- 15 Oct, 2018 1 commit
-
-
Deepak Pandey authored
macro jump_if_cpu_midr is used commonly by many arm platform. It has now been relocated to common place to remove duplication of code. Change-Id: Ic0876097dbc085df4f90eadb4b7687dde7c726da Signed-off-by:Deepak Pandey <Deepak.Pandey@arm.com>
-
- 28 Sep, 2018 1 commit
-
-
Antonio Nino Diaz authored
Change-Id: Icd1cdd42afdc78895a9be6c46b414b0a155cfa63 Signed-off-by:Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 Sep, 2018 2 commits
-
-
Varun Wadekar authored
For Denver CPUs, this approach enables the mitigation during EL3 initialization, following every PE reset. No mechanism is provided to disable the mitigation at runtime. This approach permanently mitigates the EL3 software stack only. Other software components are responsible to enable it for their exception levels. TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN3 and earlier: * By setting bit 11 (Disable speculative store buffering) of `ACTLR_EL3` * By setting bit 9 (Disable speculative memory disambiguation) of `ACTLR_EL3` TF-A implements this approach for the Denver CPUs with DENVER_MIDR_PN4 and later: * By setting bit 18 (Disable speculative store buffering) of `ACTLR_EL3` * By setting bit 17 (Disable speculative memory disambiguation) of `ACTLR_EL3` Change-Id: If1de96605ce3f7b0aff5fab2c828e5aecb687555 Signed-off-by:Varun Wadekar <vwadekar@nvidia.com>
-
Varun Wadekar authored
Denver CPUs expect the power state field to be reset to 'C1' during boot. This patch updates the reset handler to reset the ACTLR_.PMSTATE field to 'C1' state during CPU boot. Change-Id: I7cb629627a4dd1a30ec5cbb3a5e90055244fe30c Signed-off-by:
-
- 17 Aug, 2018 1 commit
-
-
John Tsichritzis authored
If the system is in near idle conditions, this erratum could cause a deadlock or data corruption. This patch applies the workaround that prevents this. This DSU erratum affects only the DSUs that contain the ACP interface and it was fixed in r2p0. The workaround is applied only to the DSUs that are actually affected. Link to respective Arm documentation: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.epm138168/index.html Change-Id: I033213b3077685130fc1e3f4f79c4d15d7483ec9 Signed-off-by:
John Tsichritzis <john.tsichritzis@arm.com>
-
- 18 Jul, 2018 1 commit
-
-
Konstantin Porotchkin authored
Add definition of EL1 L2 Auxilary Control register to Cortex A72 library headers. Signed-off-by:Konstantin Porotchkin <kostap@marvell.com>
-
- 11 Jul, 2018 4 commits
-
-
Joel Hutton authored
Change-Id: Ic0486131c493632eadf329f80b0b5904aed5e4ef Signed-off-by:
Joel Hutton <joel.hutton@arm.com> Signed-off-by:
Dimitris Papastamos <dimitris.papastamos@arm.com>
-
Joel Hutton authored
Change-Id: I2c4b06423fcd96af9351b88a5e2818059f981f1b Signed-off-by:
-
Roberto Vargas authored
This check was added to ensure the correct behaviour of fill_constants macro. This macro has been verified and it is known his correct behaviour. The check generates an error when the clang assembler is used, so it is better to remove the check. Change-Id: I3447ff9e9e5ee5cf0502f65e53c3d105d9396b8b Signed-off-by:Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
This directive is not implemented by clang assembler. The traditional way to implement structs in assembly is using two macros for every field, one for the offset, and another one for the size. For every field, the offset can be calculated using the size and offset of the previous field. Change-Id: Iacc6781e8f302fb925898737b8e85ab4e88a51cc Signed-off-by:
-
- 08 Jun, 2018 4 commits
-
-
Dimitris Papastamos authored
The Cortex-A76 implements SMCCC_ARCH_WORKAROUND_2 as defined in "Firmware interfaces for mitigating cache speculation vulnerabilities System Software on Arm Systems"[0]. Dynamic mitigation for CVE-2018-3639 is enabled/disabled by setting/clearning bit 16 (Disable load pass store) of `CPUACTLR2_EL1`. NOTE: The generic code that implements dynamic mitigation does not currently implement the expected semantics when dispatching an SDEI event to a lower EL. This will be fixed in a separate patch. [0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification Change-Id: I8fb2862b9ab24d55a0e9693e48e8be4df32afb5a Signed-off-by:
-
Dimitris Papastamos authored
The workaround uses the instruction patching feature of the Ares cpu. Change-Id: I868fce0dc0e8e41853dcce311f01ee3867aabb59 Signed-off-by: -
Dimitris Papastamos authored
Change-Id: Ia170c12d3929a616ba80eb7645c301066641f5cc Signed-off-by: -
Isla Mitchell authored
Both Cortex-Ares and Cortex-A76 CPUs use the ARM DynamIQ Shared Unit (DSU). The power-down and power-up sequences are therefore mostly managed in hardware, and required software operations are simple. Change-Id: I3a9447b5bdbdbc5ed845b20f6564d086516fa161 Signed-off-by:Isla Mitchell <isla.mitchell@arm.com>
-
- 23 May, 2018 4 commits
-
-
Dimitris Papastamos authored
Some CPUS may benefit from using a dynamic mitigation approach for CVE-2018-3639. A new SMC interface is defined to allow software executing in lower ELs to enable or disable the mitigation for their execution context. It should be noted that regardless of the state of the mitigation for lower ELs, code executing in EL3 is always mitigated against CVE-2018-3639. NOTE: This change is a compatibility break for any platform using the declare_cpu_ops_workaround_cve_2017_5715 macro. Migrate to the declare_cpu_ops_wa macro instead. Change-Id: I3509a9337ad217bbd96de9f380c4ff8bf7917013 Signed-off-by: -
Dimitris Papastamos authored
Implement static mitigation for CVE-2018-3639 on Cortex A57 and A72. Change-Id: I83409a16238729b84142b19e258c23737cc1ddc3 Signed-off-by: -
Dimitris Papastamos authored
For affected CPUs, this approach enables the mitigation during EL3 initialization, following every PE reset. No mechanism is provided to disable the mitigation at runtime. This approach permanently mitigates the entire software stack and no additional mitigation code is required in other software components. TF-A implements this approach for the following affected CPUs: * Cortex-A57 and Cortex-A72, by setting bit 55 (Disable load pass store) of `CPUACTLR_EL1` (`S3_1_C15_C2_0`). * Cortex-A73, by setting bit 3 of `S3_0_C15_C0_0` (not documented in the Technical Reference Manual (TRM)). * Cortex-A75, by setting bit 35 (reserved in TRM) of `CPUACTLR_EL1` (`S3_0_C15_C1_0`). Additionally, a new SMC interface is implemented to allow software executing in lower ELs to discover whether the system is mitigated against CVE-2018-3639. Refer to "Firmware interfaces for mitigating cache speculation vulnerabilities System Software on Arm Systems"[0] for more information. [0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification Change-Id: I084aa7c3bc7c26bf2df2248301270f77bed22ceb Signed-off-by: -
Dimitris Papastamos authored
This patch renames symbols and files relating to CVE-2017-5715 to make it easier to introduce new symbols and files for new CVE mitigations. Change-Id: I24c23822862ca73648c772885f1690bed043dbc7 Signed-off-by:
-
- 12 Apr, 2018 1 commit
-
-
Jonathan Wright authored
A fix for errata 843419 may be available in revision r0p4 of the Cortex-A53 processor. The presence of the fix is determined by checking bit 8 in the REVIDR register. If the fix is present we report ERRATA_NOT_APPLIES which silences the erroneous 'missing workaround' warning. Change-Id: Ibd2a478df3e2a6325442a6a48a0bb0259dcfc1d7 Signed-off-by:Jonathan Wright <jonathan.wright@arm.com>
-
- 14 Mar, 2018 2 commits
-
-
Dimitris Papastamos authored
When querying `SMCCC_ARCH_WORKAROUND_1` through `SMCCC_ARCH_FEATURES`, return either: * -1 to indicate the PE on which `SMCCC_ARCH_FEATURES` is called requires firmware mitigation for CVE-2017-5715 but the mitigation is not compiled in. * 0 to indicate that firmware mitigation is required, or * 1 to indicate that no firmware mitigation is required. This patch complies with v1.2 of the firmware interfaces specification (ARM DEN 0070A). Change-Id: Ibc32d6620efdac6c340758ec502d95554a55f02a Signed-off-by: -
Dimitris Papastamos authored
If the CSV2 field reads as 1 then branch targets trained in one context cannot affect speculative execution in a different context. In that case skip the workaround on Cortex A72 and A73. Change-Id: Ide24fb6efc77c548e4296295adc38dca87d042ee Signed-off-by:
-
- 28 Feb, 2018 1 commit
-
-
Roberto Vargas authored
Rule 8.4: A compatible declaration shall be visible when an object or function with external linkage is defined. Change-Id: I26e042cb251a6f9590afa1340fdac73e42f23979 Signed-off-by:
-
- 27 Feb, 2018 3 commits
-
-
Dimitris Papastamos authored
Change-Id: I61c9fdfda0c0b3c3ec6249519db23602cf4c2100 Signed-off-by: -
Dimitris Papastamos authored
This patch also fixes the assumption that the counters are disabled on the resume path. This is incorrect as the AMU counters are enabled early in the CPU reset function before `cpuamu_context_restore()` runs. Change-Id: I38a94eb166a523f00de18e86860434ffccff2131 Signed-off-by: -
Dimitris Papastamos authored
This patch also fixes `cpuamu_write_cpuamcntenclr_el0()` to use an MSR instruction instead of an MRS instruction. Change-Id: Ia6531f64b5ebc60ba432124eaa8d8eaccba40ed0 Signed-off-by:
-
- 18 Jan, 2018 2 commits
-
-
Dimitris Papastamos authored
A per-cpu vbar is installed that implements the workaround by invalidating the branch target buffer (BTB) directly in the case of A9 and A17 and indirectly by invalidating the icache in the case of A15. For Cortex A57 and A72 there is currently no workaround implemented when EL3 is in AArch32 mode so report it as missing. For other vulnerable CPUs (e.g. Cortex A73 and Cortex A75), there are no changes since there is currently no upstream AArch32 EL3 support for these CPUs. Change-Id: Ib42c6ef0b3c9ff2878a9e53839de497ff736258f Signed-off-by: -
Roberto Vargas authored
This patch enables BL2 to execute at the highest exception level without any dependancy on TF BL1. This enables platforms which already have a non-TF Boot ROM to directly load and execute BL2 and subsequent BL stages without need for BL1. This is not currently possible because BL2 executes at S-EL1 and cannot jump straight to EL3. Change-Id: Ief1efca4598560b1b8c8e61fbe26d1f44e929d69 Signed-off-by:
-
- 11 Jan, 2018 1 commit
-
-
Dimitris Papastamos authored
Change-Id: I504d3f65ca5829bc1f4ebadb764931f8379ee81f Signed-off-by:
-
- 29 Nov, 2017 1 commit
-
-
Dimitris Papastamos authored
The Cortex A75 has 5 AMU counters. The first three counters are fixed and the remaining two are programmable. A new build option is introduced, `ENABLE_AMU`. When set, the fixed counters will be enabled for use by lower ELs. The programmable counters are currently disabled. Change-Id: I4bd5208799bb9ed7d2596e8b0bfc87abbbe18740 Signed-off-by:
-
- 08 Nov, 2017 6 commits
-
-
Etienne Carriere authored
Signed-off-by:Etienne Carriere <etienne.carriere@linaro.org>
-
Etienne Carriere authored
Signed-off-by: -
Etienne Carriere authored
Signed-off-by: -
Etienne Carriere authored
Signed-off-by: -
Etienne Carriere authored
As Cortex-A9 needs to manually enable program flow prediction, do not reset SCTLR[Z] at entry. Platform should enable it only once MMU is enabled. Change-Id: I34e1ee2da73221903f7767f23bc6fc10ad01e3de Signed-off-by: -
Etienne Carriere authored
Signed-off-by:
-
- 07 Sep, 2017 2 commits
-
-
Eleanor Bonnici authored
Erratum 855971 applies to revision r0p3 or earlier Cortex-A72 CPUs. The recommended workaround is to disable instruction prefetch. Change-Id: I7fde74ee2a8a23b2a8a1891b260f0eb909fad4bf Signed-off-by:
Eleanor Bonnici <Eleanor.bonnici@arm.com> Signed-off-by:
Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Eleanor Bonnici authored
Erratum 855972 applies to revision r1p3 or earlier Cortex-A57 CPUs. The recommended workaround is to disable instruction prefetch. Change-Id: I56eeac0b753eb1432bd940083372ad6f7e93b16a Signed-off-by:
-
- 29 Aug, 2017 2 commits
-
-
Eleanor Bonnici authored
At present, various CPU register macros that refer to CPUACTLR are named ACTLR. This patch fixes that. The previous register names are retained, but guarded by the ERROR_DEPRECATED macro, so as not to break platforms that continue using the old names. Change-Id: Ia872196d81803f8f390b887d149e0fd054df519b Signed-off-by: -
Eleanor Bonnici authored
In order to avoid Undefined behavior, left operand in left-shift expressions needs to be unsigned, and of sufficient size. The safest and most consistent approach is to use unsigned long long type. Change-Id: I9612f16a6e6ea4c7df62a02497d862abf19b8e1b Signed-off-by:
-
- 20 Jun, 2017 1 commit
-
-
Dimitris Papastamos authored
Fixes ARM-software/tf-issues#495 Change-Id: I6a0aea78f670cc199873218a18af1d9cc2a6fafd Signed-off-by:
-
