fix(security): update Cortex-A15 CPU lib files for CVE-2022-23960 Cortex-A15 does not support FEAT_CSV2 so the existing workaround for Spectre V2 is sufficient to mitigate against Spectre BHB attacks, however the code needed to be updated to work with the new build flag. Also, some code was refactored several years ago and not updated in the Cortex-A15 library file so this patch fixes that as well. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I768c88a38c561c91019b038ac6c22b291955f18e

commit: 7f7c6fa23728b0bcf2b42b77ffcc4b4a262f1a44 [log] [tgz]
author: John Powell <john.powell@arm.com> Thu Apr 14 19:10:17 2022 -0500
committer: John Powell <john.powell@arm.com> Thu Apr 28 20:33:09 2022 +0200
tree: aea9a81f0f996986e143ecb76fb4ff17cb415472
parent: 6880e38092a57fd99ebde72d8675ee7db4a909d1 [diff] [blame]
diff --git a/bl32/sp_min/sp_min.mk b/bl32/sp_min/sp_min.mk
index 590b032..ab1287d 100644
--- a/bl32/sp_min/sp_min.mk
+++ b/bl32/sp_min/sp_min.mk

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2022, Arm Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -35,6 +35,10 @@
 ifeq (${WORKAROUND_CVE_2017_5715},1)
 BL32_SOURCES		+=	bl32/sp_min/wa_cve_2017_5715_bpiall.S	\
 				bl32/sp_min/wa_cve_2017_5715_icache_inv.S
+else
+ifeq (${WORKAROUND_CVE_2022_23960},1)
+BL32_SOURCES		+=	bl32/sp_min/wa_cve_2017_5715_icache_inv.S
+endif
 endif
 
 ifeq (${TRNG_SUPPORT},1)
commit	7f7c6fa23728b0bcf2b42b77ffcc4b4a262f1a44	[log] [tgz]
author	John Powell <john.powell@arm.com>	Thu Apr 14 19:10:17 2022 -0500
committer	John Powell <john.powell@arm.com>	Thu Apr 28 20:33:09 2022 +0200
tree	aea9a81f0f996986e143ecb76fb4ff17cb415472
parent	6880e38092a57fd99ebde72d8675ee7db4a909d1 [diff] [blame]