[U-Boot] U-Boot, cache speculation side channel attacks and ARM
Marc Zyngier
marc.zyngier at arm.com
Sat Jan 20 10:42:03 UTC 2018
On Fri, 19 Jan 2018 16:56:14 -0500
Tom Rini <trini at konsulko.com> wrote:
> Hey all,
>
> So, now that things have quieted down a little bit in this area, I've
> been wondering about something. Over on the U-Boot side of things, are
> there changes we need to make in order to support the kernel side of the
> various mitigations properly? I know that for example currently
> https://developer.arm.com/support/security-update talks about ATF
> patches, in the context of AArch64 however. But on the other hand for
> variant 2, there's nothing listed on the Linux side for 32bit ARM, but
> there is for non-Linux OSes.
>
> And, in the event I'm also missing something else entirely that we need
> to do here, is there something that we need to be doing? Or is it still
> too early at this point in time to know?
I've so far posted two revisions of a small patch series that deals
with variant-2 on the affected 32bit Cortex-A cores. These patches are
currently stashed on the branch[1] pointed at by the web page you
mentioned.
A prerequisite for Cortex-A8 and A15 is that ACTLR[0] (IBE) is set from
secure mode. Cortex-A12/A17 do not need this.
Thanks,
M.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti
--
Without deviation from the norm, progress is not possible.
More information about the U-Boot
mailing list