core: enable write-implies-execute-never when applicable

HW may or may not support STCLR "WXN" configuration field. CFG_HWSUPP_MEM_PERM_WXN reflects this state. AArch64 is assumed to always support this field. Enable the "WXN" (and UWXN) bits in STCLR upon configuration directive CFG_CORE_RWDATA_NOEXEC. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
OP-TEE · May 29, 2017 · 58615a6 · 58615a6
1 parent ce0d8e2
commit 58615a6
Show file tree

Hide file tree

Showing 14 changed files with 25 additions and 0 deletions.
diff --git a/core/arch/arm/include/arm64.h b/core/arch/arm/include/arm64.h
@@ -36,6 +36,7 @@
 #define SCTLR_C		BIT32(2)
 #define SCTLR_SA	BIT32(3)
 #define SCTLR_I		BIT32(12)
+#define SCTLR_WXN	BIT32(19)
 
 #define TTBR_ASID_MASK		0xff
 #define TTBR_ASID_SHIFT		48

diff --git a/core/arch/arm/kernel/generic_entry_a32.S b/core/arch/arm/kernel/generic_entry_a32.S
@@ -189,6 +189,9 @@ UNWIND(	.cantunwind)
 	orr	r0, r0, #SCTLR_A
 	bic	r0, r0, #SCTLR_C
 	bic	r0, r0, #SCTLR_I
+#if defined(CFG_HWSUPP_MEM_PERM_WXN) && defined(CFG_CORE_RWDATA_NOEXEC)
+	orr	r0, r0, #(SCTLR_WXN | SCTLR_UWXN)
+#endif
 	write_sctlr r0
 	isb
 
@@ -446,6 +449,9 @@ UNWIND(	.cantunwind)
 	mov	r6, lr
 	read_sctlr r0
 	orr	r0, r0, #SCTLR_A
+#if defined(CFG_HWSUPP_MEM_PERM_WXN) && defined(CFG_CORE_RWDATA_NOEXEC)
+	orr	r0, r0, #(SCTLR_WXN | SCTLR_UWXN)
+#endif
 	write_sctlr r0
 
 	ldr	r0, =_start

diff --git a/core/arch/arm/kernel/generic_entry_a64.S b/core/arch/arm/kernel/generic_entry_a64.S
@@ -73,6 +73,9 @@ FUNC _start , :
 
 	mrs	x0, sctlr_el1
 	mov	x1, #(SCTLR_I | SCTLR_A | SCTLR_SA)
+#if defined(CFG_CORE_RWDATA_NOEXEC)
+	orr	x1, x1, #SCTLR_WXN
+#endif
 	orr	x0, x0, x1
 	msr	sctlr_el1, x0
 	isb
@@ -177,6 +180,9 @@ FUNC cpu_on_handler , :
 
 	mrs	x0, sctlr_el1
 	mov	x1, #(SCTLR_I | SCTLR_A | SCTLR_SA)
+#if defined(CFG_CORE_RWDATA_NOEXEC)
+	orr	x1, x1, #SCTLR_WXN
+#endif
 	orr	x0, x0, x1
 	msr	sctlr_el1, x0
 	isb

diff --git a/core/arch/arm/plat-d02/conf.mk b/core/arch/arm/plat-d02/conf.mk
@@ -9,6 +9,7 @@ CFG_CORE_HEAP_SIZE ?= 98304
 
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_HI16XX_UART,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)

diff --git a/core/arch/arm/plat-hikey/conf.mk b/core/arch/arm/plat-hikey/conf.mk
@@ -6,6 +6,7 @@ core_arm32-platform-aflags	+= -mfpu=neon
 
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PL011,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)

diff --git a/core/arch/arm/plat-imx/conf.mk b/core/arch/arm/plat-imx/conf.mk
@@ -43,6 +43,7 @@ ifeq ($(CFG_MX6UL),y)
 arm32-platform-cpuarch		:= cortex-a7
 
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 endif
 
 
@@ -53,6 +54,7 @@ arm32-platform-cpuarch		:= cortex-a9
 $(call force,CFG_PL310,y)
 $(call force,CFG_PL310_LOCKED,y)
 $(call force,CFG_SECURE_TIME_SOURCE_REE,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,n)
 
 CFG_BOOT_SYNC_CPU ?= y
 CFG_BOOT_SECONDARY_REQUEST ?= y

diff --git a/core/arch/arm/plat-ls/conf.mk b/core/arch/arm/plat-ls/conf.mk
@@ -11,6 +11,7 @@ $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 $(call force,CFG_GIC,y)
 $(call force,CFG_16550_UART,y)
 $(call force,CFG_PM_STUBS,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 
 ta-targets = ta_arm32
 

diff --git a/core/arch/arm/plat-mediatek/conf.mk b/core/arch/arm/plat-mediatek/conf.mk
@@ -9,6 +9,7 @@ arm32-platform-aflags	+= -mfpu=neon
 $(call force,CFG_8250_UART,y)
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 $(call force,CFG_WITH_ARM_TRUSTED_FW,y)

diff --git a/core/arch/arm/plat-rcar/conf.mk b/core/arch/arm/plat-rcar/conf.mk
@@ -8,6 +8,7 @@ arm32-platform-aflags	+= -mfpu=neon
 
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 $(call force,CFG_WITH_ARM_TRUSTED_FW,y)

diff --git a/core/arch/arm/plat-rpi3/conf.mk b/core/arch/arm/plat-rpi3/conf.mk
@@ -7,6 +7,7 @@ core_arm32-platform-aflags	+= -mfpu=neon
 $(call force,CFG_8250_UART,y)
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 $(call force,CFG_WITH_ARM_TRUSTED_FW,y)

diff --git a/core/arch/arm/plat-sprd/conf.mk b/core/arch/arm/plat-sprd/conf.mk
@@ -22,6 +22,7 @@ $(call force,CFG_GIC,y)
 $(call force,CFG_SPRD_UART,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 
 CFG_WITH_STACK_CANARIES ?= y
 # Overrides default in mk/config.mk with 128 kB

diff --git a/core/arch/arm/plat-ti/conf.mk b/core/arch/arm/plat-ti/conf.mk
@@ -17,6 +17,7 @@ arm32-platform-cpuarch		:= cortex-a9
 else
 CFG_OTP_SUPPORT ?= y
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 arm32-platform-cpuarch		:= cortex-a15
 endif

diff --git a/core/arch/arm/plat-vexpress/conf.mk b/core/arch/arm/plat-vexpress/conf.mk
@@ -33,6 +33,7 @@ endif
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_GIC,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PL011,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)

diff --git a/core/arch/arm/plat-zynqmp/conf.mk b/core/arch/arm/plat-zynqmp/conf.mk
@@ -10,6 +10,7 @@ $(call force,CFG_CDNS_UART,y)
 $(call force,CFG_GENERIC_BOOT,y)
 $(call force,CFG_GIC,y)
 $(call force,CFG_HWSUPP_MEM_PERM_PXN,y)
+$(call force,CFG_HWSUPP_MEM_PERM_WXN,y)
 $(call force,CFG_PM_STUBS,y)
 $(call force,CFG_SECURE_TIME_SOURCE_CNTPCT,y)
 $(call force,CFG_WITH_ARM_TRUSTED_FW,y)