• Dimitris Papastamos's avatar
    Implement static workaround for CVE-2018-3639 · b8a25bbb
    Dimitris Papastamos authored
    For affected CPUs, this approach enables the mitigation during EL3
    initialization, following every PE reset. No mechanism is provided to
    disable the mitigation at runtime.
    
    This approach permanently mitigates the entire software stack and no
    additional mitigation code is required in other software components.
    
    TF-A implements this approach for the following affected CPUs:
    
    *   Cortex-A57 and Cortex-A72, by setting bit 55 (Disable load pass store) of
        `CPUACTLR_EL1` (`S3_1_C15_C2_0`).
    
    *   Cortex-A73, by setting bit 3 of `S3_0_C15_C0_0` (not documented in the
        Technical Reference Manual (TRM)).
    
    *   Cortex-A75, by setting bit 35 (reserved in TRM) of `CPUACTLR_EL1`
        (`S3_0_C15_C1_0`).
    
    Additionally, a new SMC interface is implemented to allow software
    executing in lower ELs to discover whether the system is mitigated
    against CVE-2018-3639.
    
    Refer to "Firmware interfaces for mitigating cache speculation
    vulnerabilities System Software on Arm Systems"[0] ...
    b8a25bbb
arm_arch_svc.h 426 Bytes
/*
 * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#ifndef __ARM_ARCH_SVC_H__
#define __ARM_ARCH_SVC_H__

#define SMCCC_VERSION			U(0x80000000)
#define SMCCC_ARCH_FEATURES		U(0x80000001)
#define SMCCC_ARCH_WORKAROUND_1		U(0x80008000)
#define SMCCC_ARCH_WORKAROUND_2		U(0x80007FFF)

#define SMCCC_ARCH_NOT_REQUIRED		-2

#endif /* __ARM_ARCH_SVC_H__ */