AArch64: Use SSBS for CVE_2018_3639 mitigation
The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
Armv8.5 feature, this can be implemented by CPUs implementing earlier
version of the architecture.
With this patch, when both PSTATE.SSBS is implemented and
DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for
SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to
indicate that mitigation on the PE is either permanently enabled or not
required.
When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset
of every BL stage. This means that EL3 always executes with mitigation
applied.
For Cortex A76, if the PE implements SSBS, the existing mitigation (by
using a different vector table, and tweaking CPU ACTLR2) is not used.
Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
diff --git a/include/lib/aarch32/arch.h b/include/lib/aarch32/arch.h
index 3e5e3fb..fa6e5db 100644
--- a/include/lib/aarch32/arch.h
+++ b/include/lib/aarch32/arch.h
@@ -132,6 +132,7 @@
#define SCTLR_TRE_BIT (U(1) << 28)
#define SCTLR_AFE_BIT (U(1) << 29)
#define SCTLR_TE_BIT (U(1) << 30)
+#define SCTLR_DSSBS_BIT (U(1) << 31)
#define SCTLR_RESET_VAL (SCTLR_RES1 | SCTLR_NTWE_BIT | \
SCTLR_NTWI_BIT | SCTLR_CP15BEN_BIT)
diff --git a/include/lib/aarch64/arch.h b/include/lib/aarch64/arch.h
index d7867bc..97595e9 100644
--- a/include/lib/aarch64/arch.h
+++ b/include/lib/aarch64/arch.h
@@ -198,6 +198,12 @@
#define ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED ULL(0x1)
#define ID_AA64MMFR0_EL1_TGRAN16_NOT_SUPPORTED ULL(0x0)
+/* ID_AA64PFR1_EL1 definitions */
+#define ID_AA64PFR1_EL1_SSBS_SHIFT U(4)
+#define ID_AA64PFR1_EL1_SSBS_MASK ULL(0xf)
+
+#define SSBS_UNAVAILABLE ULL(0) /* No architectural SSBS support */
+
/* ID_PFR1_EL1 definitions */
#define ID_PFR1_VIRTEXT_SHIFT U(12)
#define ID_PFR1_VIRTEXT_MASK U(0xf)
@@ -219,29 +225,30 @@
(U(1) << 22) | (U(1) << 18) | (U(1) << 16) | \
(U(1) << 11) | (U(1) << 5) | (U(1) << 4))
-#define SCTLR_M_BIT (U(1) << 0)
-#define SCTLR_A_BIT (U(1) << 1)
-#define SCTLR_C_BIT (U(1) << 2)
-#define SCTLR_SA_BIT (U(1) << 3)
-#define SCTLR_SA0_BIT (U(1) << 4)
-#define SCTLR_CP15BEN_BIT (U(1) << 5)
-#define SCTLR_ITD_BIT (U(1) << 7)
-#define SCTLR_SED_BIT (U(1) << 8)
-#define SCTLR_UMA_BIT (U(1) << 9)
-#define SCTLR_I_BIT (U(1) << 12)
-#define SCTLR_V_BIT (U(1) << 13)
-#define SCTLR_DZE_BIT (U(1) << 14)
-#define SCTLR_UCT_BIT (U(1) << 15)
-#define SCTLR_NTWI_BIT (U(1) << 16)
-#define SCTLR_NTWE_BIT (U(1) << 18)
-#define SCTLR_WXN_BIT (U(1) << 19)
-#define SCTLR_UWXN_BIT (U(1) << 20)
-#define SCTLR_E0E_BIT (U(1) << 24)
-#define SCTLR_EE_BIT (U(1) << 25)
-#define SCTLR_UCI_BIT (U(1) << 26)
-#define SCTLR_TRE_BIT (U(1) << 28)
-#define SCTLR_AFE_BIT (U(1) << 29)
-#define SCTLR_TE_BIT (U(1) << 30)
+#define SCTLR_M_BIT (ULL(1) << 0)
+#define SCTLR_A_BIT (ULL(1) << 1)
+#define SCTLR_C_BIT (ULL(1) << 2)
+#define SCTLR_SA_BIT (ULL(1) << 3)
+#define SCTLR_SA0_BIT (ULL(1) << 4)
+#define SCTLR_CP15BEN_BIT (ULL(1) << 5)
+#define SCTLR_ITD_BIT (ULL(1) << 7)
+#define SCTLR_SED_BIT (ULL(1) << 8)
+#define SCTLR_UMA_BIT (ULL(1) << 9)
+#define SCTLR_I_BIT (ULL(1) << 12)
+#define SCTLR_V_BIT (ULL(1) << 13)
+#define SCTLR_DZE_BIT (ULL(1) << 14)
+#define SCTLR_UCT_BIT (ULL(1) << 15)
+#define SCTLR_NTWI_BIT (ULL(1) << 16)
+#define SCTLR_NTWE_BIT (ULL(1) << 18)
+#define SCTLR_WXN_BIT (ULL(1) << 19)
+#define SCTLR_UWXN_BIT (ULL(1) << 20)
+#define SCTLR_E0E_BIT (ULL(1) << 24)
+#define SCTLR_EE_BIT (ULL(1) << 25)
+#define SCTLR_UCI_BIT (ULL(1) << 26)
+#define SCTLR_TRE_BIT (ULL(1) << 28)
+#define SCTLR_AFE_BIT (ULL(1) << 29)
+#define SCTLR_TE_BIT (ULL(1) << 30)
+#define SCTLR_DSSBS_BIT (ULL(1) << 44)
#define SCTLR_RESET_VAL SCTLR_EL3_RES1
/* CPACR_El1 definitions */