Hi,
(in context of testing MTE support when OP-TEE is loaded as a secure partition on top of SEL2/Hafnium)
I appreciate MTE support is fresh starting with v3.18, bear with me if I missed details:
1/ noticed using both CFG_TA_PAUTH=y CFG_MEMTAG=y (if permitted) may break the build
diff --git a/core/tee/tee_svc.c b/core/tee/tee_svc.c index 03bb174a..59f8afae 100644 --- a/core/tee/tee_svc.c +++ b/core/tee/tee_svc.c @@ -365,7 +365,7 @@ const struct tee_props tee_propset_tee[] = { .name = "org.trustedfirmware.optee.cpu.feat_pauth_implemented", .prop_type = USER_TA_PROP_TYPE_BOOL, .get_prop_func = get_prop_feat_pauth_implemented - } + }, #endif #if MEMTAG_IS_ENABLED {
2/ there seems to be a problem with CFG_CORE_SEL2_SPMC=y CFG_MEMTAG=y when it comes to build AArch32 TAs. I guess CNTVCT only exists with AArch64:
In file included from lib/libutils/ext/arch/arm/memtag.c:6: lib/libutee/include/arm_user_sysreg.h: In function 'barrier_read_counter_timer': lib/libutee/include/arm_user_sysreg.h:28:9: error: implicit declaration of function 'read_cntvct'; did you mean 'read_cntpct'? [-Werror=implicit-function-declaration] 28 | return read_cntvct(); | ^~~~~~~~~~~ | read_cntpct lib/libutee/include/arm_user_sysreg.h:28:9: warning: nested extern declaration of 'read_cntvct' [-Wnested-externs]
3/ there seems to be a more general problem with using cache operations affecting tags starting with boot_init_memtag The DC GVA operation triggers an EL1 data abort with DFSC stating alignment fault. I will continue debugging (on FVP) but I thought worth noting, and more importantly confirming if this works on your side (perhaps on qemu?). SEL2 may miss disabling traps for certain cache operations.
4/ still about boot_init_memtag, it attempts clearing tags on the whole range of TEE_RAM_START / TEE_RAM_PH_SIZE but it seems memory pages aren't marked as normal tagged memory so I wonder if it works as expected. It may be harmless though. Let me know if I miss something.
Thanks & Regards, Olivier.