diff options
| author | Varun Wadekar <vwadekar@nvidia.com> | 2018-08-28 09:11:30 -0700 |
|---|---|---|
| committer | Varun Wadekar <vwadekar@nvidia.com> | 2018-09-04 17:34:08 -0700 |
| commit | 6cf8d65f274b3eb6a377c553656daf713f93713c (patch) | |
| tree | 81da7436bf5274f1c33f07d27f95af1ed290b042 /lib | |
| parent | cf3ed0dcc7127e6e554ca14fc4c07dcfabb5dc8d (diff) | |
| download | platform_external_arm-trusted-firmware-6cf8d65f274b3eb6a377c553656daf713f93713c.tar.gz platform_external_arm-trusted-firmware-6cf8d65f274b3eb6a377c553656daf713f93713c.tar.bz2 platform_external_arm-trusted-firmware-6cf8d65f274b3eb6a377c553656daf713f93713c.zip | |
cpus: denver: Implement static workaround for CVE-2018-3639
For Denver CPUs, this approach enables the mitigation during EL3
initialization, following every PE reset. No mechanism is provided to
disable the mitigation at runtime.
This approach permanently mitigates the EL3 software stack only. Other
software components are responsible to enable it for their exception
levels.
TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN3
and earlier:
* By setting bit 11 (Disable speculative store buffering) of
`ACTLR_EL3`
* By setting bit 9 (Disable speculative memory disambiguation) of
`ACTLR_EL3`
TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN4
and later:
* By setting bit 18 (Disable speculative store buffering) of
`ACTLR_EL3`
* By setting bit 17 (Disable speculative memory disambiguation) of
`ACTLR_EL3`
Change-Id: If1de96605ce3f7b0aff5fab2c828e5aecb687555
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/cpus/aarch64/denver.S | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/lib/cpus/aarch64/denver.S b/lib/cpus/aarch64/denver.S index c873f2e3e..c377b28b4 100644 --- a/lib/cpus/aarch64/denver.S +++ b/lib/cpus/aarch64/denver.S @@ -211,6 +211,15 @@ func check_errata_cve_2017_5715 ret endfunc check_errata_cve_2017_5715 +func check_errata_cve_2018_3639 +#if WORKAROUND_CVE_2018_3639 + mov x0, #ERRATA_APPLIES +#else + mov x0, #ERRATA_MISSING +#endif + ret +endfunc check_errata_cve_2018_3639 + /* ------------------------------------------------- * The CPU Ops reset function for Denver. * ------------------------------------------------- @@ -236,6 +245,25 @@ func denver_reset_func msr vbar_el3, x0 #endif +#if WORKAROUND_CVE_2018_3639 + /* + * Denver CPUs with DENVER_MIDR_PN3 or earlier, use different + * bits in the ACTLR_EL3 register to disable speculative + * store buffer and memory disambiguation. + */ + mrs x0, midr_el1 + mov_imm x1, DENVER_MIDR_PN4 + cmp x0, x1 + mrs x0, actlr_el3 + mov x1, #(DENVER_CPU_DIS_MD_EL3 | DENVER_CPU_DIS_SSB_EL3) + mov x2, #(DENVER_PN4_CPU_DIS_MD_EL3 | DENVER_PN4_CPU_DIS_SSB_EL3) + csel x3, x1, x2, ne + orr x0, x0, x3 + msr actlr_el3, x0 + isb + dsb sy +#endif + /* ---------------------------------------------------- * Reset ACTLR.PMSTATE to C1 state * ---------------------------------------------------- @@ -294,6 +322,7 @@ func denver_errata_report * checking functions of each errata. */ report_errata WORKAROUND_CVE_2017_5715, denver, cve_2017_5715 + report_errata WORKAROUND_CVE_2018_3639, denver, cve_2018_3639 ldp x8, x30, [sp], #16 ret |