From 2e5d7a4b6b26d9d8b6c8e580c33d877e591b1fb3 Mon Sep 17 00:00:00 2001 From: John Powell Date: Wed, 20 Apr 2022 15:27:33 -0500 Subject: [PATCH] fix(security): report CVE 2022 23960 missing for aarch32 A57 and A72 Since there is no product deployed running EL3 in AArch32 mode for Cortex-A57 and Cortex-A72, report the workaround for CVE 2022 23960 as missing on these cores. Signed-off-by: John Powell Change-Id: I14d202c1179707257086ad0c4795c397e566b3e6 --- lib/cpus/aarch32/cortex_a57.S | 8 +++++++- lib/cpus/aarch32/cortex_a72.S | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/lib/cpus/aarch32/cortex_a57.S b/lib/cpus/aarch32/cortex_a57.S index 2e97abbe0..18ee1f971 100644 --- a/lib/cpus/aarch32/cortex_a57.S +++ b/lib/cpus/aarch32/cortex_a57.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -396,6 +396,11 @@ func check_errata_cve_2018_3639 bx lr endfunc check_errata_cve_2018_3639 +func check_errata_cve_2022_23960 + mov r0, #ERRATA_MISSING + bx lr +endfunc check_errata_cve_2022_23960 + /* ------------------------------------------------- * The CPU Ops reset function for Cortex-A57. * Shall clobber: r0-r6 @@ -600,6 +605,7 @@ func cortex_a57_errata_report report_errata ERRATA_A57_859972, cortex_a57, 859972 report_errata WORKAROUND_CVE_2017_5715, cortex_a57, cve_2017_5715 report_errata WORKAROUND_CVE_2018_3639, cortex_a57, cve_2018_3639 + report_errata WORKAROUND_CVE_2022_23960, cortex_a57, cve_2022_23960 pop {r12, lr} bx lr diff --git a/lib/cpus/aarch32/cortex_a72.S b/lib/cpus/aarch32/cortex_a72.S index ff2b0e66e..03914b20a 100644 --- a/lib/cpus/aarch32/cortex_a72.S +++ b/lib/cpus/aarch32/cortex_a72.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -101,6 +101,11 @@ func check_errata_cve_2018_3639 bx lr endfunc check_errata_cve_2018_3639 +func check_errata_cve_2022_23960 + mov r0, #ERRATA_MISSING + bx lr +endfunc check_errata_cve_2022_23960 + /* ------------------------------------------------- * The CPU Ops reset function for Cortex-A72. * ------------------------------------------------- @@ -260,6 +265,7 @@ func cortex_a72_errata_report report_errata ERRATA_A72_859971, cortex_a72, 859971 report_errata WORKAROUND_CVE_2017_5715, cortex_a72, cve_2017_5715 report_errata WORKAROUND_CVE_2018_3639, cortex_a72, cve_2018_3639 + report_errata WORKAROUND_CVE_2022_23960, cortex_a72, cve_2022_23960 pop {r12, lr} bx lr