- 12 Nov, 2020 1 commit
-
-
johpow01 authored
This errata workaround did not work as intended and was revised in subsequent SDEN releases so we are reverting this change. This is the patch being reverted: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4684 Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I560749a5b55e22fbe49d3f428a8b9545d6bdaaf0
-
- 03 Oct, 2020 1 commit
-
-
johpow01 authored
Cortex A76 erratum 1868343 is a Cat B erratum, present in older revisions of the Cortex A76 processor core. The workaround is to set a bit in the CPUACTLR_EL1 system register, which delays instruction fetch after branch misprediction. This workaround will have a small impact on performance. This workaround is the same as workarounds for errata 1262606 and 1275112, so all 3 have been combined into one function call. SDEN can be found here: https://documentation-service.arm.com/static/5f2bed6d60a93e65927bc8e7 Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I7f2f9965f495540a1f84bb7dcc28aff45d6cee5d
-
- 18 Aug, 2020 1 commit
-
-
Manish V Badarkhe authored
Reported the status (applies, missing) of AT speculative workaround which is applicable for below CPUs. +---------+--------------+ | Errata | CPU | +=========+==============+ | 1165522 | Cortex-A76 | +---------+--------------+ | 1319367 | Cortex-A72 | +---------+--------------+ | 1319537 | Cortex-A57 | +---------+--------------+ | 1530923 | Cortex-A55 | +---------+--------------+ | 1530924 | Cortex-A53 | +---------+--------------+ Also, changes are done to enable common macro 'ERRATA_SPECULATIVE_AT' if AT speculative errata workaround is enabled for any of the above CPUs using 'ERRATA_*' CPU specific build macro. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I3e6a5316a2564071f3920c3ce9ae9a29adbe435b
-
- 22 Jun, 2020 2 commits
-
-
johpow01 authored
Cortex A76 erratum 1800710 is a Cat B erratum, present in older revisions of the Cortex A76 processor core. The workaround is to set a bit in the ECTLR_EL1 system register, which disables allocation of splintered pages in the L2 TLB. This errata is explained in this SDEN: https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf Signed-off-by: John Powell <john.powell@arm.com> Change-Id: Ifc34f2e9e053dcee6a108cfb7df7ff7f497c9493
-
johpow01 authored
Cortex A76 erratum 1791580 is a Cat B erratum present in earlier revisions of the Cortex A76. The workaround is to set a bit in the implementation defined CPUACTLR2 register, which forces atomic store operations to write-back memory to be performed in the L1 data cache. This errata is explained in this SDEN: https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf Signed-off-by: John Powell <john.powell@arm.com> Change-Id: Iefd58159b3f2e2286138993317b98e57dc361925
-
- 22 Jan, 2020 1 commit
-
-
Anthony Steinhauser authored
Even though ERET always causes a jump to another address, aarch64 CPUs speculatively execute following instructions as if the ERET instruction was not a jump instruction. The speculative execution does not cross privilege-levels (to the jump target as one would expect), but it continues on the kernel privilege level as if the ERET instruction did not change the control flow - thus execution anything that is accidentally linked after the ERET instruction. Later, the results of this speculative execution are always architecturally discarded, however they can leak data using microarchitectural side channels. This speculative execution is very reliable (seems to be unconditional) and it manages to complete even relatively performance-heavy operations (e.g. multiple dependent fetches from uncached memory). This was fixed in Linux, FreeBSD, OpenBSD and Optee OS: https://github.com/torvalds/linux/commit/679db70801da9fda91d26caf13bf5b5ccc74e8e8 https://github.com/freebsd/freebsd/commit/29fb48ace4186a41c409fde52bcf4216e9e50b61 https://github.com/openbsd/src/commit/3a08873ece1cb28ace89fd65e8f3c1375cc98de2 https://github.com/OP-TEE/optee_os/commit/abfd092aa19f9c0251e3d5551e2d68a9ebcfec8a It is demonstrated in a SafeSide example: https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c Signed-off-by: Anthony Steinhauser <asteinhauser@google.com> Change-Id: Iead39b0b9fb4b8d8b5609daaa8be81497ba63a0f
-
- 04 Jun, 2019 1 commit
-
-
John Tsichritzis authored
Some cores support only AArch64 mode. In those cores, only a limited subset of the AArch32 system registers are implemented. Hence, if TF-A is supposed to run on AArch64-only cores, it must be compiled with CTX_INCLUDE_AARCH32_REGS=0. Currently, the default settings for compiling TF-A are with the AArch32 system registers included. So, if we compile TF-A the default way and attempt to run it on an AArch64-only core, we only get a runtime panic. Now a compile-time check has been added to ensure that this flag has the appropriate value when AArch64-only cores are included in the build. Change-Id: I298ec550037fafc9347baafb056926d149197d4c Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 07 May, 2019 2 commits
-
-
Soby Mathew authored
The workaround for Cortex-A76 errata #1286807 is implemented in this patch. Change-Id: I6c15af962ac99ce223e009f6d299cefb41043bed Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Soby Mathew authored
The workarounds for errata 1257314, 1262606, 1262888 and 1275112 are added to the Cortex-A76 cpu specific file. The workarounds are disabled by default and have to be explicitly enabled by the platform integrator. Change-Id: I70474927374cb67725f829d159ddde9ac4edc343 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 03 May, 2019 1 commit
-
-
John Tsichritzis authored
This patch fixes this issue: https://github.com/ARM-software/tf-issues/issues/660 The introduced changes are the following: 1) Some cores implement cache coherency maintenance operation on the hardware level. For those cores, such as - but not only - the DynamIQ cores, it is mandatory that TF-A is compiled with the HW_ASSISTED_COHERENCY flag. If not, the core behaviour at runtime is unpredictable. To prevent this, compile time checks have been added and compilation errors are generated, if needed. 2) To enable this change for FVP, a logical separation has been done for the core libraries. A system cannot contain cores of both groups, i.e. cores that manage coherency on hardware and cores that don't do it. As such, depending on the HW_ASSISTED_COHERENCY flag, FVP includes the libraries only of the relevant cores. 3) The neoverse_e1.S file has been added to the FVP sources. Change-Id: I787d15819b2add4ec0d238249e04bf0497dc12f3 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 17 Apr, 2019 1 commit
-
-
Louis Mayencourt authored
Under certain near idle conditions, DSU may miss response transfers on the ACE master or Peripheral port, leading to deadlock. This workaround disables high-level clock gating of the DSU to prevent this. Change-Id: I820911d61570bacb38dd325b3519bc8d12caa14b Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 14 Mar, 2019 2 commits
-
-
Ambroise Vincent authored
Switched from a static check to a runtime assert to make sure a workaround is implemented for CVE_2018_3639. This allows platforms that know they have the SSBS hardware workaround in the CPU to compile out code under DYNAMIC_WORKAROUND_CVE_2018_3639. The gain in memory size without the dynamic workaround is 4KB in bl31. Change-Id: I61bb7d87c59964b0c7faac5d6bc7fc5c4651cbf3 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
Ambroise Vincent authored
Change-Id: I6adf7c14e8a974a7d40d51615b5e69eab1a7436f Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 26 Feb, 2019 3 commits
-
-
Louis Mayencourt authored
Concurrent instruction TLB miss and mispredicted return instruction might fetch wrong instruction stream. Set bit 6 of CPUACTLR_EL1 to prevent this. Change-Id: I2da4f30cd2df3f5e885dd3c4825c557492d1ac58 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Streaming store under specific conditions might cause deadlock or data corruption. Set bit 25:24 of CPUECTLR_EL1, which disables write streaming to the L2 to prevent this. Change-Id: Ib5cabb997b35ada78b27e75787afd610ea606dcf Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
TLBI VAAE1 or TLBI VAALE1 targeting a page within hardware page aggregated address translation data in the L2 TLB might cause corruption of address translation data. Set bit 59 of CPUACTLR2_EL1 to prevent this. Change-Id: I59f3edea54e87d264e0794f5ca2a8c68a636e586 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 04 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca339 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 10 Dec, 2018 1 commit
-
-
Jeenu Viswambharan authored
The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass Safe) bit to mitigate against Variant 4 vulnerabilities. Although an Armv8.5 feature, this can be implemented by CPUs implementing earlier version of the architecture. With this patch, when both PSTATE.SSBS is implemented and DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to indicate that mitigation on the PE is either permanently enabled or not required. When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset of every BL stage. This means that EL3 always executes with mitigation applied. For Cortex A76, if the PE implements SSBS, the existing mitigation (by using a different vector table, and tweaking CPU ACTLR2) is not used. Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 17 Aug, 2018 1 commit
-
-
John Tsichritzis authored
If the system is in near idle conditions, this erratum could cause a deadlock or data corruption. This patch applies the workaround that prevents this. This DSU erratum affects only the DSUs that contain the ACP interface and it was fixed in r2p0. The workaround is applied only to the DSUs that are actually affected. Link to respective Arm documentation: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.epm138168/index.html Change-Id: I033213b3077685130fc1e3f4f79c4d15d7483ec9 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 11 Jul, 2018 1 commit
-
-
Roberto Vargas authored
Check_vector_size checks if the size of the vector fits in the size reserved for it. This check creates problems in the Clang assembler. A new macro, end_vector_entry, is added and check_vector_size is deprecated. This new macro fills the current exception vector until the next exception vector. If the size of the current vector is bigger than 32 instructions then it gives an error. Change-Id: Ie8545cf1003a1e31656a1018dd6b4c28a4eaf671 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 08 Jun, 2018 2 commits
-
-
Dimitris Papastamos authored
The Cortex-A76 implements SMCCC_ARCH_WORKAROUND_2 as defined in "Firmware interfaces for mitigating cache speculation vulnerabilities System Software on Arm Systems"[0]. Dynamic mitigation for CVE-2018-3639 is enabled/disabled by setting/clearning bit 16 (Disable load pass store) of `CPUACTLR2_EL1`. NOTE: The generic code that implements dynamic mitigation does not currently implement the expected semantics when dispatching an SDEI event to a lower EL. This will be fixed in a separate patch. [0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification Change-Id: I8fb2862b9ab24d55a0e9693e48e8be4df32afb5a Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
Isla Mitchell authored
Both Cortex-Ares and Cortex-A76 CPUs use the ARM DynamIQ Shared Unit (DSU). The power-down and power-up sequences are therefore mostly managed in hardware, and required software operations are simple. Change-Id: I3a9447b5bdbdbc5ed845b20f6564d086516fa161 Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
-
- 12 Jul, 2017 1 commit
-
-
Isla Mitchell authored
This fix modifies the order of system includes to meet the ARM TF coding standard. There are some exceptions in order to retain header groupings, minimise changes to imported headers, and where there are headers within the #if and #ifndef statements. Change-Id: I65085a142ba6a83792b26efb47df1329153f1624 Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
-
- 01 Jun, 2017 1 commit
-
-
David Wang authored
Both Cortex-A75 and Cortex-A55 CPUs use the ARM DynamIQ Shared Unit (DSU). The power-down and power-up sequences are therefore mostly managed in hardware, and required software operations are considerably simpler. Change-Id: I68b30e6e1ebe7c041d5e67f39c59f08575fc7ecc Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-