Apply stricter speculative load restriction
The SCTLR.DSSBS bit is zero by default thus disabling speculative loads.
However, we also explicitly set it to zero for BL2 and TSP images when
each image initialises its context. This is done to ensure that the
image environment is initialised in a safe state, regardless of the
reset value of the bit.
Change-Id: If25a8396641edb640f7f298b8d3309d5cba3cd79
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
diff --git a/bl2/aarch32/bl2_entrypoint.S b/bl2/aarch32/bl2_entrypoint.S
index 23d1513..102fd2f 100644
--- a/bl2/aarch32/bl2_entrypoint.S
+++ b/bl2/aarch32/bl2_entrypoint.S
@@ -42,12 +42,13 @@
stcopr r0, VBAR
isb
- /* -----------------------------------------------------
- * Enable the instruction cache
- * -----------------------------------------------------
+ /* --------------------------------------------------------
+ * Enable the instruction cache - disable speculative loads
+ * --------------------------------------------------------
*/
ldcopr r0, SCTLR
orr r0, r0, #SCTLR_I_BIT
+ bic r0, r0, #SCTLR_DSSBS_BIT
stcopr r0, SCTLR
isb
diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S
index 611b807..c820cd1 100644
--- a/bl2/aarch64/bl2_entrypoint.S
+++ b/bl2/aarch64/bl2_entrypoint.S
@@ -41,12 +41,14 @@
/* ---------------------------------------------
* Enable the instruction cache, stack pointer
- * and data access alignment checks
+ * and data access alignment checks and disable
+ * speculative loads.
* ---------------------------------------------
*/
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+ bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb
diff --git a/bl2u/aarch32/bl2u_entrypoint.S b/bl2u/aarch32/bl2u_entrypoint.S
index 67566df..6391f53 100644
--- a/bl2u/aarch32/bl2u_entrypoint.S
+++ b/bl2u/aarch32/bl2u_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -41,12 +41,13 @@
stcopr r0, VBAR
isb
- /* -----------------------------------------------------
- * Enable the instruction cache
- * -----------------------------------------------------
+ /* --------------------------------------------------------
+ * Enable the instruction cache - disable speculative loads
+ * --------------------------------------------------------
*/
ldcopr r0, SCTLR
orr r0, r0, #SCTLR_I_BIT
+ bic r0, r0, #SCTLR_DSSBS_BIT
stcopr r0, SCTLR
isb
diff --git a/bl2u/aarch64/bl2u_entrypoint.S b/bl2u/aarch64/bl2u_entrypoint.S
index 591f5f6..452869e 100644
--- a/bl2u/aarch64/bl2u_entrypoint.S
+++ b/bl2u/aarch64/bl2u_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -38,12 +38,14 @@
/* ---------------------------------------------
* Enable the instruction cache, stack pointer
- * and data access alignment checks
+ * and data access alignment checks and disable
+ * speculative loads.
* ---------------------------------------------
*/
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+ bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb
diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S
index 710b458..cd08ce7 100644
--- a/bl32/tsp/aarch64/tsp_entrypoint.S
+++ b/bl32/tsp/aarch64/tsp_entrypoint.S
@@ -63,12 +63,14 @@
/* ---------------------------------------------
* Enable the instruction cache, stack pointer
- * and data access alignment checks
+ * and data access alignment checks and disable
+ * speculative loads.
* ---------------------------------------------
*/
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+ bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb