Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-27 07:15:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2

Browse source 
Implements mitigation for CVE-2024-5660 that affects Neoverse-N2
revisions r0p0, r0p1, r0p2, r0p3.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
This patch implements the erratum mitigation for Neoverse-N2.

Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660

Change-Id: I2b9dea78771cc159586a03ff563c0ec79591ea64
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
This commit is contained in:
Sona Mathew 2024-05-21 14:20:44 -05:00
parent 0d7b503f8a
commit 26e0ff9d5e
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/cpus/aarch64/neoverse_n2.S
View file

@ -34,6 +34,13 @@
.equ erratum_neoverse_n2_2313941_wa, errata_dsu_2313941_wa .equ erratum_neoverse_n2_2313941_wa, errata_dsu_2313941_wa
add_erratum_entry neoverse_n2, ERRATUM(2313941), ERRATA_DSU_2313941, APPLY_AT_RESET add_erratum_entry neoverse_n2, ERRATUM(2313941), ERRATA_DSU_2313941, APPLY_AT_RESET
/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */
workaround_reset_start neoverse_n2, CVE(2024, 5660), WORKAROUND_CVE_2024_5660
sysreg_bit_set NEOVERSE_N2_CPUECTLR_EL1, BIT(46)
workaround_reset_end neoverse_n2, CVE(2024, 5660)
check_erratum_ls neoverse_n2, CVE(2024, 5660), CPU_REV(0, 3)
workaround_reset_start neoverse_n2, ERRATUM(2002655), ERRATA_N2_2002655 workaround_reset_start neoverse_n2, ERRATUM(2002655), ERRATA_N2_2002655
/* Apply instruction patching sequence */ /* Apply instruction patching sequence */
ldr x0,=0x6 ldr x0,=0x6