* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <assert.h>
+
#include <arch_helpers.h>
+#include <arch_features.h>
#include <bl1/bl1.h>
#include <bl2/bl2.h>
#include <common/bl_common.h>
#include <common/debug.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/console.h>
+#include <lib/extensions/pauth.h>
#include <plat/common/platform.h>
#include "bl2_private.h"
/* Perform early platform-specific setup */
bl2_early_platform_setup2(arg0, arg1, arg2, arg3);
-#ifdef __aarch64__
- /*
- * Update pointer authentication key before the MMU is enabled. It is
- * saved in the rodata section, that can be writen before enabling the
- * MMU. This function must be called after the console is initialized
- * in the early platform setup.
- */
- bl_handle_pauth();
-#endif /* __aarch64__ */
-
/* Perform late platform-specific setup */
bl2_plat_arch_setup();
+
+#if CTX_INCLUDE_PAUTH_REGS
+ /*
+ * Assert that the ARMv8.3-PAuth registers are present or an access
+ * fault will be triggered when they are being saved or restored.
+ */
+ assert(is_armv8_3_pauth_present());
+#endif /* CTX_INCLUDE_PAUTH_REGS */
}
#else /* if BL2_AT_EL3 */
/* Perform early platform-specific setup */
bl2_el3_early_platform_setup(arg0, arg1, arg2, arg3);
-#ifdef __aarch64__
- /*
- * Update pointer authentication key before the MMU is enabled. It is
- * saved in the rodata section, that can be writen before enabling the
- * MMU. This function must be called after the console is initialized
- * in the early platform setup.
- */
- bl_handle_pauth();
-#endif /* __aarch64__ */
-
/* Perform late platform-specific setup */
bl2_el3_plat_arch_setup();
+
+#if CTX_INCLUDE_PAUTH_REGS
+ /*
+ * Assert that the ARMv8.3-PAuth registers are present or an access
+ * fault will be triggered when they are being saved or restored.
+ */
+ assert(is_armv8_3_pauth_present());
+#endif /* CTX_INCLUDE_PAUTH_REGS */
}
#endif /* BL2_AT_EL3 */
console_flush();
+#if ENABLE_PAUTH
+ /*
+ * Disable pointer authentication before running next boot image
+ */
+ pauth_disable_el1();
+#endif /* ENABLE_PAUTH */
+
/*
* Run next BL image via an SMC to BL1. Information on how to pass
* control to the BL32 (if present) and BL33 software images will
print_entry_point_info(next_bl_ep_info);
console_flush();
+#if ENABLE_PAUTH
+ /*
+ * Disable pointer authentication before running next boot image
+ */
+ pauth_disable_el3();
+#endif /* ENABLE_PAUTH */
+
bl2_run_next_image(next_bl_ep_info);
#endif /* BL2_AT_EL3 */
}