refactor(cpus): optimize CVE checking
This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* calls.
Previously, EXTRA functions were individually implemented for
each SMCCC_ARCH_WORKAROUND_*, an approach that becomes unmanageable
with the increasing number of workarounds.
By looking up erratum entries for CVE check, the process is streamlined,
reducing overhead associated with creating and
maintaining EXTRA functions for each new workaround.
New Errata entries are created for SMC workarounds and
that is used to target cpus that are uniquely impacted
by SMC workarounds.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I873534e367a35c99461d0a616ff7bf856a0000af
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index c43beb6..5d2bb7b 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -50,22 +50,6 @@
* Numeric value expected to read from CPU's MIDR
* _resetfunc:
* Reset function for the CPU.
- * _extra1:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2017-5715 needs to be applied or not.
- * _extra2:
- * This is a placeholder for future per CPU operations. Currently
- * some CPUs use this entry to set a function to disable the
- * workaround for CVE-2018-3639.
- * _extra3:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2022-23960 needs to be applied or not.
- * _extra4:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2024-7881 needs to be applied or not.
* _e_handler:
* This is a placeholder for future per CPU exception handlers.
* _power_down_ops:
@@ -78,7 +62,6 @@
* used to handle power down at subsequent levels
*/
.macro declare_cpu_ops_base _name:req, _midr:req, _resetfunc:req, \
- _extra1:req, _extra2:req, _extra3:req, _extra4:req, \
_e_handler:req, _power_down_ops:vararg
.section .cpu_ops, "a"
.align 3
@@ -87,10 +70,6 @@
#if defined(IMAGE_AT_EL3)
.quad \_resetfunc
#endif
- .quad \_extra1
- .quad \_extra2
- .quad \_extra3
- .quad \_extra4
.quad \_e_handler
#ifdef IMAGE_BL31
/* Insert list of functions */
@@ -153,30 +132,15 @@
.macro declare_cpu_ops _name:req, _midr:req, _resetfunc:req, \
_power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, 0, 0, 0, 0, 0, \
- \_power_down_ops
+ declare_cpu_ops_base \_name, \_midr, \_resetfunc, 0, \_power_down_ops
.endm
.macro declare_cpu_ops_eh _name:req, _midr:req, _resetfunc:req, \
_e_handler:req, _power_down_ops:vararg
declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- 0, 0, 0, 0, \_e_handler, \_power_down_ops
+ \_e_handler, \_power_down_ops
.endm
- .macro declare_cpu_ops_wa _name:req, _midr:req, \
- _resetfunc:req, _extra1:req, _extra2:req, \
- _extra3:req, _power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- \_extra1, \_extra2, \_extra3, 0, 0, \_power_down_ops
- .endm
-
- .macro declare_cpu_ops_wa_4 _name:req, _midr:req, \
- _resetfunc:req, _extra1:req, _extra2:req, \
- _extra3:req, _extra4:req, _power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- \_extra1, \_extra2, \_extra3, \_extra4, 0, \_power_down_ops
- .endm
-
/*
* This macro is used on some CPUs to detect if they are vulnerable
* to CVE-2017-5715.
@@ -240,7 +204,7 @@
* Default value is 0.
*/
.macro add_erratum_entry _cpu:req, _cve:req, _id:req, _chosen:req, _split_wa=0
-#if REPORT_ERRATA || ERRATA_ABI_SUPPORT
+#if INCLUDE_ERRATA_LIST
.pushsection .rodata.errata_entries
.align 3
.ifndef \_cpu\()_errata_list_start