Add support for dynamic mitigation for CVE-2018-3639

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code Add support for dynamic mitigation for CVE-2018-3639 Some CPUS may benefit from using a dynamic mitigation approach for CVE-2018-3639. A new SMC interface is defined to allow software executing in lower ELs to enable or disable the mitigation for their execution context. It should be noted that regardless of the state of the mitigation for lower ELs, code executing in EL3 is always mitigated against CVE-2018-3639. NOTE: This change is a compatibility break for any platform using the declare_cpu_ops_workaround_cve_2017_5715 macro. Migrate to the declare_cpu_ops_wa macro instead. Change-Id: I3509a9337ad217bbd96de9f380c4ff8bf7917013 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com> WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6
1 parent e086570 commit fe007b2e15ec7b569c07fedbd9bfccb5ed742eec Dimitris Papastamos authored on 16 May 2018

Browse code

Some CPUS may benefit from using a dynamic mitigation approach for
CVE-2018-3639.  A new SMC interface is defined to allow software
executing in lower ELs to enable or disable the mitigation for their
execution context.

It should be noted that regardless of the state of the mitigation for
lower ELs, code executing in EL3 is always mitigated against
CVE-2018-3639.

NOTE: This change is a compatibility break for any platform using
the declare_cpu_ops_workaround_cve_2017_5715 macro.  Migrate to
the declare_cpu_ops_wa macro instead.

Change-Id: I3509a9337ad217bbd96de9f380c4ff8bf7917013
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6

1 parent e086570 commit fe007b2e15ec7b569c07fedbd9bfccb5ed742eec

Dimitris Papastamos authored on 16 May 2018

Patch

Unified Split

Showing 12 changed files

Ignore Space Show notes View docs/cpu-specific-build-macros.rst

Ignore Space Show notes View include/lib/cpus/aarch64/cpu_macros.S

Ignore Space Show notes View include/lib/cpus/wa_cve_2018_3639.h 0 → 100644

Ignore Space Show notes View include/lib/el3_runtime/aarch64/context.h

Ignore Space Show notes View lib/cpus/aarch64/cortex_a57.S

Ignore Space Show notes View lib/cpus/aarch64/cortex_a72.S

Ignore Space Show notes View lib/cpus/aarch64/cortex_a73.S

Ignore Space Show notes View lib/cpus/aarch64/cortex_a75.S

Ignore Space Show notes View lib/cpus/aarch64/cpu_helpers.S

Ignore Space Show notes View lib/cpus/cpu-ops.mk

Ignore Space Show notes View lib/el3_runtime/aarch64/context.S

Ignore Space Show notes View services/arm_arch_svc/arm_arch_svc_setup.c

Show line notes below