wa_cve_2025_0647_cpprctx.h - OpenGrok history log for /rk3399_ARM-atf/include/lib/cpus/aarch64/wa_cve_2025_0647

Revision	Date	Author	Comments
# 666a488b	24-Jan-2026	Bipin Ravi <bipin.ravi@arm.com>	Merge "fix(security): add workaround for CVE-2025-0647" into integration
# 416b8613	05-Mar-2025	John Powell <john.powell@arm.com>	fix(security): add workaround for CVE-2025-0647 This workaround fixes an issue with the CPP RCTX instruction by issuing an instruction patch sequence to trap uses of the CPP RCTX instruction from EL fix(security): add workaround for CVE-2025-0647 This workaround fixes an issue with the CPP RCTX instruction by issuing an instruction patch sequence to trap uses of the CPP RCTX instruction from EL0, EL1, and EL2 to EL3 and perform a workaround procedure using the implementation defined trap handler to ensure the correct behavior of the system. In addition, it includes an EL3 API to be used if EL3 firmware needs to use the CPP RCTX instruction. This saves the overhead of exception handling, and EL3 does not generically support trapping EL3->EL3, and adding support for that is not trivial due to the implications for context management. The issue affects the following CPUs: C1-Premium C1-Ultra Cortex-A710 Cortex-X2 Cortex-X3 Cortex-X4 Cortex-X925 Neoverse N2 Neoverse V2 Neoverse V3 Neoverse V3AE (handled same as V3 CPU in TF-A CPU-Lib) Arm Security Bulletin Document: https://developer.arm.com/documentation/111546 Change-Id: I5e7589afbeb69ebb79c01bec80e29f572aff3d89 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com> show more ...

Revision

Date

Author

Comments

# 666a488b

24-Jan-2026

Bipin Ravi <bipin.ravi@arm.com>

Merge "fix(security): add workaround for CVE-2025-0647" into integration

# 416b8613

05-Mar-2025

John Powell <john.powell@arm.com>

fix(security): add workaround for CVE-2025-0647

This workaround fixes an issue with the CPP RCTX instruction by
issuing an instruction patch sequence to trap uses of the CPP RCTX
instruction from EL

fix(security): add workaround for CVE-2025-0647

This workaround fixes an issue with the CPP RCTX instruction by
issuing an instruction patch sequence to trap uses of the CPP RCTX
instruction from EL0, EL1, and EL2 to EL3 and perform a workaround
procedure using the implementation defined trap handler to ensure
the correct behavior of the system. In addition, it includes an EL3
API to be used if EL3 firmware needs to use the CPP RCTX instruction.
This saves the overhead of exception handling, and EL3 does not
generically support trapping EL3->EL3, and adding support for that
is not trivial due to the implications for context management.

The issue affects the following CPUs:

C1-Premium
C1-Ultra
Cortex-A710
Cortex-X2
Cortex-X3
Cortex-X4
Cortex-X925
Neoverse N2
Neoverse V2
Neoverse V3
Neoverse V3AE (handled same as V3 CPU in TF-A CPU-Lib)

Arm Security Bulletin Document:
https://developer.arm.com/documentation/111546

Change-Id: I5e7589afbeb69ebb79c01bec80e29f572aff3d89
Signed-off-by: John Powell <john.powell@arm.com>
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>