On Mon, Aug 1, 2022 at 7:21 PM Abdellatif El Khlifi <abdellatif.elkhl...@arm.com> wrote: > > set to zero the x0-x17 registers > > As per the SMCCC v1.2 spec, unused result and scratch registers can leak > information after an SMC call. We can mitigate against this risk by > returning zero in each register. > > Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhl...@arm.com> > Cc: Tom Rini <tr...@konsulko.com> > Cc: Ilias Apalodimas <ilias.apalodi...@linaro.org> > Cc: Jens Wiklander <jens.wiklan...@linaro.org> > --- > arch/arm/cpu/armv8/smccc-call.S | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) > > diff --git a/arch/arm/cpu/armv8/smccc-call.S b/arch/arm/cpu/armv8/smccc-call.S > index ec6f299bc9..8ac3e461e4 100644 > --- a/arch/arm/cpu/armv8/smccc-call.S > +++ b/arch/arm/cpu/armv8/smccc-call.S > @@ -84,6 +84,26 @@ ENDPROC(__arm_smccc_hvc) > stp x14, x15, [x19, #ARM_SMCCC_1_2_REGS_X14_OFFS] > stp x16, x17, [x19, #ARM_SMCCC_1_2_REGS_X16_OFFS] > > + /* x0-x17 registers can leak information after an SMC or HVC call. > Let's clear them */ > + mov x0, xzr > + mov x1, xzr > + mov x2, xzr > + mov x3, xzr > + mov x4, xzr > + mov x5, xzr > + mov x6, xzr > + mov x7, xzr > + mov x8, xzr > + mov x9, xzr > + mov x10, xzr > + mov x11, xzr > + mov x12, xzr > + mov x13, xzr > + mov x14, xzr > + mov x15, xzr > + mov x16, xzr > + mov x17, xzr > +
Is this information leakage worse than the information leakage from an ordinary C function? My point is, is this needed? Thanks, Jens > /* Restore original x19 */ > ldp xzr, x19, [sp], #16 > ret > -- > 2.17.1 >