aboutsummaryrefslogtreecommitdiff
path: root/services/arm_arch_svc
diff options
context:
space:
mode:
authorJeenu Viswambharan <jeenu.viswambharan@arm.com>2018-11-15 11:38:03 +0000
committerJeenu Viswambharan <jeenu.viswambharan@arm.com>2018-12-10 14:28:58 +0000
commit48e1d350a0021a9a2f7e34041f28273dee9eb885 (patch)
tree090c159d164bcb90c44b2e0101fc844a3754808f /services/arm_arch_svc
parent19b56cf4a2251e5ffcab41cdd6dd8449f8b1402a (diff)
downloadtrusted-firmware-a-48e1d350a0021a9a2f7e34041f28273dee9eb885.tar.gz
AArch64: Use SSBS for CVE_2018_3639 mitigation
The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass Safe) bit to mitigate against Variant 4 vulnerabilities. Although an Armv8.5 feature, this can be implemented by CPUs implementing earlier version of the architecture. With this patch, when both PSTATE.SSBS is implemented and DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to indicate that mitigation on the PE is either permanently enabled or not required. When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset of every BL stage. This means that EL3 always executes with mitigation applied. For Cortex A76, if the PE implements SSBS, the existing mitigation (by using a different vector table, and tweaking CPU ACTLR2) is not used. Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Diffstat (limited to 'services/arm_arch_svc')
-rw-r--r--services/arm_arch_svc/arm_arch_svc_setup.c24
1 files changed, 23 insertions, 1 deletions
diff --git a/services/arm_arch_svc/arm_arch_svc_setup.c b/services/arm_arch_svc/arm_arch_svc_setup.c
index 45c4704eed..3a5299fdf3 100644
--- a/services/arm_arch_svc/arm_arch_svc_setup.c
+++ b/services/arm_arch_svc/arm_arch_svc_setup.c
@@ -30,9 +30,27 @@ static int32_t smccc_arch_features(u_register_t arg)
return 1;
return 0; /* ERRATA_APPLIES || ERRATA_MISSING */
#endif
+
#if WORKAROUND_CVE_2018_3639
- case SMCCC_ARCH_WORKAROUND_2:
+ case SMCCC_ARCH_WORKAROUND_2: {
#if DYNAMIC_WORKAROUND_CVE_2018_3639
+ unsigned long long ssbs;
+
+ /*
+ * Firmware doesn't have to carry out dynamic workaround if the
+ * PE implements architectural Speculation Store Bypass Safe
+ * (SSBS) feature.
+ */
+ ssbs = (read_id_aa64pfr0_el1() >> ID_AA64PFR1_EL1_SSBS_SHIFT) &
+ ID_AA64PFR1_EL1_SSBS_MASK;
+
+ /*
+ * If architectural SSBS is available on this PE, no firmware
+ * mitigation via SMCCC_ARCH_WORKAROUND_2 is required.
+ */
+ if (ssbs != SSBS_UNAVAILABLE)
+ return 1;
+
/*
* On a platform where at least one CPU requires
* dynamic mitigation but others are either unaffected
@@ -50,7 +68,11 @@ static int32_t smccc_arch_features(u_register_t arg)
/* Either the CPUs are unaffected or permanently mitigated */
return SMCCC_ARCH_NOT_REQUIRED;
#endif
+ }
#endif
+
+ /* Fallthrough */
+
default:
return SMC_UNK;
}