From 770f853dcb47ad856c060ffc6fefd626ae40e52c Mon Sep 17 00:00:00 2001 From: Dimitris Papastamos Date: Tue, 29 May 2018 09:28:05 +0100 Subject: Merge pull request #1392 from dp-arm/dp/cve_2018_3639 Implement workaround for CVE-2018-3639 on Cortex A57/A72/A73 and A75 Conflicts: services/arm_arch_svc/arm_arch_svc_setup.c --- docs/cpu-specific-build-macros.rst | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'docs') diff --git a/docs/cpu-specific-build-macros.rst b/docs/cpu-specific-build-macros.rst index 9e11cdff..75622bc2 100644 --- a/docs/cpu-specific-build-macros.rst +++ b/docs/cpu-specific-build-macros.rst @@ -20,6 +20,17 @@ vulnerability workarounds should be applied at runtime. - ``WORKAROUND_CVE_2017_5715``: Enables the security workaround for `CVE-2017-5715`_. Defaults to 1. +- ``WORKAROUND_CVE_2018_3639``: Enables the security workaround for + `CVE-2018-3639`_. Defaults to 1. The TF-A project recommends to keep + the default value of 1 even on platforms that are unaffected by + CVE-2018-3639, in order to comply with the recommendation in the spec + regarding workaround discovery. + +- ``DYNAMIC_WORKAROUND_CVE_2018_3639``: Enables dynamic mitigation for + `CVE-2018-3639`_. This build option should be set to 1 if the target + platform contains at least 1 CPU that requires dynamic mitigation. + Defaults to 0. + CPU Errata Workarounds ---------------------- -- cgit v1.2.3