diff options
author | Bipin Ravi <bipin.ravi@arm.com> | 2022-06-16 16:32:22 -0500 |
---|---|---|
committer | Bipin Ravi <bipin.ravi@arm.com> | 2022-06-16 17:04:09 -0500 |
commit | 37200ae08b2cd91ca3c1104a597ba90cf6c3ba30 (patch) | |
tree | 65a8c255835c5829cb7c20ac1bfaf6906b0cc20e | |
parent | 100da90ca84a3265d6312f24df16f920929234a6 (diff) | |
download | trusted-firmware-a-37200ae08b2cd91ca3c1104a597ba90cf6c3ba30.tar.gz |
docs(security): update security advisory for CVE-2022-23960
Update advisory document following Spectre-BHB mitigation support for
additional CPUs.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I4492397f18882f514beff4da06afe973acecf1f0
-rw-r--r-- | docs/security_advisories/security-advisory-tfv-9.rst | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/docs/security_advisories/security-advisory-tfv-9.rst b/docs/security_advisories/security-advisory-tfv-9.rst index 74b85dcd9c..a7b5984bb6 100644 --- a/docs/security_advisories/security-advisory-tfv-9.rst +++ b/docs/security_advisories/security-advisory-tfv-9.rst @@ -57,20 +57,38 @@ revisions of Cortex-A73 and Cortex-A75 that implements FEAT_CSV2). +----------------------+ | Cortex-A76 | +----------------------+ +| Cortex-A76AE | ++----------------------+ | Cortex-A77 | +----------------------+ | Cortex-A78 | +----------------------+ +| Cortex-A78AE | ++----------------------+ +| Cortex-A78C | ++----------------------+ +| Cortex-X1 | ++----------------------+ | Cortex-X2 | +----------------------+ | Cortex-A710 | +----------------------+ +| Cortex-Makalu | ++----------------------+ +| Cortex-Makalu-ELP | ++----------------------+ +| Cortex-Hunter | ++----------------------+ | Neoverse-N1 | +----------------------+ | Neoverse-N2 | +----------------------+ | Neoverse-V1 | +----------------------+ +| Neoverse-Demeter | ++----------------------+ +| Neoverse-Poseidon | ++----------------------+ For all other cores impacted by Spectre-BHB, some of which that do not implement FEAT_CSV2 and some that do e.g. Cortex-A73, the recommended mitigation is to @@ -90,7 +108,7 @@ in the `SMCCC Calling Convention specification`_. The specification and implementation also enables the normal world to discover the presence of this firmware service. This patch also implements ``SMCCC_ARCH_WORKAROUND_3`` for Cortex-A57, Coxtex-A72, Cortex-A73 and Cortex-A75 using the existing workaround. -for CVE-2017-5715. +for CVE-2017-5715. Cortex-A15 patch extends Spectre V2 mitigation to Spectre-BHB. The above workaround is enabled by default (on vulnerable CPUs only). Platforms can choose to disable them at compile time if they do not require them. |