From 79627dc37259781e578c47e1e63856dd0424b2a2 Mon Sep 17 00:00:00 2001
From: Sandrine Bailleux <sandrine.bailleux@arm.com>
Date: Tue, 24 May 2016 16:22:59 +0100
Subject: [PATCH] Fill exception vectors with zero bytes

The documentation of the GNU assembler specifies the following about
the .align assembler directive:
 "the padding bytes are normally zero. However, on some systems, if
 the section is marked as containing code and the fill value is
 omitted, the space is filled with no-op instructions."
(see https://sourceware.org/binutils/docs/as/Align.html)

When building Trusted Firmware, the AArch64 GNU assembler uses a
mix of zero bytes and no-op instructions as the padding bytes to
align exception vectors.

This patch mandates to use zero bytes to be stored in the padding
bytes in the exception vectors. In the AArch64 instruction set, no
valid instruction encodes as zero so this effectively inserts
illegal instructions. Should this code end up being executed for
any reason, it would crash immediately. This gives us an extra
protection against misbehaving code at no extra cost.

Change-Id: I4f2abb39d0320ca0f9d467fc5af0cb92ae297351
---
 include/common/asm_macros.S | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/include/common/asm_macros.S b/include/common/asm_macros.S
index 00c7d88b..d4bd11ee 100644
--- a/include/common/asm_macros.S
+++ b/include/common/asm_macros.S
@@ -69,20 +69,26 @@
 	/*
 	 * Declare the exception vector table, enforcing it is aligned on a
 	 * 2KB boundary, as required by the ARMv8 architecture.
+	 * Use zero bytes as the fill value to be stored in the padding bytes
+	 * so that it inserts illegal AArch64 instructions. This increases
+	 * security, robustness and potentially facilitates debugging.
 	 */
 	.macro vector_base  label
 	.section .vectors, "ax"
-	.align 11
+	.align 11, 0
 	\label:
 	.endm
 
 	/*
 	 * Create an entry in the exception vector table, enforcing it is
 	 * aligned on a 128-byte boundary, as required by the ARMv8 architecture.
+	 * Use zero bytes as the fill value to be stored in the padding bytes
+	 * so that it inserts illegal AArch64 instructions. This increases
+	 * security, robustness and potentially facilitates debugging.
 	 */
 	.macro vector_entry  label
 	.section .vectors, "ax"
-	.align 7
+	.align 7, 0
 	\label:
 	.endm
 
-- 
2.30.2