aboutsummaryrefslogtreecommitdiff
path: root/services/arm_arch_svc
diff options
context:
space:
mode:
authorDimitris Papastamos <dimitris.papastamos@arm.com>2018-04-05 14:38:26 +0100
committerDimitris Papastamos <dimitris.papastamos@arm.com>2018-05-23 12:45:48 +0100
commitb8a25bbb0bab4e4afdbfb04bee98f0bf28141c4b (patch)
tree06c3f43c7cf979d11c86f7270d407d5edfd1d661 /services/arm_arch_svc
parent2c3a10780df3317c004de74fbe85df53daab94e5 (diff)
downloadtrusted-firmware-a-b8a25bbb0bab4e4afdbfb04bee98f0bf28141c4b.tar.gz
Implement static workaround for CVE-2018-3639
For affected CPUs, this approach enables the mitigation during EL3 initialization, following every PE reset. No mechanism is provided to disable the mitigation at runtime. This approach permanently mitigates the entire software stack and no additional mitigation code is required in other software components. TF-A implements this approach for the following affected CPUs: * Cortex-A57 and Cortex-A72, by setting bit 55 (Disable load pass store) of `CPUACTLR_EL1` (`S3_1_C15_C2_0`). * Cortex-A73, by setting bit 3 of `S3_0_C15_C0_0` (not documented in the Technical Reference Manual (TRM)). * Cortex-A75, by setting bit 35 (reserved in TRM) of `CPUACTLR_EL1` (`S3_0_C15_C1_0`). Additionally, a new SMC interface is implemented to allow software executing in lower ELs to discover whether the system is mitigated against CVE-2018-3639. Refer to "Firmware interfaces for mitigating cache speculation vulnerabilities System Software on Arm Systems"[0] for more information. [0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification Change-Id: I084aa7c3bc7c26bf2df2248301270f77bed22ceb Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Diffstat (limited to 'services/arm_arch_svc')
-rw-r--r--services/arm_arch_svc/arm_arch_svc_setup.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/services/arm_arch_svc/arm_arch_svc_setup.c b/services/arm_arch_svc/arm_arch_svc_setup.c
index c357ebdb97..6089cf6ac8 100644
--- a/services/arm_arch_svc/arm_arch_svc_setup.c
+++ b/services/arm_arch_svc/arm_arch_svc_setup.c
@@ -29,6 +29,10 @@ static int32_t smccc_arch_features(u_register_t arg)
return 1;
return 0; /* ERRATA_APPLIES || ERRATA_MISSING */
#endif
+#if WORKAROUND_CVE_2018_3639
+ case SMCCC_ARCH_WORKAROUND_2:
+ return SMCCC_ARCH_NOT_REQUIRED;
+#endif
default:
return SMC_UNK;
}
@@ -60,6 +64,16 @@ static uintptr_t arm_arch_svc_smc_handler(uint32_t smc_fid,
*/
SMC_RET0(handle);
#endif
+#if WORKAROUND_CVE_2018_3639
+ case SMCCC_ARCH_WORKAROUND_2:
+ /*
+ * The workaround has already been applied on affected PEs
+ * requiring dynamic mitigation during entry to EL3.
+ * On unaffected or statically mitigated PEs, this function
+ * has no effect.
+ */
+ SMC_RET0(handle);
+#endif
default:
WARN("Unimplemented Arm Architecture Service Call: 0x%x \n",
smc_fid);