CVE-2017-5715 AArch64 #2072
Merged
CVE-2017-5715 AArch64 #2072
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
There's some strace build error for the Hikey auto builder: |
jforissier
reviewed
Jan 16, 2018
There was a problem hiding this comment.
Nice and clean, IMO! I have only two minor comments. Anyway:
Reviewed-by: Jerome Forissier <[email protected]>
Tested-by: Jerome Forissier <[email protected]> (HiKey960)
(Note that HiKey960 has 4x Cortex-A73 and 4x Cortex-A53 so it is a good test for this code).
core/arch/arm/kernel/thread_a64.S
Outdated
| @@ -507,6 +529,117 @@ el0_serror_a32: | |||
| b el0_serror_a32 | |||
| check_vector_size el0_serror_a32 | |||
|
|
|||
| #if defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) | |||
| .macro apply_workaround | |||
There was a problem hiding this comment.
apply_workaround is a bit too vague IMO. s/apply_workaround/ic_iallu_isb/? Or if you prefer s/apply_workaround/icache_invalidate/?
There was a problem hiding this comment.
ARM-TF is mentioning a low overhead SMC interface for to invalidate the branch predictor, maybe that could be used later.
I guess s/apply_workaround/invalidate_branch_predictor/ would be good enough.
core/arch/arm/kernel/thread_a64.S
Outdated
| @@ -379,31 +379,31 @@ END_FUNC thread_unwind_user_mode | |||
| .endm | |||
|
|
|||
| .section .text.thread_vect_table | |||
| .align 11 | |||
| .align 11, 0 | |||
There was a problem hiding this comment.
How could we make it more obvious that 0 is an invalid instruction? #define INV_INSN 0 maybe?
There was a problem hiding this comment.
Commit subject: s/arm32/arm64
jenswi-linaro
force-pushed
the
cve-a64
branch
from
91bcc7f
to
30b34fe
Compare
|
Comments addressed, tags applied. |
Moves MIDR definitions from arm32.h to arm.h Reviewed-by: Jerome Forissier <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>
Renames the labels in the exception vector to use consistent lower case names. Reviewed-by: Jerome Forissier <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>
Pads exception vector with an illegal instruction to improve robustness. Reviewed-by: Jerome Forissier <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>
With CFG_CORE_UNMAP_CORE_AT_EL0=y the exception vector is updated to use the minimal kernel mapping during user space execution. With this patch vbar is updated relative to previous value in vbar to allow different exception vectors for different cpu types. Reviewed-by: Jerome Forissier <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>
If build with CFG_CORE_WORKAROUND_SPECTRE_BP_SEC=y invalidate branch predictor on all secure world exceptions originating in secure EL0 (secure user space). Fixes CVE-2017-5715 Reviewed-by: Jerome Forissier <[email protected]> Tested-by: Jerome Forissier <[email protected]> (HiKey960) Signed-off-by: Jens Wiklander <[email protected]>
jenswi-linaro
force-pushed
the
cve-a64
branch
from
30b34fe
to
2f93d96
Compare
|
Rebased on master |
jforissier
added a commit
to jforissier/optee_website
that referenced
this pull request
Apr 19, 2018
- The Spectre v1 investigation found no vulnerability - Mention the recent arm64 branch invalidation update included in OP-TEE 3.1.0 (OP-TEE/optee_os#2229). The previous security fix (OP-TEE/optee_os#2072) was not effective as a mitigation against Spectre v2. Signed-off-by: Jerome Forissier <[email protected]>
jforissier
added a commit
to jforissier/optee_website
that referenced
this pull request
Apr 19, 2018
- The Spectre v1 investigation found no vulnerability - Mention the recent arm64 branch invalidation update included in OP-TEE 3.1.0 (OP-TEE/optee_os#2229). The previous security fix (OP-TEE/optee_os#2072) was not effective as a mitigation against Spectre v2. Signed-off-by: Jerome Forissier <[email protected]> Acked-by: Joakim Bech <[email protected]>
jforissier
added a commit
to jforissier/optee_website
that referenced
this pull request
Apr 20, 2018
- The Spectre v1 investigation found no vulnerability - Mention the recent arm64 branch invalidation update included in OP-TEE 3.1.0 (OP-TEE/optee_os#2229). The previous security fix (OP-TEE/optee_os#2072) was not effective as a mitigation against Spectre v2. Signed-off-by: Jerome Forissier <[email protected]> Acked-by: Joakim Bech <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.