diff options
| author | Dimitris Papastamos <dimitris.papastamos@arm.com> | 2017-11-30 14:53:53 +0000 |
|---|---|---|
| committer | Igal Liberman <igall@marvell.com> | 2018-01-22 14:52:15 +0200 |
| commit | 59dc3f05d1dcbb3cedc7a0550fe7247b952a6505 (patch) | |
| tree | ec2c0f7775e7fca16d37dd933e7e7325fe9c5e8a /bl31 | |
| parent | 6d269a9b6c8ddb2d19d1087ec9ec20901af78278 (diff) | |
Workaround for CVE-2017-5715 on Cortex A57 and A72
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling
and enabling the MMU. To achieve this without performing any branch
instruction, a per-cpu vbar is installed which executes the workaround
and then branches off to the corresponding vector entry in the main
vector table. A side effect of this change is that the main vbar is
configured before any reset handling. This is to allow the per-cpu
reset function to override the vbar setting.
This workaround is enabled by default on the affected CPUs.
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Change-Id: I10920c4980ebebf9be83d48186c5f98f9eed6534
[Resolve conflicts]
Signed-off-by: Marcin Wojtas <mw@semihalf.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/48848
Reviewed-by: Igal Liberman <igall@marvell.com>
Tested-by: iSoC Platform CI <ykjenk@marvell.com>
Diffstat (limited to 'bl31')
| -rw-r--r-- | bl31/aarch64/runtime_exceptions.S | 20 | ||||
| -rw-r--r-- | bl31/bl31.mk | 4 |
2 files changed, 24 insertions, 0 deletions
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S index 45b0213d..994239ed 100644 --- a/bl31/aarch64/runtime_exceptions.S +++ b/bl31/aarch64/runtime_exceptions.S @@ -14,6 +14,26 @@ .globl runtime_exceptions + .globl sync_exception_sp_el0 + .globl irq_sp_el0 + .globl fiq_sp_el0 + .globl serror_sp_el0 + + .globl sync_exception_sp_elx + .globl irq_sp_elx + .globl fiq_sp_elx + .globl serror_sp_elx + + .globl sync_exception_aarch64 + .globl irq_aarch64 + .globl fiq_aarch64 + .globl serror_aarch64 + + .globl sync_exception_aarch32 + .globl irq_aarch32 + .globl fiq_aarch32 + .globl serror_aarch32 + /* --------------------------------------------------------------------- * This macro handles Synchronous exceptions. * Only SMC exceptions are supported. diff --git a/bl31/bl31.mk b/bl31/bl31.mk index 0c9e3939..59cfae18 100644 --- a/bl31/bl31.mk +++ b/bl31/bl31.mk @@ -21,6 +21,10 @@ ifeq (${ENABLE_PMF}, 1) BL31_SOURCES += lib/pmf/pmf_main.c endif +ifeq (${WORKAROUND_CVE_2017_5715},1) +BL31_SOURCES += lib/cpus/aarch64/workaround_cve_2017_5715_mmu.S +endif + BL31_LINKERFILE := bl31/bl31.ld.S # Flag used to indicate if Crash reporting via console should be included |