fix(cpus): workaround for CVE-2024-5660 for Cortex-X4 Implements mitigation for CVE-2024-5660 that affects Cortex-X4 revisions r0p0, r0p1, r0p2. The workaround is to disable the hardware page aggregation at EL3 by setting CPUECTLR_EL1[46] = 1'b1. Public Documentation: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660 Change-Id: I378cb4978919cced03e7febc2ad431c572eac72d Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

commit: 53b6da5f8ddd7b83792db49a8eac0e581c3b60c5 [log] [tgz]
author: Sona Mathew <sonarebecca.mathew@arm.com> Mon May 20 13:48:19 2024 -0500
committer: Sona Mathew <sonarebecca.mathew@arm.com> Tue Dec 17 10:24:33 2024 -0600
tree: 882d424940d4dac3e323342f8d8b067b303a37c1
parent: 6f6be782240e92ea84eaf711f08c703e2c503102 [diff] [blame]
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index f1cb73b..369ec6f 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst

@@ -33,6 +33,11 @@
    This build option should be set to 1 if the target platform contains at
    least 1 CPU that requires this mitigation. Defaults to 1.
 
+-  ``WORKAROUND_CVE_2024_5660``: Enables mitigation for `CVE-2024-5660`.
+   The fix is to disable hardware page aggregation by setting CPUECTLR_EL1[46]
+   in EL3 FW. This build option should be set to 1 if the target platform contains
+   at least 1 CPU that requires this mitigation. Defaults to 1.
+
 .. _arm_cpu_macros_errata_workarounds:
 
 CPU Errata Workarounds
commit	53b6da5f8ddd7b83792db49a8eac0e581c3b60c5	[log] [tgz]
author	Sona Mathew <sonarebecca.mathew@arm.com>	Mon May 20 13:48:19 2024 -0500
committer	Sona Mathew <sonarebecca.mathew@arm.com>	Tue Dec 17 10:24:33 2024 -0600
tree	882d424940d4dac3e323342f8d8b067b303a37c1
parent	6f6be782240e92ea84eaf711f08c703e2c503102 [diff] [blame]