On Tue, Jun 12, 2018 at 02:13:38PM -0500, Nishanth Menon wrote:
On Tue, May 22, 2018 at 9:05 AM, Fabio Estevam festevam@gmail.com wrote:
On Thu, Jan 25, 2018 at 7:45 PM, Nishanth Menon nm@ti.com wrote:
Hi Folks,
This is a follow through on the discussion we have had in [1]. This itself is'nt a complete solution and is based on recommendation This from Arm[2] for variant 2 CVE-2017-5715
The Linux kernel discussions are spread out in [3], ATF and OPTEE status are available in [4].
This is just an RFC series (build tested at this point) to check if the direction is fine and should follow the final solution once kernel patches get to upstream, IMHO.
NOTE: As per ARM recommendations[2], and discussions in list[1] ARM Cortex-A9/12/17 do not need additional steps in u-boot to enable the OS level workarounds.
Nishanth Menon (2): ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715 ARM: Introduce ability to enable invalidate of BTB on Cortex-A15 for CVE-2017-5715
I started respinning the series, while there is definitely a use of implementing in u-boot, I am starting to wonder if we should also be doing this in kernel.
How does the kernel set the bit when the kernel is running in non-secure mode, when the ACTLR is read-only in that mode?