Date: Wed, 4 Apr 2018 06:30:06 +0000 From: Alexey Dokuchaev <danfe@FreeBSD.org> To: Michal Meloun <mmel@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: Re: svn commit: r331988 - in stable/11/sys/arm: arm include Message-ID: <20180404063006.GA11981@FreeBSD.org> In-Reply-To: <201804040611.w346B6Xq054410@repo.freebsd.org> References: <201804040611.w346B6Xq054410@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 04, 2018 at 06:11:06AM +0000, Michal Meloun wrote: > New Revision: 331988 > URL: https://svnweb.freebsd.org/changeset/base/331988 > > Log: > MFC r328467: > > Implement mitigation for Spectre version 2 attacks on ARMv7. > > + case CPU_ARCH_CORTEX_A8: > + /* > + * For Cortex-A8, IBE bit must be set otherwise > + * BPIALL is effectively NOP. > + * Unfortunately, Cortex-A is also affected by > + * ARM erratum 687067 which causes non-working > + * BPIALL if IBE bit is set and 'Instruction L1 System > + * Array Debug Register 0' is not 0. > + * This register is not reset on power-up and is > + * accessible only from secure world, so we cannot do > + * nothing (nor detect) to fix this issue. > + * I afraid that on chip ROM based secure monitor on "I'm afraid", perhaps? > + printf("!!!WARNING!!! CPU(%d) is vulnerable to speculative " > + "branch attacks. !!!\n" > + "Qualcomm Krait cores are known (or believed) to be " > + "vulnerable to \n" > + "speculative branch attacks, no mitigation exists yet.\n", > + PCPU_GET(cpuid)); > + goto unkonown_mitigation; > + } else { > + goto unkonown_mitigation; unkonown? :-) ./danfe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180404063006.GA11981>