diff options
author | Dimitris Papastamos <dimitris.papastamos@arm.com> | 2017-11-30 14:53:53 +0000 |
---|---|---|
committer | Dimitris Papastamos <dimitris.papastamos@arm.com> | 2018-01-11 10:26:15 +0000 |
commit | f62ad322695d16178db464dc062fe0af592c6780 (patch) | |
tree | f814211090c6e75550c908a47a45fcad022a186f /bl31/bl31.mk | |
parent | 08e06be81946de2701429e72840bb76ee3f9a48e (diff) | |
download | trusted-firmware-a-f62ad322695d16178db464dc062fe0af592c6780.tar.gz |
Workaround for CVE-2017-5715 on Cortex A57 and A72
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling
and enabling the MMU. To achieve this without performing any branch
instruction, a per-cpu vbar is installed which executes the workaround
and then branches off to the corresponding vector entry in the main
vector table. A side effect of this change is that the main vbar is
configured before any reset handling. This is to allow the per-cpu
reset function to override the vbar setting.
This workaround is enabled by default on the affected CPUs.
Change-Id: I97788d38463a5840a410e3cea85ed297a1678265
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Diffstat (limited to 'bl31/bl31.mk')
-rw-r--r-- | bl31/bl31.mk | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/bl31/bl31.mk b/bl31/bl31.mk index fdcc93139a..0732e05215 100644 --- a/bl31/bl31.mk +++ b/bl31/bl31.mk @@ -58,6 +58,10 @@ ifeq (${ENABLE_SVE_FOR_NS},1) BL31_SOURCES += lib/extensions/sve/sve.c endif +ifeq (${WORKAROUND_CVE_2017_5715},1) +BL31_SOURCES += lib/cpus/aarch64/workaround_cve_2017_5715_mmu.S +endif + BL31_LINKERFILE := bl31/bl31.ld.S # Flag used to indicate if Crash reporting via console should be included |