Commit e0865708 authored by Dimitris Papastamos's avatar Dimitris Papastamos
Browse files

aarch32: Implement static workaround for CVE-2018-3639



Implement static mitigation for CVE-2018-3639 on
Cortex A57 and A72.

Change-Id: I83409a16238729b84142b19e258c23737cc1ddc3
Signed-off-by: default avatarDimitris Papastamos <dimitris.papastamos@arm.com>
parent b8a25bbb
...@@ -44,6 +44,7 @@ ...@@ -44,6 +44,7 @@
#define CORTEX_A57_CPUACTLR p15, 0, c15 #define CORTEX_A57_CPUACTLR p15, 0, c15
#define CORTEX_A57_CPUACTLR_DIS_LOAD_PASS_DMB (ULL(1) << 59) #define CORTEX_A57_CPUACTLR_DIS_LOAD_PASS_DMB (ULL(1) << 59)
#define CORTEX_A57_CPUACTLR_DIS_LOAD_PASS_STORE (ULL(1) << 55)
#define CORTEX_A57_CPUACTLR_GRE_NGRE_AS_NGNRE (ULL(1) << 54) #define CORTEX_A57_CPUACTLR_GRE_NGRE_AS_NGNRE (ULL(1) << 54)
#define CORTEX_A57_CPUACTLR_DIS_OVERREAD (ULL(1) << 52) #define CORTEX_A57_CPUACTLR_DIS_OVERREAD (ULL(1) << 52)
#define CORTEX_A57_CPUACTLR_NO_ALLOC_WBWA (ULL(1) << 49) #define CORTEX_A57_CPUACTLR_NO_ALLOC_WBWA (ULL(1) << 49)
......
...@@ -32,6 +32,7 @@ ...@@ -32,6 +32,7 @@
#define CORTEX_A72_CPUACTLR p15, 0, c15 #define CORTEX_A72_CPUACTLR p15, 0, c15
#define CORTEX_A72_CPUACTLR_DISABLE_L1_DCACHE_HW_PFTCH (ULL(1) << 56) #define CORTEX_A72_CPUACTLR_DISABLE_L1_DCACHE_HW_PFTCH (ULL(1) << 56)
#define CORTEX_A72_CPUACTLR_DIS_LOAD_PASS_STORE (ULL(1) << 55)
#define CORTEX_A72_CPUACTLR_NO_ALLOC_WBWA (ULL(1) << 49) #define CORTEX_A72_CPUACTLR_NO_ALLOC_WBWA (ULL(1) << 49)
#define CORTEX_A72_CPUACTLR_DCC_AS_DCCI (ULL(1) << 44) #define CORTEX_A72_CPUACTLR_DCC_AS_DCCI (ULL(1) << 44)
#define CORTEX_A72_CPUACTLR_DIS_INSTR_PREFETCH (ULL(1) << 32) #define CORTEX_A72_CPUACTLR_DIS_INSTR_PREFETCH (ULL(1) << 32)
......
...@@ -337,6 +337,15 @@ func check_errata_cve_2017_5715 ...@@ -337,6 +337,15 @@ func check_errata_cve_2017_5715
bx lr bx lr
endfunc check_errata_cve_2017_5715 endfunc check_errata_cve_2017_5715
func check_errata_cve_2018_3639
#if WORKAROUND_CVE_2018_3639
mov r0, #ERRATA_APPLIES
#else
mov r0, #ERRATA_MISSING
#endif
bx lr
endfunc check_errata_cve_2018_3639
/* ------------------------------------------------- /* -------------------------------------------------
* The CPU Ops reset function for Cortex-A57. * The CPU Ops reset function for Cortex-A57.
* Shall clobber: r0-r6 * Shall clobber: r0-r6
...@@ -392,6 +401,14 @@ func cortex_a57_reset_func ...@@ -392,6 +401,14 @@ func cortex_a57_reset_func
bl errata_a57_859972_wa bl errata_a57_859972_wa
#endif #endif
#if WORKAROUND_CVE_2018_3639
ldcopr16 r0, r1, CORTEX_A57_CPUACTLR
orr64_imm r0, r1, CORTEX_A57_CPUACTLR_DIS_LOAD_PASS_STORE
stcopr16 r0, r1, CORTEX_A57_CPUACTLR
isb
dsb sy
#endif
/* --------------------------------------------- /* ---------------------------------------------
* Enable the SMP bit. * Enable the SMP bit.
* --------------------------------------------- * ---------------------------------------------
...@@ -525,6 +542,7 @@ func cortex_a57_errata_report ...@@ -525,6 +542,7 @@ func cortex_a57_errata_report
report_errata ERRATA_A57_833471, cortex_a57, 833471 report_errata ERRATA_A57_833471, cortex_a57, 833471
report_errata ERRATA_A57_859972, cortex_a57, 859972 report_errata ERRATA_A57_859972, cortex_a57, 859972
report_errata WORKAROUND_CVE_2017_5715, cortex_a57, cve_2017_5715 report_errata WORKAROUND_CVE_2017_5715, cortex_a57, cve_2017_5715
report_errata WORKAROUND_CVE_2018_3639, cortex_a57, cve_2018_3639
pop {r12, lr} pop {r12, lr}
bx lr bx lr
......
...@@ -92,6 +92,15 @@ func check_errata_cve_2017_5715 ...@@ -92,6 +92,15 @@ func check_errata_cve_2017_5715
bx lr bx lr
endfunc check_errata_cve_2017_5715 endfunc check_errata_cve_2017_5715
func check_errata_cve_2018_3639
#if WORKAROUND_CVE_2018_3639
mov r0, #ERRATA_APPLIES
#else
mov r0, #ERRATA_MISSING
#endif
bx lr
endfunc check_errata_cve_2018_3639
/* ------------------------------------------------- /* -------------------------------------------------
* The CPU Ops reset function for Cortex-A72. * The CPU Ops reset function for Cortex-A72.
* ------------------------------------------------- * -------------------------------------------------
...@@ -105,6 +114,15 @@ func cortex_a72_reset_func ...@@ -105,6 +114,15 @@ func cortex_a72_reset_func
mov r0, r4 mov r0, r4
bl errata_a72_859971_wa bl errata_a72_859971_wa
#endif #endif
#if WORKAROUND_CVE_2018_3639
ldcopr16 r0, r1, CORTEX_A72_CPUACTLR
orr64_imm r0, r1, CORTEX_A72_CPUACTLR_DIS_LOAD_PASS_STORE
stcopr16 r0, r1, CORTEX_A72_CPUACTLR
isb
dsb sy
#endif
/* --------------------------------------------- /* ---------------------------------------------
* Enable the SMP bit. * Enable the SMP bit.
* --------------------------------------------- * ---------------------------------------------
...@@ -241,6 +259,7 @@ func cortex_a72_errata_report ...@@ -241,6 +259,7 @@ func cortex_a72_errata_report
*/ */
report_errata ERRATA_A72_859971, cortex_a72, 859971 report_errata ERRATA_A72_859971, cortex_a72, 859971
report_errata WORKAROUND_CVE_2017_5715, cortex_a72, cve_2017_5715 report_errata WORKAROUND_CVE_2017_5715, cortex_a72, cve_2017_5715
report_errata WORKAROUND_CVE_2018_3639, cortex_a72, cve_2018_3639
pop {r12, lr} pop {r12, lr}
bx lr bx lr
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment