TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-A / trusted-firmware-a / 64618d66402d6b7ae3e1aec40129bfd7ec70b55c
commit64618d66402d6b7ae3e1aec40129bfd7ec70b55c[log] [tgz]
authorArvind Ram Prakash <arvind.ramprakash@arm.com>Mon Feb 03 17:17:30 2025 +0100
committerYann Gautier <yann.gautier@st.com>Mon Feb 03 17:28:59 2025 +0100
treee0e41c757abc1c1e98d6abb7305b144c2ac25f57
parentb5386661a818abdc476ffcc308750291373c1dab [diff]
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_7881 [1] is enabled
by the platform. If CVE_2024_7881 mitigation
is implemented, the discovery call returns 0,
if not -1 (SMC_ARCH_CALL_NOT_SUPPORTED).

For more information about SMCCC_ARCH_WORKAROUND_4 [2], please
refer to the SMCCC Specification reference provided below.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
[2]: https://developer.arm.com/documentation/den0028/latest

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I1b1ffaa1f806f07472fd79d5525f81764d99bc79
(cherry picked from commit 8ae6b1ad6c9c57b09b6d4e7ae3cbdf3aed6455b1)
9 files changed
tree: e0e41c757abc1c1e98d6abb7305b144c2ac25f57
  1. .husky/
  2. bl1/
  3. bl2/
  4. bl2u/
  5. bl31/
  6. bl32/
  7. common/
  8. docs/
  9. drivers/
  10. fdts/
  11. include/
  12. lib/
  13. licenses/
  14. make_helpers/
  15. plat/
  16. services/
  17. tools/
  18. .checkpatch.conf
  19. .commitlintrc.js
  20. .cz.json
  21. .editorconfig
  22. .gitignore
  23. .gitreview
  24. .nvmrc
  25. .readthedocs.yaml
  26. .versionrc.cjs
  27. changelog.yaml
  28. dco.txt
  29. license.rst
  30. Makefile
  31. package-lock.json
  32. package.json
  33. poetry.lock
  34. pyproject.toml
  35. readme.rst