ARMv8.1-M: Add PACBTI examples #17
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This example is going to be replaced by a new example where MPU PXN feature along with PACBTI security feature would be demonstrated. Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
Arm-Corstone-Platform-Bsp library is a Board support package (BSP) library for Corstone-3xx family of target platforms where it's implemented using the CMSIS-Driver software API. The Partner-Supported-Demos would benefit from this library as it shall be consumed by examples demonstrated on Corstone-3xx target platforms (ex. MPU PXN, and PACBTI example (to be added)). This improvement prevents duplicating the contents of CMSIS subdirectory for each example demonstrated on Corstone-3xx target platforms. Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
This example demonstrates how the new Pointer Authentication and Branch Target Identification (PACBTI) along with the new MPU region attribute Privileged eXecute Never (PXN) security features can be used on Cortex-M85 processor. The example is based on Corstone-315 Ecosystem Fixed Virtual Platform (Arm Cortex-M85 CPU and Ethos-U55 NPU). The example consists of three main tasks (prvPacTask , prvBtiTask, and prvPxnTask). The prvPacTask , and prvBtiTask tasks job is to trigger the UsageFault exception by mimicking ROP (Return Oriented Programming), JOP (Jump Oriented Programming) security exploit attacks. Whereas, the privileged prvPxnTask job is to trigger the MemoryFault exception by executing an instruction from an MPU region with Privileged eXecute Never (PXN) attribute set. The example is compatible with Arm Compiler For Embedded toolchain only. The support for GNU, and IAR toolchains is not yet enabled due to known issues. Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
This example demonstrates how the new Pointer Authentication and Branch Target Identification (PACBTI)security feature can be used on Cortex-M85 processor. The example is based on Corstone-315 Ecosystem Fixed Virtual Platform (Arm Cortex-M85 CPU and Ethos-U65 NPU). The example consists of two main tasks (prvPacTask , and prvBtiTask). The prvPacTask , and prvBtiTask tasks job is to trigger the UsageFault exception by mimicking ROP (Return Oriented Programming), JOP (Jump Oriented Programming) security exploit attacks. The example is compatible with Arm Compiler For Embedded toolchain only. The support for GNU, and IAR toolchains is not yet enabled due to known issues. Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
urutva
approved these changes
Oct 7, 2024
2 tasks
kstribrnAmzn
approved these changes
Oct 7, 2024
|
Would you like me to squash and merge or preserve the commits? |
|
Thanks for the review @kstribrnAmzn. Preserve the commits please. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR adds two examples (MPU and non-MPU variants) that demonstrate how the new Pointer Authentication and Branch Target Identification (PACBTI) along with the new MPU region attribute Privileged eXecute Never (PXN) security features can be used on Cortex-M85 processor.
The examples are based on Corstone-315 Ecosystem Fixed Virtual Platform (Arm Cortex-M85 CPU and Ethos-U65 NPU).
The examples are compatible with Arm Compiler For Embedded v.621 toolchain only. The support for GNU, and IAR toolchains is not yet enabled due to known issues.
Depends on FreeRTOS-Kernel PR!1147
Test Steps
Related Issue
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.