1*d1de6b2bSLeo Yan /* 2*d1de6b2bSLeo Yan * Copyright (c) 2024, ARM Limited and Contributors. All rights reserved. 3*d1de6b2bSLeo Yan * 4*d1de6b2bSLeo Yan * SPDX-License-Identifier: BSD-3-Clause 5*d1de6b2bSLeo Yan */ 6*d1de6b2bSLeo Yan 7*d1de6b2bSLeo Yan #include <stdint.h> 8*d1de6b2bSLeo Yan 9*d1de6b2bSLeo Yan #include <arch_helpers.h> 10*d1de6b2bSLeo Yan #include <plat/common/platform.h> 11*d1de6b2bSLeo Yan 12*d1de6b2bSLeo Yan #define RANDOM_CANARY_VALUE ((u_register_t) 3288484550995823360ULL) 13*d1de6b2bSLeo Yan plat_get_stack_protector_canary(void)14*d1de6b2bSLeo Yanu_register_t plat_get_stack_protector_canary(void) 15*d1de6b2bSLeo Yan { 16*d1de6b2bSLeo Yan /* 17*d1de6b2bSLeo Yan * On the Total Compute platform, it can generate RNG via MHU channel 18*d1de6b2bSLeo Yan * and communicate with RSE. But the stack protector canary function 19*d1de6b2bSLeo Yan * is needed prior to MHU channel gets ready. 20*d1de6b2bSLeo Yan * 21*d1de6b2bSLeo Yan * Since now MHU module cannot distinguish if MHU channel has been 22*d1de6b2bSLeo Yan * initialized or not, if it arbitrarily tries to send message, it will 23*d1de6b2bSLeo Yan * cause panic. For this reason, this function cannot rollback to 24*d1de6b2bSLeo Yan * dummy random number based on the MHU failure. 25*d1de6b2bSLeo Yan * 26*d1de6b2bSLeo Yan * For above reasons, simply return a value of the combination of a 27*d1de6b2bSLeo Yan * timer's value and a compile-time constant. 28*d1de6b2bSLeo Yan */ 29*d1de6b2bSLeo Yan return RANDOM_CANARY_VALUE ^ read_cntpct_el0(); 30*d1de6b2bSLeo Yan } 31