blob: d73e74b6bcd97cd08e9cf36e160ea0d9c2a7ee4a [file] [log] [blame]
Bipin Ravi4b313412022-02-25 19:12:10 -06001Advisory TFV-9 (CVE-2022-23960)
2============================================================
3
4+----------------+-------------------------------------------------------------+
5| Title | Trusted Firmware-A exposure to speculative processor |
6| | vulnerabilities with branch prediction target reuse |
7+================+=============================================================+
8| CVE ID | `CVE-2022-23960`_ |
9+----------------+-------------------------------------------------------------+
10| Date | 08 Mar 2022 |
11+----------------+-------------------------------------------------------------+
12| Versions | All, up to and including v2.6 |
13| Affected | |
14+----------------+-------------------------------------------------------------+
15| Configurations | All |
16| Affected | |
17+----------------+-------------------------------------------------------------+
18| Impact | Potential leakage of secure world data to normal world |
19| | if an attacker is able to find a TF-A exfiltration primitive|
20| | that can be predicted as a valid branch target, and somehow |
21| | induce misprediction onto that primitive. There are |
22| | currently no known exploits. |
23+----------------+-------------------------------------------------------------+
24| Fix Version | `Gerrit topic #spectre_bhb`_ |
25+----------------+-------------------------------------------------------------+
26| Credit | Systems and Network Security Group at Vrije Universiteit |
27| | Amsterdam for CVE-2022-23960, Arm for patches |
28+----------------+-------------------------------------------------------------+
29
30This security advisory describes the current understanding of the Trusted
31Firmware-A exposure to the new speculative processor vulnerability.
32To understand the background and wider impact of these vulnerabilities on Arm
33systems, please refer to the `Arm Processor Security Update`_. The whitepaper
34referred to below describes the Spectre attack and mitigation in more detail
35including implementation specific mitigation details for all impacted Arm CPUs.
36
37
38`CVE-2022-23960`_
39-----------------
40
41Where possible on vulnerable CPUs that implement FEAT_CSV2, Arm recommends
42inserting a loop workaround with implementation specific number of iterations
43that will discard the branch history on exception entry to a higher exception
44level for the given CPU. This is done as early as possible on entry into EL3,
45before any branch instruction is executed. This is sufficient to mitigate
46Spectre-BHB on behalf of all secure world code, assuming that no secure world
47code is under attacker control.
48
49The below table lists the CPUs that mitigate against this vulnerability in
50TF-A using the loop workaround(all cores that implement FEAT_CSV2 except the
51revisions of Cortex-A73 and Cortex-A75 that implements FEAT_CSV2).
52
53+----------------------+
54| Core |
55+----------------------+
56| Cortex-A72(from r1p0)|
57+----------------------+
58| Cortex-A76 |
59+----------------------+
Bipin Ravi071da432022-06-16 16:32:22 -050060| Cortex-A76AE |
61+----------------------+
Bipin Ravi4b313412022-02-25 19:12:10 -060062| Cortex-A77 |
63+----------------------+
64| Cortex-A78 |
65+----------------------+
Bipin Ravi071da432022-06-16 16:32:22 -050066| Cortex-A78AE |
67+----------------------+
68| Cortex-A78C |
69+----------------------+
70| Cortex-X1 |
71+----------------------+
Bipin Ravi4b313412022-02-25 19:12:10 -060072| Cortex-X2 |
73+----------------------+
Boyan Karatotevbdf953c2022-10-25 11:29:04 +010074| Cortex-X3 |
75+----------------------+
Bipin Ravi4b313412022-02-25 19:12:10 -060076| Cortex-A710 |
77+----------------------+
Bipin Ravi9365f8a2022-11-04 22:52:56 -050078| Cortex-A715 |
Bipin Ravi071da432022-06-16 16:32:22 -050079+----------------------+
Bipin Ravi071da432022-06-16 16:32:22 -050080| Cortex-Hunter |
81+----------------------+
Bipin Ravi4b313412022-02-25 19:12:10 -060082| Neoverse-N1 |
83+----------------------+
84| Neoverse-N2 |
85+----------------------+
86| Neoverse-V1 |
87+----------------------+
Joel Goddarda1c50ab2022-09-21 21:52:28 +053088| Neoverse-V2 |
Bipin Ravi071da432022-06-16 16:32:22 -050089+----------------------+
90| Neoverse-Poseidon |
91+----------------------+
Bipin Ravi4b313412022-02-25 19:12:10 -060092
93For all other cores impacted by Spectre-BHB, some of which that do not implement
94FEAT_CSV2 and some that do e.g. Cortex-A73, the recommended mitigation is to
95flush all branch predictions via an implementation specific route.
96
97In case local workaround is not feasible, the Rich OS can invoke the SMC
98(``SMCCC_ARCH_WORKAROUND_3``) to apply the workaround. Refer to `SMCCC Calling
99Convention specification`_ for more details.
100
101`Gerrit topic #spectre_bhb`_ This patchset implements the Spectre-BHB loop
Bipin Ravi9365f8a2022-11-04 22:52:56 -0500102workaround for CPUs mentioned in the above table. For CPUs supporting
103speculative barrier instruction, the loop workaround is optimised by using SB
104in place of the common DSB and ISB sequence. It also mitigates against
Bipin Ravi4b313412022-02-25 19:12:10 -0600105this vulnerability for Cortex-A72 CPU versions that support the CSV2 feature
106(from r1p0). The patch stack also includes an implementation for a specified
107`CVE-2022-23960`_ workaround SMC(``SMCCC_ARCH_WORKAROUND_3``) for use by normal
108world privileged software. Details of ``SMCCC_ARCH_WORKAROUND_3`` can be found
109in the `SMCCC Calling Convention specification`_. The specification and
110implementation also enables the normal world to discover the presence of this
111firmware service. This patch also implements ``SMCCC_ARCH_WORKAROUND_3`` for
112Cortex-A57, Coxtex-A72, Cortex-A73 and Cortex-A75 using the existing workaround.
Bipin Ravi071da432022-06-16 16:32:22 -0500113for CVE-2017-5715. Cortex-A15 patch extends Spectre V2 mitigation to Spectre-BHB.
Bipin Ravi4b313412022-02-25 19:12:10 -0600114
115The above workaround is enabled by default (on vulnerable CPUs only). Platforms
116can choose to disable them at compile time if they do not require them.
117
118For more information about non-Arm CPUs, please contact the CPU vendor.
119
120.. _Arm Processor Security Update: http://www.arm.com/security-update
121.. _CVE-2022-23960: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960
122.. _Gerrit topic #spectre_bhb: https://review.trustedfirmware.org/q/topic:"spectre_bhb"+(status:open%20OR%20status:merged)
123.. _CVE-2022-23960 mitigation specification: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
124.. _SMCCC Calling Convention specification: https://developer.arm.com/documentation/den0028/latest