[U-Boot] [RFC PATCH 0/2] ARM: v7: Enable basic framework for supporting bits for CVE-2017-5715
Nishanth Menon
nm at ti.com
Thu Jan 25 21:45:57 UTC 2018
Hi Folks,
This is a follow through on the discussion we have had in [1].
This itself is'nt a complete solution and is based on recommendation
This from Arm[2] for variant 2 CVE-2017-5715
The Linux kernel discussions are spread out in [3], ATF and OPTEE
status are available in [4].
This is just an RFC series (build tested at this point) to check if
the direction is fine and should follow the final solution once kernel
patches get to upstream, IMHO.
NOTE: As per ARM recommendations[2], and discussions in list[1] ARM
Cortex-A9/12/17 do not need additional steps in u-boot to enable the
OS level workarounds.
Nishanth Menon (2):
ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for
CVE-2017-5715
ARM: Introduce ability to enable invalidate of BTB on Cortex-A15 for
CVE-2017-5715
arch/arm/Kconfig | 9 +++++++++
arch/arm/cpu/armv7/start.S | 15 +++++++++++++--
2 files changed, 22 insertions(+), 2 deletions(-)
[1] https://marc.info/?t=151639906500002&r=1&w=2
[2] https://developer.arm.com/support/security-update
[3] https://marc.info/?t=151543790400007&r=1&w=2 and the latest in https://marc.info/?l=linux-arm-kernel&m=151689379521082&w=2
[4] https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6 https://www.op-tee.org/security-advisories/ https://www.linaro.org/blog/meltdown-spectre/
--
2.15.1
More information about the U-Boot
mailing list