fix(security): workaround for CVE-2022-23960

Implements the loop workaround for Cortex-A77, Cortex-A78, Cortex-A710, Cortex-X2, Neoverse N1, Neoverse N2 and Neoverse V1 CPUs. Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I11d342df7a2068a15e18f4974c645af3b341235b
author: Bipin Ravi <bipin.ravi@arm.com> 2022-01-18 01:59:06 -0600
committer: Bipin Ravi <bipin.ravi@arm.com> 2022-03-10 23:57:14 -0600
commit: 1fe4a9d181ead0dcb2bc494e90552d3e7f0aaf4c (patch)
tree: a07f088625a7eea44aa57604ed6202e9f814b3b0 /lib/cpus/aarch64/wa_cve_2022_23960_bhb.S
parent: fee7b2d3b4dc4fcf225c5191a7aad8427489ef64 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/lib/cpus/aarch64/wa_cve_2022_23960_bhb.S b/lib/cpus/aarch64/wa_cve_2022_23960_bhb.S
new file mode 100644
index 000000000..e0e41cc47
--- /dev/null
+++ b/lib/cpus/aarch64/wa_cve_2022_23960_bhb.S
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <context.h>
+
+#if WORKAROUND_CVE_2022_23960
+	/*
+	 * This macro applies the mitigation for CVE-2022-23960.
+         * The macro saves x2-x3 to the CPU context.
+         * SP should point to the CPU context.
+	 */
+	.macro	apply_cve_2022_23960_bhb_wa _bhb_loop_count
+	stp	x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
+
+	/* CVE-BHB-NUM loop count */
+	mov	x2, \_bhb_loop_count
+
+1:
+	/* b pc+4 part of the workaround */
+	b	2f
+2:
+	subs	x2, x2, #1
+	bne	1b
+	dsb	sy
+	isb
+	ldp	x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
+	.endm
+#endif /* WORKAROUND_CVE_2022_23960 */
author	Bipin Ravi <bipin.ravi@arm.com>	2022-01-18 01:59:06 -0600
committer	Bipin Ravi <bipin.ravi@arm.com>	2022-03-10 23:57:14 -0600
commit	1fe4a9d181ead0dcb2bc494e90552d3e7f0aaf4c (patch)
tree	a07f088625a7eea44aa57604ed6202e9f814b3b0 /lib/cpus/aarch64/wa_cve_2022_23960_bhb.S
parent	fee7b2d3b4dc4fcf225c5191a7aad8427489ef64 (diff)