From c818bf1d60c01e1a8953bf0051987dea4db7c4bf Mon Sep 17 00:00:00 2001
From: Sona Mathew <sonarebecca.mathew@arm.com>
Date: Thu, 23 May 2024 15:54:59 -0500
Subject: [PATCH] fix(cpus): workaround for CVE-2024-5660 for Cortex-A78

Implements mitigation for CVE-2024-5660 that affects Cortex-A78
revisions r0p0, r1p0, r1p1, r1p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.

Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660

Change-Id: I4e40388bef814481943b2459fe35dd7267c625a2
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
---
 lib/cpus/aarch64/cortex_a78.S | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/cpus/aarch64/cortex_a78.S b/lib/cpus/aarch64/cortex_a78.S
index 1de570a0f..9f2ffdf8f 100644
--- a/lib/cpus/aarch64/cortex_a78.S
+++ b/lib/cpus/aarch64/cortex_a78.S
@@ -24,6 +24,13 @@
 	wa_cve_2022_23960_bhb_vector_table CORTEX_A78_BHB_LOOP_COUNT, cortex_a78
 #endif /* WORKAROUND_CVE_2022_23960 */
 
+/* Disable hardware page aggregation.Enables mitigation for `CVE-2024-5660` */
+workaround_reset_start cortex_a78, CVE(2024, 5660), WORKAROUND_CVE_2024_5660
+	sysreg_bit_set CORTEX_A78_CPUECTLR_EL1, BIT(46)
+workaround_reset_end cortex_a78, CVE(2024, 5660)
+
+check_erratum_ls cortex_a78, CVE(2024, 5660), CPU_REV(1, 2)
+
 workaround_reset_start cortex_a78, ERRATUM(1688305), ERRATA_A78_1688305
 	sysreg_bit_set CORTEX_A78_ACTLR2_EL1, CORTEX_A78_ACTLR2_EL1_BIT_1
 workaround_reset_end cortex_a78, ERRATUM(1688305)