[U-Boot] [PATCH 1/4] ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715
Fabio Estevam
festevam at gmail.com
Wed Jun 20 14:13:01 UTC 2018
On Tue, Jun 12, 2018 at 5:24 PM, Nishanth Menon <nm at ti.com> wrote:
> As recommended by Arm in [1], IBE[2] has to be enabled unconditionally
> for BPIALL to be functional on Cortex-A8 processors. Provide a config
> option for platforms to enable this option based on impact analysis
> for products.
>
> NOTE: This patch in itself is NOT the final solution, this requires:
> a) Implementation of v7_arch_cp15_set_acr on SoCs which may not
> provide direct access to ACR register.
> b) Operating Systems such as Linux to provide adequate workaround in the right
> locations.
> c) This workaround applies to only the boot processor. It is important
> to apply workaround as necessary (context-save-restore) around low
> power context loss OR additional processors as necessary in either
> firmware support OR elsewhere in OS.
>
> [1] https://developer.arm.com/support/security-update
> [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html
>
> Cc: Marc Zyngier <marc.zyngier at arm.com>
> Cc: Russell King <linux at arm.linux.org.uk>
> Cc: Tony Lindgren <tony at atomide.com>
> Cc: Robin Murphy <robin.murphy at arm.com>
> Cc: Florian Fainelli <f.fainelli at gmail.com>
> Cc: Catalin Marinas <catalin.marinas at arm.com>
> Cc: Will Deacon <will.deacon at arm.com>
> Cc: Christoffer Dall <christoffer.dall at linaro.org>
> Cc: Andre Przywara <Andre.Przywara at arm.com>
> Cc: Ard Biesheuvel <ard.biesheuvel at linaro.org>
> Cc: Tom Rini <trini at konsulko.com>
> Cc: Michael Nazzareno Trimarchi <michael at amarulasolutions.com>
>
> Signed-off-by: Nishanth Menon <nm at ti.com>
On a imx51-babbage board:
Tested-by: Fabio Estevam <fabio.estevam at nxp.com>
More information about the U-Boot
mailing list