[1/4] ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715

Message ID 20180612202411.29798-2-nm@ti.com
State Accepted
Commit 7b37a9c732bfec392b8f081eefa83427f794f937
Headers show
Series
  • ARM: Provide workaround setup bits for CVE-2017-5715 (A8/A15)
Related show

Commit Message

Nishanth Menon June 12, 2018, 8:24 p.m.
As recommended by Arm in [1], IBE[2] has to be enabled unconditionally
for BPIALL to be functional on Cortex-A8 processors. Provide a config
option for platforms to enable this option based on impact analysis
for products.

NOTE: This patch in itself is NOT the final solution, this requires:
a) Implementation of v7_arch_cp15_set_acr on SoCs which may not
   provide direct access to ACR register.
b) Operating Systems such as Linux to provide adequate workaround in the right
   locations.
c) This workaround applies to only the boot processor. It is important
   to apply workaround as necessary (context-save-restore) around low
   power context loss OR additional processors as necessary in either
   firmware support OR elsewhere in OS.

[1] https://developer.arm.com/support/security-update
[2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html

Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Andre Przywara <Andre.Przywara@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Michael Nazzareno Trimarchi <michael@amarulasolutions.com>

Signed-off-by: Nishanth Menon <nm@ti.com>
---
 arch/arm/Kconfig           | 5 +++++
 arch/arm/cpu/armv7/start.S | 7 +++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

Comments

Fabio Estevam June 20, 2018, 2:13 p.m. | #1
On Tue, Jun 12, 2018 at 5:24 PM, Nishanth Menon <nm@ti.com> wrote:
> As recommended by Arm in [1], IBE[2] has to be enabled unconditionally
> for BPIALL to be functional on Cortex-A8 processors. Provide a config
> option for platforms to enable this option based on impact analysis
> for products.
>
> NOTE: This patch in itself is NOT the final solution, this requires:
> a) Implementation of v7_arch_cp15_set_acr on SoCs which may not
>    provide direct access to ACR register.
> b) Operating Systems such as Linux to provide adequate workaround in the right
>    locations.
> c) This workaround applies to only the boot processor. It is important
>    to apply workaround as necessary (context-save-restore) around low
>    power context loss OR additional processors as necessary in either
>    firmware support OR elsewhere in OS.
>
> [1] https://developer.arm.com/support/security-update
> [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html
>
> Cc: Marc Zyngier <marc.zyngier@arm.com>
> Cc: Russell King <linux@arm.linux.org.uk>
> Cc: Tony Lindgren <tony@atomide.com>
> Cc: Robin Murphy <robin.murphy@arm.com>
> Cc: Florian Fainelli <f.fainelli@gmail.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will.deacon@arm.com>
> Cc: Christoffer Dall <christoffer.dall@linaro.org>
> Cc: Andre Przywara <Andre.Przywara@arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Tom Rini <trini@konsulko.com>
> Cc: Michael Nazzareno Trimarchi <michael@amarulasolutions.com>
>
> Signed-off-by: Nishanth Menon <nm@ti.com>

On a imx51-babbage board:

Tested-by: Fabio Estevam <fabio.estevam@nxp.com>
Tom Rini June 29, 2018, 8:53 p.m. | #2
On Tue, Jun 12, 2018 at 03:24:08PM -0500, Nishanth Menon wrote:

> As recommended by Arm in [1], IBE[2] has to be enabled unconditionally

> for BPIALL to be functional on Cortex-A8 processors. Provide a config

> option for platforms to enable this option based on impact analysis

> for products.

> 

> NOTE: This patch in itself is NOT the final solution, this requires:

> a) Implementation of v7_arch_cp15_set_acr on SoCs which may not

>    provide direct access to ACR register.

> b) Operating Systems such as Linux to provide adequate workaround in the right

>    locations.

> c) This workaround applies to only the boot processor. It is important

>    to apply workaround as necessary (context-save-restore) around low

>    power context loss OR additional processors as necessary in either

>    firmware support OR elsewhere in OS.

> 

> [1] https://developer.arm.com/support/security-update

> [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html

> 

> Cc: Marc Zyngier <marc.zyngier@arm.com>

> Cc: Russell King <linux@arm.linux.org.uk>

> Cc: Tony Lindgren <tony@atomide.com>

> Cc: Robin Murphy <robin.murphy@arm.com>

> Cc: Florian Fainelli <f.fainelli@gmail.com>

> Cc: Catalin Marinas <catalin.marinas@arm.com>

> Cc: Will Deacon <will.deacon@arm.com>

> Cc: Christoffer Dall <christoffer.dall@linaro.org>

> Cc: Andre Przywara <Andre.Przywara@arm.com>

> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> Cc: Tom Rini <trini@konsulko.com>

> Cc: Michael Nazzareno Trimarchi <michael@amarulasolutions.com>

> 

> Signed-off-by: Nishanth Menon <nm@ti.com>

> Tested-by: Fabio Estevam <fabio.estevam@nxp.com>


Applied to u-boot/master, thanks!

-- 
Tom

Patch

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index dde422bc5d53..9e32d5b43cb0 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -108,6 +108,8 @@  config SYS_ARM_MPU
 # CONFIG_ARM_ERRATA_621766
 # CONFIG_ARM_ERRATA_798870
 # CONFIG_ARM_ERRATA_801819
+# CONFIG_ARM_CORTEX_A8_CVE_2017_5715
+
 config ARM_ERRATA_430973
 	bool
 
@@ -177,6 +179,9 @@  config ARM_ERRATA_852423
 config ARM_ERRATA_855873
 	bool
 
+config ARM_CORTEX_A8_CVE_2017_5715
+	bool
+
 config CPU_ARM720T
 	bool
 	select SYS_CACHE_SHIFT_5
diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S
index c996525f861e..3beaf5a93d81 100644
--- a/arch/arm/cpu/armv7/start.S
+++ b/arch/arm/cpu/armv7/start.S
@@ -252,12 +252,15 @@  skip_errata_801819:
 	pop	{r1-r5}			@ Restore the cpu info - fall through
 #endif
 
-#ifdef CONFIG_ARM_ERRATA_430973
+#if defined(CONFIG_ARM_ERRATA_430973) || defined (CONFIG_ARM_CORTEX_A8_CVE_2017_5715)
 	mrc	p15, 0, r0, c1, c0, 1	@ Read ACR
 
+#ifdef CONFIG_ARM_CORTEX_A8_CVE_2017_5715
+	orr	r0, r0, #(0x1 << 6)	@ Set IBE bit always to enable OS WA
+#else
 	cmp	r2, #0x21		@ Only on < r2p1
 	orrlt	r0, r0, #(0x1 << 6)	@ Set IBE bit
-
+#endif
 	push	{r1-r5}			@ Save the cpu info registers
 	bl	v7_arch_cp15_set_acr
 	pop	{r1-r5}			@ Restore the cpu info - fall through