Merge pull request #1392 from dp-arm/dp/cve_2018_3639

Implement workaround for CVE-2018-3639 on Cortex A57/A72/A73 and A75 Conflicts: services/arm_arch_svc/arm_arch_svc_setup.c
author: Dimitris Papastamos <dimitris.papastamos@arm.com> 2018-05-29 09:28:05 +0100
committer: Anson Huang <Anson.Huang@nxp.com> 2018-06-21 13:29:21 +0800
commit: 770f853dcb47ad856c060ffc6fefd626ae40e52c (patch)
tree: 89e973cc90a4341ebdec51f4e26805fa1a81319e /docs
parent: 959392911781f3bd4263a01d703097998d0aaa0f (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/cpu-specific-build-macros.rst b/docs/cpu-specific-build-macros.rst
index 9e11cdff..75622bc2 100644
--- a/docs/cpu-specific-build-macros.rst
+++ b/docs/cpu-specific-build-macros.rst
@@ -20,6 +20,17 @@ vulnerability workarounds should be applied at runtime.
 -  ``WORKAROUND_CVE_2017_5715``: Enables the security workaround for
    `CVE-2017-5715`_. Defaults to 1.
 
+-  ``WORKAROUND_CVE_2018_3639``: Enables the security workaround for
+   `CVE-2018-3639`_. Defaults to 1. The TF-A project recommends to keep
+   the default value of 1 even on platforms that are unaffected by
+   CVE-2018-3639, in order to comply with the recommendation in the spec
+   regarding workaround discovery.
+
+-  ``DYNAMIC_WORKAROUND_CVE_2018_3639``: Enables dynamic mitigation for
+   `CVE-2018-3639`_. This build option should be set to 1 if the target
+   platform contains at least 1 CPU that requires dynamic mitigation.
+   Defaults to 0.
+
 CPU Errata Workarounds
 ----------------------
author	Dimitris Papastamos <dimitris.papastamos@arm.com>	2018-05-29 09:28:05 +0100
committer	Anson Huang <Anson.Huang@nxp.com>	2018-06-21 13:29:21 +0800
commit	770f853dcb47ad856c060ffc6fefd626ae40e52c (patch)
tree	89e973cc90a4341ebdec51f4e26805fa1a81319e /docs
parent	959392911781f3bd4263a01d703097998d0aaa0f (diff)