Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-20 19:44:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(cpus): workaround for CVE-2024-5660 for Cortex-A77

Browse source 
Implements mitigation for CVE-2024-5660 that affects Cortex-A77
revisions r0p0, r1p0, r1p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.

Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660

Change-Id: Ic71b163883ea624e9f2f77deb8b30c69612938b9
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
This commit is contained in:
Sona Mathew 2024-05-23 16:06:19 -05:00
parent 85709f6619
commit aed3e8b59a
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/cpus/aarch64/cortex_a77.S
View file

@ -26,6 +26,13 @@
wa_cve_2022_23960_bhb_vector_table CORTEX_A77_BHB_LOOP_COUNT, cortex_a77 wa_cve_2022_23960_bhb_vector_table CORTEX_A77_BHB_LOOP_COUNT, cortex_a77
#endif /* WORKAROUND_CVE_2022_23960 */ #endif /* WORKAROUND_CVE_2022_23960 */
/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */
workaround_reset_start cortex_a77, CVE(2024, 5660), WORKAROUND_CVE_2024_5660
sysreg_bit_set CORTEX_A77_CPUECTLR_EL1, BIT(46)
workaround_reset_end cortex_a77, CVE(2024, 5660)
check_erratum_ls cortex_a77, CVE(2024, 5660), CPU_REV(1, 1)
workaround_reset_start cortex_a77, ERRATUM(1508412), ERRATA_A77_1508412 workaround_reset_start cortex_a77, ERRATUM(1508412), ERRATA_A77_1508412
/* move cpu revision in again and compare against r0p0 */ /* move cpu revision in again and compare against r0p0 */
mov x0, x7 mov x0, x7