From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Fri, 29 Jun 2018 16:53:06 -0400 Subject: [U-Boot] [U-Boot, 1/4] ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715 In-Reply-To: <20180612202411.29798-2-nm@ti.com> References: <20180612202411.29798-2-nm@ti.com> Message-ID: <20180629205306.GI18596@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Tue, Jun 12, 2018 at 03:24:08PM -0500, Nishanth Menon wrote: > As recommended by Arm in [1], IBE[2] has to be enabled unconditionally > for BPIALL to be functional on Cortex-A8 processors. Provide a config > option for platforms to enable this option based on impact analysis > for products. > > NOTE: This patch in itself is NOT the final solution, this requires: > a) Implementation of v7_arch_cp15_set_acr on SoCs which may not > provide direct access to ACR register. > b) Operating Systems such as Linux to provide adequate workaround in the right > locations. > c) This workaround applies to only the boot processor. It is important > to apply workaround as necessary (context-save-restore) around low > power context loss OR additional processors as necessary in either > firmware support OR elsewhere in OS. > > [1] https://developer.arm.com/support/security-update > [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html > > Cc: Marc Zyngier > Cc: Russell King > Cc: Tony Lindgren > Cc: Robin Murphy > Cc: Florian Fainelli > Cc: Catalin Marinas > Cc: Will Deacon > Cc: Christoffer Dall > Cc: Andre Przywara > Cc: Ard Biesheuvel > Cc: Tom Rini > Cc: Michael Nazzareno Trimarchi > > Signed-off-by: Nishanth Menon > Tested-by: Fabio Estevam Applied to u-boot/master, thanks! -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: