From 02b57943965c89887170604e8eb801e17fd8cb99 Mon Sep 17 00:00:00 2001
From: John Tsichritzis <john.tsichritzis@arm.com>
Date: Mon, 4 Mar 2019 16:42:54 +0000
Subject: Apply stricter speculative load restriction

The SCTLR.DSSBS bit is zero by default thus disabling speculative loads.
However, we also explicitly set it to zero for BL2 and TSP images when
each image initialises its context. This is done to ensure that the
image environment is initialised in a safe state, regardless of the
reset value of the bit.

Change-Id: If25a8396641edb640f7f298b8d3309d5cba3cd79
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
---
 bl32/tsp/aarch64/tsp_entrypoint.S | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'bl32')

diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S
index 710b4588..cd08ce7d 100644
--- a/bl32/tsp/aarch64/tsp_entrypoint.S
+++ b/bl32/tsp/aarch64/tsp_entrypoint.S
@@ -63,12 +63,14 @@ func tsp_entrypoint _align=3
 
 	/* ---------------------------------------------
 	 * Enable the instruction cache, stack pointer
-	 * and data access alignment checks
+	 * and data access alignment checks and disable
+	 * speculative loads.
 	 * ---------------------------------------------
 	 */
 	mov	x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
 	mrs	x0, sctlr_el1
 	orr	x0, x0, x1
+	bic	x0, x0, #SCTLR_DSSBS_BIT
 	msr	sctlr_el1, x0
 	isb
 
-- 
cgit v1.2.3