From f62ad322695d16178db464dc062fe0af592c6780 Mon Sep 17 00:00:00 2001 From: Dimitris Papastamos Date: Thu, 30 Nov 2017 14:53:53 +0000 Subject: Workaround for CVE-2017-5715 on Cortex A57 and A72 Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling and enabling the MMU. To achieve this without performing any branch instruction, a per-cpu vbar is installed which executes the workaround and then branches off to the corresponding vector entry in the main vector table. A side effect of this change is that the main vbar is configured before any reset handling. This is to allow the per-cpu reset function to override the vbar setting. This workaround is enabled by default on the affected CPUs. Change-Id: I97788d38463a5840a410e3cea85ed297a1678265 Signed-off-by: Dimitris Papastamos --- include/common/aarch64/el3_common_macros.S | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/common/aarch64/el3_common_macros.S b/include/common/aarch64/el3_common_macros.S index 63a0fa770..defd4a24e 100644 --- a/include/common/aarch64/el3_common_macros.S +++ b/include/common/aarch64/el3_common_macros.S @@ -13,7 +13,7 @@ /* * Helper macro to initialise EL3 registers we care about. */ - .macro el3_arch_init_common _exception_vectors + .macro el3_arch_init_common /* --------------------------------------------------------------------- * SCTLR_EL3 has already been initialised - read current value before * modifying. @@ -49,14 +49,6 @@ bl init_cpu_data_ptr #endif /* IMAGE_BL31 */ - /* --------------------------------------------------------------------- - * Set the exception vectors. - * --------------------------------------------------------------------- - */ - adr x0, \_exception_vectors - msr vbar_el3, x0 - isb - /* --------------------------------------------------------------------- * Initialise SCR_EL3, setting all fields rather than relying on hw. * All fields are architecturally UNKNOWN on reset. The following fields @@ -220,6 +212,14 @@ do_cold_boot: .endif /* _warm_boot_mailbox */ + /* --------------------------------------------------------------------- + * Set the exception vectors. + * --------------------------------------------------------------------- + */ + adr x0, \_exception_vectors + msr vbar_el3, x0 + isb + /* --------------------------------------------------------------------- * It is a cold boot. * Perform any processor specific actions upon reset e.g. cache, TLB @@ -228,7 +228,7 @@ */ bl reset_handler - el3_arch_init_common \_exception_vectors + el3_arch_init_common .if \_secondary_cold_boot /* ------------------------------------------------------------- -- cgit v1.2.3