diff options
author | Dimitris Papastamos <dimitris.papastamos@arm.com> | 2018-05-16 11:36:14 +0100 |
---|---|---|
committer | Kostya Porotchkin <kostap@marvell.com> | 2018-06-21 15:03:05 +0300 |
commit | c7e51f1e881778a6d945fd4ff72b30cab87f8754 (patch) | |
tree | 2edbf5919da8ea4153a411b9804a7a5c1daa0833 /docs | |
parent | c9ad0aa0cf79da2a1792c7ca4b786ec6bc74b5f3 (diff) |
Add support for dynamic mitigation for CVE-2018-3639
Some CPUS may benefit from using a dynamic mitigation approach for
CVE-2018-3639. A new SMC interface is defined to allow software
executing in lower ELs to enable or disable the mitigation for their
execution context.
It should be noted that regardless of the state of the mitigation for
lower ELs, code executing in EL3 is always mitigated against
CVE-2018-3639.
NOTE: This change is a compatibility break for any platform using
the declare_cpu_ops_workaround_cve_2017_5715 macro. Migrate to
the declare_cpu_ops_wa macro instead.
Change-Id: I3509a9337ad217bbd96de9f380c4ff8bf7917013
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/56699
Tested-by: Kostya Porotchkin <kostap@marvell.com>
Reviewed-by: Kostya Porotchkin <kostap@marvell.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/cpu-specific-build-macros.rst | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/cpu-specific-build-macros.rst b/docs/cpu-specific-build-macros.rst index a89305b7..c11f6403 100644 --- a/docs/cpu-specific-build-macros.rst +++ b/docs/cpu-specific-build-macros.rst @@ -30,6 +30,11 @@ vulnerability workarounds should be applied at runtime. CVE-2018-3639, in order to comply with the recommendation in the spec regarding workaround discovery. +- ``DYNAMIC_WORKAROUND_CVE_2018_3639``: Enables dynamic mitigation for + `CVE-2018-3639`_. This build option should be set to 1 if the target + platform contains at least 1 CPU that requires dynamic mitigation. + Defaults to 0. + CPU Errata Workarounds ---------------------- |