fix(cpus): workaround for CVE-2024-5660 for Cortex-X1

Implements mitigation for CVE-2024-5660 that affects Cortex-X1 revisions r0p0, r1p0, r1p1, r1p2. The workaround is to disable the hardware page aggregation at EL3 by setting CPUECTLR_EL1[46] = 1'b1. Public Documentation: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660 Change-Id: I3124db3980f2786412369a010ca6abbbbaa3b601 Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
2025-04-16 09:34:18 +00:00 · 2024-05-23 15:52:27 -05:00 · 2024-05-23 15:52:27 -05:00 · 26293a7463
commit 26293a7463
parent 26e0ff9d5e
1 changed files with 8 additions and 1 deletions
--- a/lib/cpus/aarch64/cortex_x1.S
+++ b/lib/cpus/aarch64/cortex_x1.S
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2023, Google LLC. All rights reserved.
+ * Copyright (c) 2022-2024, Google LLC. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@ -23,6 +23,13 @@
 	wa_cve_2022_23960_bhb_vector_table CORTEX_X1_BHB_LOOP_COUNT, cortex_x1
 #endif /* WORKAROUND_CVE_2022_23960 */

+/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */
+workaround_reset_start cortex_x1, CVE(2024, 5660), WORKAROUND_CVE_2024_5660
+	sysreg_bit_set CORTEX_X1_CPUECTLR_EL1, BIT(46)
+workaround_reset_end cortex_x1, CVE(2024, 5660)
+
+check_erratum_ls cortex_x1, CVE(2024, 5660), CPU_REV(1, 2)
+
 workaround_reset_start cortex_x1, ERRATUM(1688305), ERRATA_X1_1688305
 	sysreg_bit_set CORTEX_X1_ACTLR2_EL1, BIT(1)
 workaround_reset_end cortex_x1, ERRATUM(1688305)