arm-trusted-firmware

6620 Commits

5 Branches

114 Tags

55 MiB

Tree: d8b225a1a6

Commit Graph

Author	SHA1	Message	Date
Antonio Nino Diaz	c3cf06f1a3	Standardise header guards across codebase All identifiers, regardless of use, that start with two underscores are reserved. This means they can't be used in header guards. The style that this project is now to use the full name of the file in capital letters followed by 'H'. For example, for a file called "uart_example.h", the header guard is UART_EXAMPLE_H. The exceptions are files that are imported from other projects: - CryptoCell driver - dt-bindings folders - zlib headers Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>	6 years ago
Dimitris Papastamos	b8a25bbb0b	Implement static workaround for CVE-2018-3639 For affected CPUs, this approach enables the mitigation during EL3 initialization, following every PE reset. No mechanism is provided to disable the mitigation at runtime. This approach permanently mitigates the entire software stack and no additional mitigation code is required in other software components. TF-A implements this approach for the following affected CPUs: * Cortex-A57 and Cortex-A72, by setting bit 55 (Disable load pass store) of `CPUACTLR_EL1` (`S3_1_C15_C2_0`). * Cortex-A73, by setting bit 3 of `S3_0_C15_C0_0` (not documented in the Technical Reference Manual (TRM)). * Cortex-A75, by setting bit 35 (reserved in TRM) of `CPUACTLR_EL1` (`S3_0_C15_C1_0`). Additionally, a new SMC interface is implemented to allow software executing in lower ELs to discover whether the system is mitigated against CVE-2018-3639. Refer to "Firmware interfaces for mitigating cache speculation vulnerabilities System Software on Arm Systems"[0] for more information. [0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification Change-Id: I084aa7c3bc7c26bf2df2248301270f77bed22ceb Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>	7 years ago
Dimitris Papastamos	3a1b0676c7	Implement support for SMCCC v1.1 SMCCC v1.1 comes with a relaxed calling convention for AArch64 callers. The caller only needs to save x0-x3 before doing an SMC call. This patch adds support for SMCCC_VERSION and SMCCC_ARCH_FEATURES. Refer to "Firmware Interfaces for mitigating CVE_2017_5715 System Software on Arm Systems"[0] for more information. [0] https://developer.arm.com/-/media/developer/pdf/ARM%20DEN%200070A%20Firmware%20interfaces%20for%20mitigating%20CVE-2017-5715_V1.0.pdf Change-Id: If5b1c55c17d6c5c7cb9c2c3ed355d3a91cdad0a9 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>	7 years ago

Author

SHA1

Message

Date

Antonio Nino Diaz

c3cf06f1a3

Standardise header guards across codebase

All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.

The style that this project is now to use the full name of the file in
capital letters followed by 'H'. For example, for a file called
"uart_example.h", the header guard is UART_EXAMPLE_H.

The exceptions are files that are imported from other projects:

- CryptoCell driver
- dt-bindings folders
- zlib headers

Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

6 years ago

Dimitris Papastamos

b8a25bbb0b

Implement static workaround for CVE-2018-3639

For affected CPUs, this approach enables the mitigation during EL3
initialization, following every PE reset. No mechanism is provided to
disable the mitigation at runtime.

This approach permanently mitigates the entire software stack and no
additional mitigation code is required in other software components.

TF-A implements this approach for the following affected CPUs:

*   Cortex-A57 and Cortex-A72, by setting bit 55 (Disable load pass store) of
    `CPUACTLR_EL1` (`S3_1_C15_C2_0`).

*   Cortex-A73, by setting bit 3 of `S3_0_C15_C0_0` (not documented in the
    Technical Reference Manual (TRM)).

*   Cortex-A75, by setting bit 35 (reserved in TRM) of `CPUACTLR_EL1`
    (`S3_0_C15_C1_0`).

Additionally, a new SMC interface is implemented to allow software
executing in lower ELs to discover whether the system is mitigated
against CVE-2018-3639.

Refer to "Firmware interfaces for mitigating cache speculation
vulnerabilities System Software on Arm Systems"[0] for more
information.

[0] https://developer.arm.com/cache-speculation-vulnerability-firmware-specification

Change-Id: I084aa7c3bc7c26bf2df2248301270f77bed22ceb
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

7 years ago

Dimitris Papastamos

3a1b0676c7

Implement support for SMCCC v1.1

SMCCC v1.1 comes with a relaxed calling convention for AArch64
callers.  The caller only needs to save x0-x3 before doing an SMC
call.

This patch adds support for SMCCC_VERSION and SMCCC_ARCH_FEATURES.

Refer to "Firmware Interfaces for mitigating CVE_2017_5715 System
Software on Arm Systems"[0] for more information.

[0] https://developer.arm.com/-/media/developer/pdf/ARM%20DEN%200070A%20Firmware%20interfaces%20for%20mitigating%20CVE-2017-5715_V1.0.pdf

Change-Id: If5b1c55c17d6c5c7cb9c2c3ed355d3a91cdad0a9
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

7 years ago

3 Commits (d8b225a1a6d3d4bf7bf51fbd731413f76f6b8073)