Open afaerber opened 6 years ago
This is in our plans for the next month
Kosta
On Tue, May 22, 2018, 21:09 Andreas Färber notifications@github.com wrote:
@kostapr https://github.com/kostapr As of last night, a pull request ARM-software/arm-trusted-firmware#1392 https://github.com/ARM-software/arm-trusted-firmware/pull/1392 is pending upstream with mitigations for CVE-2018-3639 (new Spectre variant 4). Please backport the CA72 mitigation.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MarvellEmbeddedProcessors/atf-marvell/issues/11, or mute the thread https://github.com/notifications/unsubscribe-auth/AIhiYneIYfCcg_ttnAAMeuPpKjjQBlJMks5t1FRXgaJpZM4UJJB8 .
@afaerber Please correct me if I am wrong. Only this patch need to be ported to ATF 1.3 https://github.com/ARM-software/arm-trusted-firmware/pull/1392/commits/b8a25bbb0bab4e4afdbfb04bee98f0bf28141c4b
That'll be the absolute minimum. I'd have to check but the dynamic mitigation (third commit) may be the one to introduce the SMCCC interface for querying mitigation presence from Linux? For cherry-picking to v1.5 I needed to backport two code movements beyond that pull: https://build.opensuse.org/package/show/hardware:boot/arm-trusted-firmware
@afaerber I pushed the first back-porting draft here: https://github.com/kostapr/atf-marvell/commits/atf-v1.3-armada-17.10-spectre-v4 Would please take a look? If these patches are OK, I will add them to the next 17.10 release (17.10.9).
Looks okay on a quick peek. But there's 18.06 branches now, so not sure if it still makes sense for 17.10?
The 17.10 considered LTS version.
@kostapr As of last night, a pull request https://github.com/ARM-software/arm-trusted-firmware/pull/1392 is pending upstream with mitigations for CVE-2018-3639 (new Spectre variant 4). Please backport the CA72 mitigation.