Workaround for CVE-2017-5715 on Cortex A57 and A72

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code Workaround for CVE-2017-5715 on Cortex A57 and A72 Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling and enabling the MMU. To achieve this without performing any branch instruction, a per-cpu vbar is installed which executes the workaround and then branches off to the corresponding vector entry in the main vector table. A side effect of this change is that the main vbar is configured before any reset handling. This is to allow the per-cpu reset function to override the vbar setting. This workaround is enabled by default on the affected CPUs. Change-Id: I97788d38463a5840a410e3cea85ed297a1678265 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com> WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5
1 parent 08e06be commit f62ad322695d16178db464dc062fe0af592c6780 Dimitris Papastamos authored on 30 Nov 2017

Browse code

Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling
and enabling the MMU. To achieve this without performing any branch
instruction, a per-cpu vbar is installed which executes the workaround
and then branches off to the corresponding vector entry in the main
vector table. A side effect of this change is that the main vbar is
configured before any reset handling. This is to allow the per-cpu
reset function to override the vbar setting.

This workaround is enabled by default on the affected CPUs.

Change-Id: I97788d38463a5840a410e3cea85ed297a1678265
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5

1 parent 08e06be commit f62ad322695d16178db464dc062fe0af592c6780

Dimitris Papastamos authored on 30 Nov 2017

Patch

Unified Split

Showing 8 changed files

Ignore Space Show notes View bl31/aarch64/runtime_exceptions.S

Ignore Space Show notes View bl31/bl31.mk

Ignore Space Show notes View docs/cpu-specific-build-macros.rst

Ignore Space Show notes View include/common/aarch64/el3_common_macros.S

Ignore Space Show notes View lib/cpus/aarch64/cortex_a57.S

Ignore Space Show notes View lib/cpus/aarch64/cortex_a72.S

Ignore Space Show notes View lib/cpus/aarch64/workaround_cve_2017_5715_mmu.S 0 → 100644

Ignore Space Show notes View lib/cpus/cpu-ops.mk

Show line notes below