiler will use the optimized
PAuth instructions rather than the backwards-compatible ones.
diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index de4611c..c88b1f6 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -358,11 +358,12 @@
registers to be included when saving and restoring the CPU context. Default
is 0.
-- ``CTX_INCLUDE_PAUTH_REGS``: Boolean option that, when set to 1, will cause
- the ARMv8.3-PAuth registers to be included when saving and restoring the CPU
- context. Note that if the hardware supports this extension and this option is
- set to 0 the value of the registers will be leaked between Secure and
- Non-secure worlds if PAuth is used on both sides. The default is 0.
+- ``CTX_INCLUDE_PAUTH_REGS``: Boolean option that, when set to 1, enables
+ Pointer Authentication for Secure world. This will cause the ARMv8.3-PAuth
+ registers to be included when saving and restoring the CPU context as
+ part of world switch. Default value is 0 and this is an experimental feature.
+ Note that Pointer Authentication is enabled for Non-secure world irrespective
+ of the value of this flag if the CPU supports it.
- ``DEBUG``: Chooses between a debug and release build. It can take either 0
(release) or 1 (debug) as values. 0 is the default.
@@ -412,11 +413,11 @@
and use partitions in EL3 as required. This option defaults to ``0``.
- ``ENABLE_PAUTH``: Boolean option to enable ARMv8.3 Pointer Authentication
- (``ARMv8.3-PAuth``) support in the Trusted Firmware itself. Note that this
- option doesn't affect the saving of the registers introduced with this
- extension, they are always saved if they are detected regardless of the value
- of this option. If enabled, it is needed to use a compiler that supports the
- option ``-msign-return-address``. It defaults to 0.
+ support for TF-A BL images itself. If enabled, it is needed to use a compiler
+ that supports the option ``-msign-return-address``. This flag defaults to 0
+ and this is an experimental feature.
+ Note that Pointer Authentication is enabled for Non-secure world irrespective
+ of the value of this flag if the CPU supports it.
- ``ENABLE_PIE``: Boolean option to enable Position Independent Executable(PIE)
support within generic code in TF-A. This option is currently only supported
@@ -1049,7 +1050,7 @@
./tools/fiptool/fiptool
-Invoking the tool with ``--help`` will print a help message with all available
+Invoking the tool with ``help`` will print a help message with all available
options.
Example 1: create a new Firmware package ``fip.bin`` that contains BL2 and BL31:
diff --git a/include/lib/cpus/aarch64/neoverse_e1.h b/include/lib/cpus/aarch64/neoverse_e1.h
index 7084604..96b4661 100644
--- a/include/lib/cpus/aarch64/neoverse_e1.h
+++ b/include/lib/cpus/aarch64/neoverse_e1.h
@@ -9,7 +9,7 @@
#include <lib/utils_def.h>
-#define NEOVERSE_E1_MIDR U(0x410FD060)
+#define NEOVERSE_E1_MIDR U(0x410FD4A0)
/*******************************************************************************
* CPU Extended Control register specific definitions.
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index 4371cb2..e6ab19b 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -356,7 +356,7 @@
msr APIAKeyLo_EL1, x9
msr APIAKeyHi_EL1, x10
- ldp x9, x10, [x11, #CTX_PACIAKEY_LO]
+ ldp x9, x10, [x11, #CTX_PACIBKEY_LO]
msr APIBKeyLo_EL1, x9
msr APIBKeyHi_EL1, x10
diff --git a/plat/arm/common/aarch64/arm_pauth.c b/plat/arm/common/aarch64/arm_pauth.c
index c847119..a685c31 100644
--- a/plat/arm/common/aarch64/arm_pauth.c
+++ b/plat/arm/common/aarch64/arm_pauth.c
@@ -9,11 +9,9 @@
/*
* Instruction pointer authentication key A. The low 64-bit are at [0], and the
- * high bits at [1]. They are run-time constants so they are placed in the
- * rodata section. They are written before MMU is turned on and the permissions
- * are effective.
+ * high bits at [1].
*/
-uint64_t plat_apiakey[2] __section("rodata.apiakey");
+uint64_t plat_apiakey[2];
/*
* This is only a toy implementation to generate a seemingly random 128-bit key