Fixup `SMCCC_ARCH_FEATURES` semantics
When querying `SMCCC_ARCH_WORKAROUND_1` through `SMCCC_ARCH_FEATURES`,
return either:
* -1 to indicate the PE on which `SMCCC_ARCH_FEATURES` is called
requires firmware mitigation for CVE-2017-5715 but the mitigation
is not compiled in.
* 0 to indicate that firmware mitigation is required, or
* 1 to indicate that no firmware mitigation is required.
This patch complies with v1.2 of the firmware interfaces
specification (ARM DEN 0070A).
Change-Id: Ibc32d6620efdac6c340758ec502d95554a55f02a
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
diff --git a/lib/cpus/aarch64/cortex_a57.S b/lib/cpus/aarch64/cortex_a57.S
index c82ebfc..4d072e1 100644
--- a/lib/cpus/aarch64/cortex_a57.S
+++ b/lib/cpus/aarch64/cortex_a57.S
@@ -555,8 +555,8 @@
ret
endfunc cortex_a57_cpu_reg_dump
-
-declare_cpu_ops cortex_a57, CORTEX_A57_MIDR, \
+declare_cpu_ops_workaround_cve_2017_5715 cortex_a57, CORTEX_A57_MIDR, \
cortex_a57_reset_func, \
+ check_errata_cve_2017_5715, \
cortex_a57_core_pwr_dwn, \
cortex_a57_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a72.S b/lib/cpus/aarch64/cortex_a72.S
index 199820c..29fa77b 100644
--- a/lib/cpus/aarch64/cortex_a72.S
+++ b/lib/cpus/aarch64/cortex_a72.S
@@ -292,8 +292,8 @@
ret
endfunc cortex_a72_cpu_reg_dump
-
-declare_cpu_ops cortex_a72, CORTEX_A72_MIDR, \
+declare_cpu_ops_workaround_cve_2017_5715 cortex_a72, CORTEX_A72_MIDR, \
cortex_a72_reset_func, \
+ check_errata_cve_2017_5715, \
cortex_a72_core_pwr_dwn, \
cortex_a72_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a73.S b/lib/cpus/aarch64/cortex_a73.S
index 63d16f9..0a961ea 100644
--- a/lib/cpus/aarch64/cortex_a73.S
+++ b/lib/cpus/aarch64/cortex_a73.S
@@ -170,7 +170,8 @@
ret
endfunc cortex_a73_cpu_reg_dump
-declare_cpu_ops cortex_a73, CORTEX_A73_MIDR, \
+declare_cpu_ops_workaround_cve_2017_5715 cortex_a73, CORTEX_A73_MIDR, \
cortex_a73_reset_func, \
+ check_errata_cve_2017_5715, \
cortex_a73_core_pwr_dwn, \
cortex_a73_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a75.S b/lib/cpus/aarch64/cortex_a75.S
index d102795..288f5af 100644
--- a/lib/cpus/aarch64/cortex_a75.S
+++ b/lib/cpus/aarch64/cortex_a75.S
@@ -113,6 +113,7 @@
ret
endfunc cortex_a75_cpu_reg_dump
-declare_cpu_ops cortex_a75, CORTEX_A75_MIDR, \
+declare_cpu_ops_workaround_cve_2017_5715 cortex_a75, CORTEX_A75_MIDR, \
cortex_a75_reset_func, \
+ check_errata_cve_2017_5715, \
cortex_a75_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cpu_helpers.S b/lib/cpus/aarch64/cpu_helpers.S
index ae1c3c2..5a9226d 100644
--- a/lib/cpus/aarch64/cpu_helpers.S
+++ b/lib/cpus/aarch64/cpu_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,9 +7,7 @@
#include <arch.h>
#include <asm_macros.S>
#include <assert_macros.S>
-#if defined(IMAGE_BL31) || (defined(IMAGE_BL2) && BL2_AT_EL3)
#include <cpu_data.h>
-#endif
#include <cpu_macros.S>
#include <debug.h>
#include <errata_report.h>
@@ -281,3 +279,36 @@
br x1
endfunc print_errata_status
#endif
+
+/*
+ * int check_workaround_cve_2017_5715(void);
+ *
+ * This function returns:
+ * - ERRATA_APPLIES when firmware mitigation is required.
+ * - ERRATA_NOT_APPLIES when firmware mitigation is _not_ required.
+ * - ERRATA_MISSING when firmware mitigation would be required but
+ * is not compiled in.
+ *
+ * NOTE: Must be called only after cpu_ops have been initialized
+ * in per-CPU data.
+ */
+ .globl check_workaround_cve_2017_5715
+func check_workaround_cve_2017_5715
+ mrs x0, tpidr_el3
+#if ENABLE_ASSERTIONS
+ cmp x0, #0
+ ASM_ASSERT(ne)
+#endif
+ ldr x0, [x0, #CPU_DATA_CPU_OPS_PTR]
+ ldr x0, [x0, #CPU_EXTRA1_FUNC]
+ /*
+ * If the reserved function pointer is NULL, this CPU
+ * is unaffected by CVE-2017-5715 so bail out.
+ */
+ cmp x0, #0
+ beq 1f
+ br x0
+1:
+ mov x0, #ERRATA_NOT_APPLIES
+ ret
+endfunc check_workaround_cve_2017_5715