Merge changes from topic "v3_errata" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3312417
fix(cpus): workaround for Neoverse V3 erratum 3878291
fix(cpus): workarou

Merge changes from topic "v3_errata" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3312417
fix(cpus): workaround for Neoverse V3 erratum 3878291
fix(cpus): workaround for Neoverse V3 erratum 3864536
fix(cpus): workaround for Neoverse V3 erratum 3782181
fix(cpus): workaround for Neoverse V3 erratum 3734562
fix(cpus): workaround for Neoverse V3 erratum 3696307

show more ...

fix(cpus): workaround for Neoverse-V3 erratum 3312417

Neoverse-V3 erratum 3312417 is a Cat B erratum that applies
to revisions r0p0 and r0p1, and is fixed in r0p2.

This errata can be avoided by add

fix(cpus): workaround for Neoverse-V3 erratum 3312417

Neoverse-V3 erratum 3312417 is a Cat B erratum that applies
to revisions r0p0 and r0p1, and is fixed in r0p2.

This errata can be avoided by adding a speculation barrier
instruction following writes to the SSBS register to
ensure the new value of PSTATE.SSBS affects the subsequent
instructions in the execution stream under speculation.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: I78a7682cbdf3dbc4c31fcca8cbd892350b998cf4
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

fix(cpus): workaround for Neoverse V3 erratum 3878291

Neoverse V3 erratum 3878291 is a Cat B erratum that applies to
revisions r0p0, r0p1 and r0p2, and is still open.

The erratum can be avoided by

fix(cpus): workaround for Neoverse V3 erratum 3878291

Neoverse V3 erratum 3878291 is a Cat B erratum that applies to
revisions r0p0, r0p1 and r0p2, and is still open.

The erratum can be avoided by setting CPUACTLR4_EL1[57]. Setting this
bit causes the PE to treat GPT invalidations as TLBI PAALL, thereby
invalidating all GPT entries. If the physical memory map does not use
addresses with bits 46 or 47 set, then no workaround is necessary.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: I0ebab877b6481a18bec963b95cf2f37c97d8de65
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

fix(cpus): workaround for Neoverse V3 erratum 3864536

Neoverse V3 erratum 3864536 is a Cat B erratum that applies to
revisions r0p0, r0p1 and r0p2, and is still open.

The erratum can be avoided by

fix(cpus): workaround for Neoverse V3 erratum 3864536

Neoverse V3 erratum 3864536 is a Cat B erratum that applies to
revisions r0p0, r0p1 and r0p2, and is still open.

The erratum can be avoided by setting CPUACTLR2[22] to 1'b1 which will
disable linking multiple Non-Cacheable or Device GRE loads to the same
read request for the cache-line. This might have a significant
performance impact to Non-cacheable and Device GRE read bandwidth for
streaming scenarios.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: If4b20d941d628b92748b14d027b8127f74005eff
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

fix(cpus): workaround for Neoverse V3 erratum 3782181

Neoverse V3 erratum 3782181 is a Cat B erratum that applies to
revision r0p1 and is fixed in r0p2.

If the erratum condition occurs, then the co

fix(cpus): workaround for Neoverse V3 erratum 3782181

Neoverse V3 erratum 3782181 is a Cat B erratum that applies to
revision r0p1 and is fixed in r0p2.

If the erratum condition occurs, then the core will not leave the
FULL_RET power mode, which will cause the system to deadlock. The
FULL_RET power mode should not be enabled. This can be done by setting
both IMP_CPUPWRCTLR_EL1.WFE_RET_CTL and IMP_CPUPWRCTLR_EL1.WFI_RET_CTL
to 0b000 which is the default value.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: Icfa463cf4888bd48f16a218e7ad399528feca55e
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

fix(cpus): workaround for Neoverse V3 erratum 3734562

Neoverse V3 erratum 3734562 is a Cat B erratum that applies to
revisions r0p0 and r0p1, and is fixed in r0p2.

This erratum can be avoided throu

fix(cpus): workaround for Neoverse V3 erratum 3734562

Neoverse V3 erratum 3734562 is a Cat B erratum that applies to
revisions r0p0 and r0p1, and is fixed in r0p2.

This erratum can be avoided through the following write sequence to
several IMPLEMENTATION DEFINED registers, which will execute a PSB
instruction following the TSB CSYNC instruction. The code sequence
should be applied early in the boot sequence prior to executing a TSB
CSYNC instruction.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: Ib3c35c7e619e6a836c974b7016bb6a4d66da48d6
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

fix(cpus): workaround for Neoverse V3 erratum 3696307

Neoverse V3 erratum 3696307 is a Cat B erratum that applies to
revisions r0p0 and r0p1, and is fixed in r0p2.

The erratum can be avoided by dis

fix(cpus): workaround for Neoverse V3 erratum 3696307

Neoverse V3 erratum 3696307 is a Cat B erratum that applies to
revisions r0p0 and r0p1, and is fixed in r0p2.

The erratum can be avoided by disabling the affected prefetcher by
setting CPUACTLR6_EL1[41].

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958

Change-Id: If274749621549356e41485d0bf09682281df3a9b
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
docs(security): update CVE-2024-7881 affected CPU revisions
fix(security): update Neoverse-V2 fix version for CVE-2024-7

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
docs(security): update CVE-2024-7881 affected CPU revisions
fix(security): update Neoverse-V2 fix version for CVE-2024-7881
fix(security): update Cortex-X3 fix version for CVE-2024-7881
fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
fix(security): update Cortex-X925 fix version for CVE-2024-7881
fix(security): update Cortex-X4 fix version for CVE-2024-7881

show more ...

fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881

This patch updates the Neoverse-V3 / Neoverse-V3AE revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696307 [2][3] appli

fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881

This patch updates the Neoverse-V3 / Neoverse-V3AE revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696307 [2][3] applies.
The erratum applies to r0p0, r0p1 and is fixed in r0p2.

[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-2891958/latest/
[3] https://developer.arm.com/documentation/SDEN-2615521/latest/

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: If3e2989a4b5a5c68dc12e23978b226c73f21ba14

show more ...

Merge changes from topic "gr/spectre_bhb_updates" into integration

* changes:
fix(security): remove CVE_2022_23960 Cortex-X4
fix(security): remove CVE_2022_23960 Neoverse V3
fix(security): rem

Merge changes from topic "gr/spectre_bhb_updates" into integration

* changes:
fix(security): remove CVE_2022_23960 Cortex-X4
fix(security): remove CVE_2022_23960 Neoverse V3
fix(security): remove CVE_2022_23960 Cortex-A720

show more ...

fix(security): remove CVE_2022_23960 Neoverse V3

Neoverse V3 has ECBHB implemented and is protected against X-Context
attacks.

Ref: https://developer.arm.com/documentation/110280/latest/
TRM: https

fix(security): remove CVE_2022_23960 Neoverse V3

Neoverse V3 has ECBHB implemented and is protected against X-Context
attacks.

Ref: https://developer.arm.com/documentation/110280/latest/
TRM: https://developer.arm.com/documentation/107734/0002/The-Neoverse--V3--core/Supported-standards-and-specifications?lang=en

Remove WORKAROUND_CVE_2022_23960 to avoid accidental enabling of this
workaround and using loop workaround.

This was accidentally added with
commit@c2a15217c3053117f4d39233002cb1830fa96670

Change-Id: I13b27c04c3da5ec80fa79422b4ef4fee64738caa
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused arg

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused argument forward_flag

show more ...

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* cal

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* calls.

Previously, EXTRA functions were individually implemented for
each SMCCC_ARCH_WORKAROUND_*, an approach that becomes unmanageable
with the increasing number of workarounds.
By looking up erratum entries for CVE check, the process is streamlined,
reducing overhead associated with creating and
maintaining EXTRA functions for each new workaround.

New Errata entries are created for SMC workarounds and
that is used to target cpus that are uniquely impacted
by SMC workarounds.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I873534e367a35c99461d0a616ff7bf856a0000af

show more ...

Merge changes from topic "ar/cvereorder" into integration

* changes:
chore(cpus): rearrange the errata and cve in order in Cortex-X4
chore(cpus): rearrange the errata and cve in order in Neovers

Merge changes from topic "ar/cvereorder" into integration

* changes:
chore(cpus): rearrange the errata and cve in order in Cortex-X4
chore(cpus): rearrange the errata and cve in order in Neoverse-V3

show more ...

chore(cpus): rearrange the errata and cve in order in Neoverse-V3

Patch sorts the errata IDs in ascending order and the CVE's
in ascending order based on the year and index for Neoverse-V3.

Change-

chore(cpus): rearrange the errata and cve in order in Neoverse-V3

Patch sorts the errata IDs in ascending order and the CVE's
in ascending order based on the year and index for Neoverse-V3.

Change-Id: I108eb2896e24c135d56e5096289766d777b48b48
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge changes from topic "bk/errata_speed" into integration

* changes:
refactor(cpus): declare runtime errata correctly
perf(cpus): make reset errata do fewer branches
perf(cpus): inline the i

Merge changes from topic "bk/errata_speed" into integration

* changes:
refactor(cpus): declare runtime errata correctly
perf(cpus): make reset errata do fewer branches
perf(cpus): inline the init_cpu_data_ptr function
perf(cpus): inline the reset function
perf(cpus): inline the cpu_get_rev_var call
perf(cpus): inline cpu_rev_var checks
refactor(cpus): register DSU errata with the errata framework's wrappers
refactor(cpus): convert checker functions to standard helpers
refactor(cpus): convert the Cortex-A65 to use the errata framework
fix(cpus): declare reset errata correctly

show more ...

perf(cpus): make reset errata do fewer branches

Errata application is painful for performance. For a start, it's done
when the core has just come out of reset, which means branch predictors
and cach

perf(cpus): make reset errata do fewer branches

Errata application is painful for performance. For a start, it's done
when the core has just come out of reset, which means branch predictors
and caches will be empty so a branch to a workaround function must be
fetched from memory and that round trip is very slow. Then it also runs
with the I-cache off, which means that the loop to iterate over the
workarounds must also be fetched from memory on each iteration.

We can remove both branches. First, we can simply apply every erratum
directly instead of defining a workaround function and jumping to it.
Currently, no errata that need to be applied at both reset and runtime,
with the same workaround function, exist. If the need arose in future,
this should be achievable with a reset + runtime wrapper combo.

Then, we can construct a function that applies each erratum linearly
instead of looping over the list. If this function is part of the reset
function, then the only "far" branches at reset will be for the checker
functions. Importantly, this mitigates the slowdown even when an erratum
is disabled.

The result is ~50% speedup on N1SDP and ~20% on AArch64 Juno on wakeup
from PSCI calls that end in powerdown. This is roughly back to the
baseline of v2.9, before the errata framework regressed on performance
(or a little better). It is important to note that there are other
slowdowns since then that remain unknown.

Change-Id: Ie4d5288a331b11fd648e5c4a0b652b74160b07b9
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge changes from topic "gr/errata_mpidr" into integration

* changes:
fix(cpus): workaround for Cortex-X925 erratum 2963999
fix(cpus): workaround for Neoverse-V3 erratum 2970647
fix(cpus): wo

Merge changes from topic "gr/errata_mpidr" into integration

* changes:
fix(cpus): workaround for Cortex-X925 erratum 2963999
fix(cpus): workaround for Neoverse-V3 erratum 2970647
fix(cpus): workaround for Cortex-X4 erratum 2957258

show more ...

fix(cpus): workaround for Neoverse-V3 erratum 2970647

Neoverse V3 erratum 2970647 that applies to r0p0 and is fixed in r0p1.

In EL3, reads of MPIDR_EL1 and MIDR_EL1 might incorrectly virtualize
whi

fix(cpus): workaround for Neoverse-V3 erratum 2970647

Neoverse V3 erratum 2970647 that applies to r0p0 and is fixed in r0p1.

In EL3, reads of MPIDR_EL1 and MIDR_EL1 might incorrectly virtualize
which register to return when reading the value of
MPIDR_EL1/VMPIDR_EL2 and MIDR_EL1/VPIDR_EL2, respectively.

The workaround is to do an ISB prior to an MRS read to either
MPIDR_EL1 and MIDR_EL1.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958/latest/

Change-Id: Iedf7d799451f0be58a5da1f93f7f5b6940f2bb35
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "gr/errata_ICH_VMCR_EL2" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3701767
fix(cpus): workaround for Neoverse-N3 erratum 3699563
fix(cp

Merge changes from topic "gr/errata_ICH_VMCR_EL2" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3701767
fix(cpus): workaround for Neoverse-N3 erratum 3699563
fix(cpus): workaround for Neoverse-N2 erratum 3701773
fix(cpus): workaround for Cortex-X925 erratum 3701747
fix(cpus): workaround for Cortex-X4 erratum 3701758
fix(cpus): workaround for Cortex-X3 erratum 3701769
fix(cpus): workaround for Cortex-X2 erratum 3701772
fix(cpus): workaround for Cortex-A725 erratum 3699564
fix(cpus): workaround for Cortex-A720-AE erratum 3699562
fix(cpus): workaround for Cortex-A720 erratum 3699561
fix(cpus): workaround for Cortex-A715 erratum 3699560
fix(cpus): workaround for Cortex-A710 erratum 3701772
fix(cpus): workaround for accessing ICH_VMCR_EL2
chore(cpus): fix incorrect header macro

show more ...

fix(cpus): workaround for Neoverse-V3 erratum 3701767

Neoverse-V3 erratum 3701767 that applies to r0p0, r0p1, r0p2 is
still Open.

The workaround is for EL3 software that performs context save/resto

fix(cpus): workaround for Neoverse-V3 erratum 3701767

Neoverse-V3 erratum 3701767 that applies to r0p0, r0p1, r0p2 is
still Open.

The workaround is for EL3 software that performs context save/restore
on a change of Security state to use a value of SCR_EL3.NS when
accessing ICH_VMCR_EL2 that reflects the Security state that owns the
data being saved or restored.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2891958/latest/

Change-Id: I5be0de881f408a9e82a07b8459d79490e9065f94
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881
fix(security): add CVE-2024-7881 mitigation to Cortex-X3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V2
fix(security): add CVE-2024-7881 mitigation to Cortex-X925
fix(security): add CVE-2024-7881 mitigation to Cortex-X4
fix(security): enable WORKAROUND_CVE_2024_7881 build option

show more ...

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_78

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_7881 [1] is enabled
by the platform. If CVE_2024_7881 mitigation
is implemented, the discovery call returns 0,
if not -1 (SMC_ARCH_CALL_NOT_SUPPORTED).

For more information about SMCCC_ARCH_WORKAROUND_4 [2], please
refer to the SMCCC Specification reference provided below.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
[2]: https://developer.arm.com/documentation/den0028/latest

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I1b1ffaa1f806f07472fd79d5525f81764d99bc79

show more ...

fix(security): add CVE-2024-7881 mitigation to Neoverse-V3

This patch mitigates CVE-2024-7881 [1] by setting CPUACTLR6_EL1[41] to 1
for Neoverse-V3 CPU.

[1]: https://developer.arm.com/Arm%20Securit

fix(security): add CVE-2024-7881 mitigation to Neoverse-V3

This patch mitigates CVE-2024-7881 [1] by setting CPUACTLR6_EL1[41] to 1
for Neoverse-V3 CPU.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ib5c644895b8c76d3c7e8b5e6e98d7b9afef7f1ec

show more ...

Merge changes from topic "sm/fix_erratum" into integration

* changes:
fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
fix(cpus): w

Merge changes from topic "sm/fix_erratum" into integration

* changes:
fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
fix(cpus): workaround for CVE-2024-5660 for Cortex-A77
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78
fix(cpus): workaround for CVE-2024-5660 for Cortex-X1
fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2
fix(cpus): workaround for CVE-2024-5660 for Cortex-A710
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2
fix(cpus): workaround for CVE-2024-5660 for Cortex-X3
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3
fix(cpus): workaround for CVE-2024-5660 for Cortex-X4

show more ...