From 02b57943965c89887170604e8eb801e17fd8cb99 Mon Sep 17 00:00:00 2001 From: John Tsichritzis Date: Mon, 4 Mar 2019 16:42:54 +0000 Subject: Apply stricter speculative load restriction The SCTLR.DSSBS bit is zero by default thus disabling speculative loads. However, we also explicitly set it to zero for BL2 and TSP images when each image initialises its context. This is done to ensure that the image environment is initialised in a safe state, regardless of the reset value of the bit. Change-Id: If25a8396641edb640f7f298b8d3309d5cba3cd79 Signed-off-by: John Tsichritzis --- bl2/aarch32/bl2_entrypoint.S | 7 ++++--- bl2/aarch64/bl2_entrypoint.S | 4 +++- 2 files changed, 7 insertions(+), 4 deletions(-) (limited to 'bl2') diff --git a/bl2/aarch32/bl2_entrypoint.S b/bl2/aarch32/bl2_entrypoint.S index 23d15135..102fd2f5 100644 --- a/bl2/aarch32/bl2_entrypoint.S +++ b/bl2/aarch32/bl2_entrypoint.S @@ -42,12 +42,13 @@ func bl2_entrypoint stcopr r0, VBAR isb - /* ----------------------------------------------------- - * Enable the instruction cache - * ----------------------------------------------------- + /* -------------------------------------------------------- + * Enable the instruction cache - disable speculative loads + * -------------------------------------------------------- */ ldcopr r0, SCTLR orr r0, r0, #SCTLR_I_BIT + bic r0, r0, #SCTLR_DSSBS_BIT stcopr r0, SCTLR isb diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S index 611b8076..c820cd13 100644 --- a/bl2/aarch64/bl2_entrypoint.S +++ b/bl2/aarch64/bl2_entrypoint.S @@ -41,12 +41,14 @@ func bl2_entrypoint /* --------------------------------------------- * Enable the instruction cache, stack pointer - * and data access alignment checks + * and data access alignment checks and disable + * speculative loads. * --------------------------------------------- */ mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT) mrs x0, sctlr_el1 orr x0, x0, x1 + bic x0, x0, #SCTLR_DSSBS_BIT msr sctlr_el1, x0 isb -- cgit v1.2.3