cpus: denver: Implement static workaround for CVE-2018-3639

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code cpus: denver: Implement static workaround for CVE-2018-3639 For Denver CPUs, this approach enables the mitigation during EL3 initialization, following every PE reset. No mechanism is provided to disable the mitigation at runtime. This approach permanently mitigates the EL3 software stack only. Other software components are responsible to enable it for their exception levels. TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN3 and earlier: * By setting bit 11 (Disable speculative store buffering) of `ACTLR_EL3` * By setting bit 9 (Disable speculative memory disambiguation) of `ACTLR_EL3` TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN4 and later: * By setting bit 18 (Disable speculative store buffering) of `ACTLR_EL3` * By setting bit 17 (Disable speculative memory disambiguation) of `ACTLR_EL3` Change-Id: If1de96605ce3f7b0aff5fab2c828e5aecb687555 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6
1 parent cf3ed0d commit 6cf8d65f274b3eb6a377c553656daf713f93713c Varun Wadekar authored on 28 Aug 2018

Browse code

For Denver CPUs, this approach enables the mitigation during EL3
initialization, following every PE reset. No mechanism is provided to
disable the mitigation at runtime.

This approach permanently mitigates the EL3 software stack only. Other
software components are responsible to enable it for their exception
levels.

TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN3
and earlier:

*   By setting bit 11 (Disable speculative store buffering) of
    `ACTLR_EL3`

*   By setting bit 9 (Disable speculative memory disambiguation) of
    `ACTLR_EL3`

TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN4
and later:

*   By setting bit 18 (Disable speculative store buffering) of
    `ACTLR_EL3`

*   By setting bit 17 (Disable speculative memory disambiguation) of
    `ACTLR_EL3`

Change-Id: If1de96605ce3f7b0aff5fab2c828e5aecb687555
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6

1 parent cf3ed0d commit 6cf8d65f274b3eb6a377c553656daf713f93713c

Varun Wadekar authored on 28 Aug 2018

Patch

Unified Split

Showing 2 changed files

Ignore Space Show notes View include/lib/cpus/aarch64/denver.h

Ignore Space Show notes View lib/cpus/aarch64/denver.S

Show line notes below