[PATCH v3 2/4] arm64: smccc: clear the Xn registers after SMC calls
Jens Wiklander
jens.wiklander at linaro.org
Tue Aug 16 13:48:31 CEST 2022
On Mon, Aug 1, 2022 at 7:21 PM Abdellatif El Khlifi
<abdellatif.elkhlifi at arm.com> wrote:
>
> set to zero the x0-x17 registers
>
> As per the SMCCC v1.2 spec, unused result and scratch registers can leak
> information after an SMC call. We can mitigate against this risk by
> returning zero in each register.
>
> Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi at arm.com>
> Cc: Tom Rini <trini at konsulko.com>
> Cc: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> Cc: Jens Wiklander <jens.wiklander at linaro.org>
> ---
> arch/arm/cpu/armv8/smccc-call.S | 20 ++++++++++++++++++++
> 1 file changed, 20 insertions(+)
>
> diff --git a/arch/arm/cpu/armv8/smccc-call.S b/arch/arm/cpu/armv8/smccc-call.S
> index ec6f299bc9..8ac3e461e4 100644
> --- a/arch/arm/cpu/armv8/smccc-call.S
> +++ b/arch/arm/cpu/armv8/smccc-call.S
> @@ -84,6 +84,26 @@ ENDPROC(__arm_smccc_hvc)
> stp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS]
> stp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS]
>
> + /* x0-x17 registers can leak information after an SMC or HVC call. Let's clear them */
> + mov x0, xzr
> + mov x1, xzr
> + mov x2, xzr
> + mov x3, xzr
> + mov x4, xzr
> + mov x5, xzr
> + mov x6, xzr
> + mov x7, xzr
> + mov x8, xzr
> + mov x9, xzr
> + mov x10, xzr
> + mov x11, xzr
> + mov x12, xzr
> + mov x13, xzr
> + mov x14, xzr
> + mov x15, xzr
> + mov x16, xzr
> + mov x17, xzr
> +
Is this information leakage worse than the information leakage from an
ordinary C function?
My point is, is this needed?
Thanks,
Jens
> /* Restore original x19 */
> ldp xzr, x19, [sp], #16
> ret
> --
> 2.17.1
>
More information about the U-Boot
mailing list