[U-Boot] [PATCH] ARM: rmobile: gen2: Enable ACTLR[0] (Enable invalidates of BTB) to facilitate CVE_2017-5715 WA in OS

Marek Vasut marek.vasut at gmail.com
Sat Jun 30 06:48:39 UTC 2018


Enable CVE_2017_5715 mitigation on CPU0 on R-Car H2, M2W, M2N, V2H,
which all contain Cortex-A15 cores. R-Car E2 contains only Cortex-A7
cores and is not affected. Without this enabled, Linux kernel reports:

  CPU0: Spectre v2: firmware did not set auxiliary control register IBE bit, system vulnerable

With this enabled, Linux kernel reports:

  CPU0: Spectre v2: using ICIALLU workaround

NOTE: This by itself does not enable the workaround for other CPUs
      than CPU0 and may require additional kernel patches for the
      other CPUs in SMP configurations.

Signed-off-by: Marek Vasut <marek.vasut+renesas at gmail.com>
Cc: Nishanth Menon <nm at ti.com>
Cc: Nobuhiro Iwamatsu <iwamatsu at nigauri.org>
---
 arch/arm/mach-rmobile/Kconfig.32 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm/mach-rmobile/Kconfig.32 b/arch/arm/mach-rmobile/Kconfig.32
index c0b5b2457c..6c492ff409 100644
--- a/arch/arm/mach-rmobile/Kconfig.32
+++ b/arch/arm/mach-rmobile/Kconfig.32
@@ -13,18 +13,22 @@ config R8A7740
 config R8A7790
 	bool "Renesas SoC R8A7790"
 	select RCAR_GEN2
+	select ARM_CORTEX_A15_CVE_2017_5715
 
 config R8A7791
 	bool "Renesas SoC R8A7791"
 	select RCAR_GEN2
+	select ARM_CORTEX_A15_CVE_2017_5715
 
 config R8A7792
 	bool "Renesas SoC R8A7792"
 	select RCAR_GEN2
+	select ARM_CORTEX_A15_CVE_2017_5715
 
 config R8A7793
 	bool "Renesas SoC R8A7793"
 	select RCAR_GEN2
+	select ARM_CORTEX_A15_CVE_2017_5715
 
 config R8A7794
 	bool "Renesas SoC R8A7794"
-- 
2.16.2



More information about the U-Boot mailing list