ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715
authorNishanth Menon <nm@ti.com>
Tue, 12 Jun 2018 20:24:08 +0000 (15:24 -0500)
committerTom Rini <trini@konsulko.com>
Fri, 29 Jun 2018 15:30:39 +0000 (11:30 -0400)
As recommended by Arm in [1], IBE[2] has to be enabled unconditionally
for BPIALL to be functional on Cortex-A8 processors. Provide a config
option for platforms to enable this option based on impact analysis
for products.

NOTE: This patch in itself is NOT the final solution, this requires:
a) Implementation of v7_arch_cp15_set_acr on SoCs which may not
   provide direct access to ACR register.
b) Operating Systems such as Linux to provide adequate workaround in the right
   locations.
c) This workaround applies to only the boot processor. It is important
   to apply workaround as necessary (context-save-restore) around low
   power context loss OR additional processors as necessary in either
   firmware support OR elsewhere in OS.

[1] https://developer.arm.com/support/security-update
[2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html

Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Andre Przywara <Andre.Przywara@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Michael Nazzareno Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Tested-by: Fabio Estevam <fabio.estevam@nxp.com>
arch/arm/Kconfig
arch/arm/cpu/armv7/start.S

index 22234cde2ab6aa4b98c3b595515a15da45f04e6b..ba8b0ccbd262baa060e000bedf108f4c9561b617 100644 (file)
@@ -108,6 +108,8 @@ config SYS_ARM_MPU
 # CONFIG_ARM_ERRATA_621766
 # CONFIG_ARM_ERRATA_798870
 # CONFIG_ARM_ERRATA_801819
+# CONFIG_ARM_CORTEX_A8_CVE_2017_5715
+
 config ARM_ERRATA_430973
        bool
 
@@ -177,6 +179,9 @@ config ARM_ERRATA_852423
 config ARM_ERRATA_855873
        bool
 
+config ARM_CORTEX_A8_CVE_2017_5715
+       bool
+
 config CPU_ARM720T
        bool
        select SYS_CACHE_SHIFT_5
index c996525f861e6c189075fe2fa85748363027baf5..3beaf5a93d815ce2bffc3ac655f79a4f47b68db4 100644 (file)
@@ -252,12 +252,15 @@ skip_errata_801819:
        pop     {r1-r5}                 @ Restore the cpu info - fall through
 #endif
 
-#ifdef CONFIG_ARM_ERRATA_430973
+#if defined(CONFIG_ARM_ERRATA_430973) || defined (CONFIG_ARM_CORTEX_A8_CVE_2017_5715)
        mrc     p15, 0, r0, c1, c0, 1   @ Read ACR
 
+#ifdef CONFIG_ARM_CORTEX_A8_CVE_2017_5715
+       orr     r0, r0, #(0x1 << 6)     @ Set IBE bit always to enable OS WA
+#else
        cmp     r2, #0x21               @ Only on < r2p1
        orrlt   r0, r0, #(0x1 << 6)     @ Set IBE bit
-
+#endif
        push    {r1-r5}                 @ Save the cpu info registers
        bl      v7_arch_cp15_set_acr
        pop     {r1-r5}                 @ Restore the cpu info - fall through