diff options
author | Bipin Ravi <bipin.ravi@arm.com> | 2022-02-15 23:24:51 -0600 |
---|---|---|
committer | johpow01 <john.powell@arm.com> | 2022-03-16 16:35:07 -0500 |
commit | be9121fd311ff48c94f3d90fe7efcf84586119e4 (patch) | |
tree | e03acb68fbfdd7a0608856fc5448c0856c363486 /lib/cpus/aarch64/cortex_a57.S | |
parent | fdb9166b9494402eb2da7e0b004c121b322725e0 (diff) |
fix(security): workaround for CVE-2022-23960 for Cortex-A57, Cortex-A72
Implements mitigation for Cortex-A72 CPU versions that support
the CSV2 feature(from r1p0). It also applies the mitigation for
Cortex-A57 CPU.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I7cfcf06537710f144f6e849992612033ddd79d33
Diffstat (limited to 'lib/cpus/aarch64/cortex_a57.S')
-rw-r--r-- | lib/cpus/aarch64/cortex_a57.S | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/lib/cpus/aarch64/cortex_a57.S b/lib/cpus/aarch64/cortex_a57.S index 8ef0f922a..4120f119e 100644 --- a/lib/cpus/aarch64/cortex_a57.S +++ b/lib/cpus/aarch64/cortex_a57.S @@ -470,7 +470,12 @@ func cortex_a57_reset_func bl errata_a57_859972_wa #endif -#if IMAGE_BL31 && WORKAROUND_CVE_2017_5715 +#if IMAGE_BL31 && ( WORKAROUND_CVE_2017_5715 || WORKAROUND_CVE_2022_23960 ) + /* --------------------------------------------------------------- + * Override vector table & enable existing workaround if either of + * the build flags are enabled + * --------------------------------------------------------------- + */ adr x0, wa_cve_2017_5715_mmu_vbar msr vbar_el3, x0 /* isb will be performed before returning from this function */ @@ -506,6 +511,15 @@ func cortex_a57_reset_func ret x19 endfunc cortex_a57_reset_func +func check_errata_cve_2022_23960 +#if WORKAROUND_CVE_2022_23960 + mov x0, #ERRATA_APPLIES +#else + mov x0, #ERRATA_MISSING +#endif + ret +endfunc check_errata_cve_2022_23960 + /* ---------------------------------------------------- * The CPU Ops core power down function for Cortex-A57. * ---------------------------------------------------- @@ -630,6 +644,7 @@ func cortex_a57_errata_report report_errata ERRATA_A57_1319537, cortex_a57, 1319537 report_errata WORKAROUND_CVE_2017_5715, cortex_a57, cve_2017_5715 report_errata WORKAROUND_CVE_2018_3639, cortex_a57, cve_2018_3639 + report_errata WORKAROUND_CVE_2022_23960, cortex_a57, cve_2022_23960 ldp x8, x30, [sp], #16 ret |