From 10a8e85cbafb2429bc85ccfaa7ddc65480968733 Mon Sep 17 00:00:00 2001 From: Sona Mathew <sonarebecca.mathew@arm.com> Date: Wed, 19 Mar 2025 16:16:27 -0500 Subject: [PATCH 1/2] chore(cpus): rearrange the errata and cve in order in Cortex-A710 Patch sorts the errata IDs in ascending order and the CVE's in ascending order based on the year and index for CPU Cortex-A710. Change-Id: Ie7c2b77879f8fa5abb77204678e09cc759b10278 Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com> --- lib/cpus/aarch64/cortex_a710.S | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S index e8f5a80b3..23f785047 100644 --- a/lib/cpus/aarch64/cortex_a710.S +++ b/lib/cpus/aarch64/cortex_a710.S @@ -31,13 +31,6 @@ cpu_reset_prologue cortex_a710 -/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */ -workaround_reset_start cortex_a710, CVE(2024, 5660), WORKAROUND_CVE_2024_5660 - sysreg_bit_set CORTEX_A710_CPUECTLR_EL1, BIT(46) -workaround_reset_end cortex_a710, CVE(2024, 5660) - -check_erratum_ls cortex_a710, CVE(2024, 5660), CPU_REV(2, 1) - workaround_reset_start cortex_a710, ERRATUM(1987031), ERRATA_A710_1987031 ldr x0,=0x6 msr S3_6_c15_c8_0,x0 @@ -213,6 +206,10 @@ workaround_reset_end cortex_a710, ERRATUM(2778471) check_erratum_ls cortex_a710, ERRATUM(2778471), CPU_REV(2, 1) +add_erratum_entry cortex_a710, ERRATUM(3701772), ERRATA_A710_3701772 + +check_erratum_ls cortex_a710, ERRATUM(3701772), CPU_REV(2, 1) + workaround_reset_start cortex_a710, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* @@ -225,9 +222,12 @@ workaround_reset_end cortex_a710, CVE(2022, 23960) check_erratum_chosen cortex_a710, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 -add_erratum_entry cortex_a710, ERRATUM(3701772), ERRATA_A710_3701772 +/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */ +workaround_reset_start cortex_a710, CVE(2024, 5660), WORKAROUND_CVE_2024_5660 + sysreg_bit_set CORTEX_A710_CPUECTLR_EL1, BIT(46) +workaround_reset_end cortex_a710, CVE(2024, 5660) -check_erratum_ls cortex_a710, ERRATUM(3701772), CPU_REV(2, 1) +check_erratum_ls cortex_a710, CVE(2024, 5660), CPU_REV(2, 1) /* ---------------------------------------------------- * HW will do the cache maintenance while powering down From 174ed6188a47e6d74f12ddc42a6a03f764709877 Mon Sep 17 00:00:00 2001 From: Sona Mathew <sonarebecca.mathew@arm.com> Date: Wed, 19 Mar 2025 17:04:06 -0500 Subject: [PATCH 2/2] chore(cpus): fix cve order in Neoverse-V2 Patch rearranges CVE-2024-5660 in order based on the year and index for Neoverse-V2. Change-Id: I092a93ef3299fd733abae9c462c019f94d881413 Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com> --- lib/cpus/aarch64/neoverse_v2.S | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/cpus/aarch64/neoverse_v2.S b/lib/cpus/aarch64/neoverse_v2.S index 06521ecb4..a320d4452 100644 --- a/lib/cpus/aarch64/neoverse_v2.S +++ b/lib/cpus/aarch64/neoverse_v2.S @@ -24,13 +24,6 @@ cpu_reset_prologue neoverse_v2 -/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */ -workaround_reset_start neoverse_v2, CVE(2024, 5660), WORKAROUND_CVE_2024_5660 - sysreg_bit_set NEOVERSE_V2_CPUECTLR_EL1, BIT(46) -workaround_reset_end neoverse_v2, CVE(2024, 5660) - -check_erratum_ls neoverse_v2, CVE(2024, 5660), CPU_REV(0, 2) - workaround_reset_start neoverse_v2, ERRATUM(2331132), ERRATA_V2_2331132 sysreg_bitfield_insert NEOVERSE_V2_CPUECTLR2_EL1, NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_CNSRV, \ NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_LSB, NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_WIDTH @@ -95,6 +88,13 @@ workaround_reset_end neoverse_v2, CVE(2022,23960) check_erratum_chosen neoverse_v2, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 +/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */ +workaround_reset_start neoverse_v2, CVE(2024, 5660), WORKAROUND_CVE_2024_5660 + sysreg_bit_set NEOVERSE_V2_CPUECTLR_EL1, BIT(46) +workaround_reset_end neoverse_v2, CVE(2024, 5660) + +check_erratum_ls neoverse_v2, CVE(2024, 5660), CPU_REV(0, 2) + #if WORKAROUND_CVE_2022_23960 wa_cve_2022_23960_bhb_vector_table NEOVERSE_V2_BHB_LOOP_COUNT, neoverse_v2 #endif /* WORKAROUND_CVE_2022_23960 */