1/* 2 * Copyright (c) 2016 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29#include <pexpert/arm64/board_config.h> 30#include <arm64/proc_reg.h> 31 32/* 33 * Compare two instructions with constant, spin on mismatch. 34 * arg0 - Constant scratch register 35 * arg1 - Instruction address scratch register 36 * arg2 - Instruction location 37 * arg3 - Instruction constant 38 */ 39.macro check_instruction 40 // construct 64-bit constant inline to make sure it is non-executable 41 movz $0, #(($3 >> 48) & 0xffff), lsl #48 42 movk $0, #(($3 >> 32) & 0xffff), lsl #32 43 movk $0, #(($3 >> 16) & 0xffff), lsl #16 44 movk $0, #(($3) & 0xffff) 45 // fetch instructions from "untrusted" memory 46 adrp $1, $2@page 47 add $1, $1, $2@pageoff 48 ldr $1, [$1] 49 // spin forever if we do not find what we expect 50 cmp $0, $1 51 b.ne . 52.endmacro 53 54#if defined(KERNEL_INTEGRITY_KTRR) 55 56/* AMCC only KTRR protected text, non-executable once the MMU is enabled */ 57 .text 58 .section __LAST,__pinst 59 .align 2 60 61__pinst_set_ttbr1: 62 msr TTBR1_EL1, x0 63 ret 64 65__pinst_set_vbar: 66 msr VBAR_EL1, x0 67 ret 68 69__pinst_set_tcr: 70 msr TCR_EL1, x0 71 ret 72 73 .globl _pinst_set_sctlr_trap_addr 74__pinst_set_sctlr: 75 msr SCTLR_EL1, x0 76_pinst_set_sctlr_trap_addr: 77 ret 78 79 80/* MMU and AMCC KTRR protected text */ 81 .text 82 .section __TEXT_EXEC,__text 83 .align 2 84 85 .globl _pinst_set_ttbr1 86_pinst_set_ttbr1: 87 check_instruction x2, x3, __pinst_set_ttbr1, 0xd65f03c0d5182020 88 b __pinst_set_ttbr1 89 90 .globl _pinst_set_vbar 91_pinst_set_vbar: 92 check_instruction x2, x3, __pinst_set_vbar, 0xd65f03c0d518c000 93 b __pinst_set_vbar 94 95 .globl _pinst_set_tcr 96_pinst_set_tcr: 97 check_instruction x2, x3, __pinst_set_tcr, 0xd65f03c0d5182040 98 b __pinst_set_tcr 99 100 .globl _pinst_set_sctlr 101_pinst_set_sctlr: 102 check_instruction x2, x3, __pinst_set_sctlr, 0xd65f03c0d5181000 103 b __pinst_set_sctlr 104 105#endif /* defined(KERNEL_INTEGRITY_KTRR) */ 106 107#if defined(KERNEL_INTEGRITY_KTRR) || defined(KERNEL_INTEGRITY_CTRR) 108 109 .text 110 .section __LAST,__pinst 111 .align 2 112 113__pinst_spsel_1: 114 msr SPSel, #1 115 ret 116 117 .text 118 .section __TEXT_EXEC,__text 119 .align 2 120 121 .globl _pinst_spsel_1 122_pinst_spsel_1: 123 check_instruction x2, x3, __pinst_spsel_1, 0xd65f03c0d50041bf 124 b __pinst_spsel_1 125 126#endif /* defined(KERNEL_INTEGRITY_KTRR) || defined(KERNEL_INTEGRITY_CTRR) */ 127 128