Merge pull request #1839 from loumay-arm/lm/a7x_errata

[project/bcm63xx/atf.git] / lib / el3_runtime / aarch64 / context_mgmt.c

diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 0a72aeb67593e1f5208a8a91d37232aaebc65b83..89d7ed682dc9a410ce15d5baaa147cebb190919b 100644 (file)
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -122,6 +122,20 @@ void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep)
        scr_el3 |= SCR_FIEN_BIT;
 #endif
 
+#if !CTX_INCLUDE_PAUTH_REGS
+       /*
+        * If the pointer authentication registers aren't saved during world
+        * switches the value of the registers can be leaked from the Secure to
+        * the Non-secure world. To prevent this, rather than enabling pointer
+        * authentication everywhere, we only enable it in the Non-secure world.
+        *
+        * If the Secure world wants to use pointer authentication,
+        * CTX_INCLUDE_PAUTH_REGS must be set to 1.
+        */
+       if (security_state == NON_SECURE)
+               scr_el3 |= SCR_API_BIT | SCR_APK_BIT;
+#endif /* !CTX_INCLUDE_PAUTH_REGS */
+
 #ifdef IMAGE_BL31
        /*
         * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as