| ef221814 | 05-Dec-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): update Neoverse-V2 fix version for CVE-2024-7881
This patch updates the Neoverse-V2 revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696445 [2] applies.
The erratum applies
fix(security): update Neoverse-V2 fix version for CVE-2024-7881
This patch updates the Neoverse-V2 revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696445 [2] applies.
The erratum applies to r0p0, r0p1, r0p2 and is still open.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-2332927/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I1ae196fa8ce4579524faba4916f631e7c4db358b
show more ...
|
| 38db5f48 | 05-Dec-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): update Cortex-X3 fix version for CVE-2024-7881
This patch updates the Cortex-X3 revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3692984 [2] applies.
The erratum applies to r
fix(security): update Cortex-X3 fix version for CVE-2024-7881
This patch updates the Cortex-X3 revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3692984 [2] applies.
The erratum applies to r0p0, r1p0, r1p1, r1p2 and is still open.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-2055130/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ia1ff75602a0dfa758a223549d92ea87543fa44b6
show more ...
|
| a7f6d2cd | 05-Dec-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
This patch updates the Neoverse-V3 / Neoverse-V3AE revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696307 [2][3] appli
fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
This patch updates the Neoverse-V3 / Neoverse-V3AE revisions for
which the CVE-2024-7881 [1] / Cat B erratum 3696307 [2][3] applies.
The erratum applies to r0p0, r0p1 and is fixed in r0p2.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-2891958/latest/
[3] https://developer.arm.com/documentation/SDEN-2615521/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: If3e2989a4b5a5c68dc12e23978b226c73f21ba14
show more ...
|
| 80e56adb | 05-Dec-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): update Cortex-X925 fix version for CVE-2024-7881
This patch updates the Cortex-X925 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692980 [2] applies. The erratum
applies
fix(security): update Cortex-X925 fix version for CVE-2024-7881
This patch updates the Cortex-X925 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692980 [2] applies. The erratum
applies to r0p0, r0p1 and is fixed in r0p2.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/109180/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ice7a939bed60d44cff5706a08b2b59d6777760b0
show more ...
|
| 13cd56dd | 05-Dec-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): update Cortex-X4 fix version for CVE-2024-7881
This patch updates the Cortex-X4 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692983 [2] applies. The erratum
applies to r
fix(security): update Cortex-X4 fix version for CVE-2024-7881
This patch updates the Cortex-X4 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692983 [2] applies. The erratum
applies to r0p0, r0p1, r0p2 and is fixed in r0p3.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-2432808/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Iae84f26fdce96a61fdc942b7595ccf8b9c7783f9
show more ...
|
| ac1d0524 | 05-Dec-2025 |
Govindraj Raja <govindraj.raja@arm.com> |
Merge changes from topic "ar/smccc_arch_wa_4" into integration
* changes:
docs(security): update CVE-2024-7881 affected CPUs list
fix(security): add CVE-2024-7881 mitigation to C1-Ultra CPU
fi
Merge changes from topic "ar/smccc_arch_wa_4" into integration
* changes:
docs(security): update CVE-2024-7881 affected CPUs list
fix(security): add CVE-2024-7881 mitigation to C1-Ultra CPU
fix(security): add CVE-2024-7881 mitigation to C1-Pro CPU
fix(security): add CVE-2024-7881 mitigation to C1-Premium CPU
docs(security): add CVE-2024-5660 and CVE-2024-7881 reference links
show more ...
|
| e4513b4f | 04-Dec-2025 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "fix(cm): do not check for AArch32 support to enable features" into integration |
| c130f923 | 14-Nov-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): add CVE-2024-7881 mitigation to C1-Ultra CPU
This patch mitigates Cat B erratum 3651221 [2] / CVE-2024-7881 [1]
for C1-Ultra CPU. This CVE applies to r0p0 and is fixed in r1p0 [2].
T
fix(security): add CVE-2024-7881 mitigation to C1-Ultra CPU
This patch mitigates Cat B erratum 3651221 [2] / CVE-2024-7881 [1]
for C1-Ultra CPU. This CVE applies to r0p0 and is fixed in r1p0 [2].
This CVE can be mitigated by disabling the affected prefetcher
setting CPUACTLR6_EL1[41].
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/111077/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I7815d6fc9af812c38b1c05881c850b8209d6ad7c
show more ...
|
| c09454d0 | 14-Nov-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): add CVE-2024-7881 mitigation to C1-Pro CPU
This patch mitigates Cat B erratum 3684268 [2] / CVE-2024-7881 [1]
for C1-Pro CPU. This CVE applies to r0p0, r1p0 and
is fixed in r1p1 [2].
fix(security): add CVE-2024-7881 mitigation to C1-Pro CPU
This patch mitigates Cat B erratum 3684268 [2] / CVE-2024-7881 [1]
for C1-Pro CPU. This CVE applies to r0p0, r1p0 and
is fixed in r1p1 [2].
This CVE can be mitigated by disabling the affected prefetcher
by setting IMP_CPUECTLR_EL1[49].
Note: C1-Pro has a different workaround for CVE-2024-7881
which is not reflected in Security Bulletin yet. Refer
SDEN for correct workaround description.
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-3273080/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I6b0eca1fc340f18dcbede920a0dd1c882bfe12c1
show more ...
|
| 83ad6bae | 14-Nov-2025 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(security): add CVE-2024-7881 mitigation to C1-Premium CPU
This patch mitigates Cat B erratum 3651221 [2] / CVE-2024-7881 [1]
for C1-Premium CPU. This CVE applies to r0p0 and
is fixed in r1p0 [2]
fix(security): add CVE-2024-7881 mitigation to C1-Premium CPU
This patch mitigates Cat B erratum 3651221 [2] / CVE-2024-7881 [1]
for C1-Premium CPU. This CVE applies to r0p0 and
is fixed in r1p0 [2].
This CVE can be mitigated by disabling the affected prefetcher
setting CPUACTLR6_EL1[41].
[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/111078/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I70b50700bc1618e0f8f4121efc9fe89e2742ed74
show more ...
|
| 2bd15121 | 04-Dec-2025 |
Bipin Ravi <bipin.ravi@arm.com> |
Merge changes from topic "xl/a725-errata" into integration
* changes:
fix(cpus): workaround for Cortex-A725 erratum 3456106
fix(cpus): workaround for Cortex-A725 erratum 3711914
fix(cpus): wor
Merge changes from topic "xl/a725-errata" into integration
* changes:
fix(cpus): workaround for Cortex-A725 erratum 3456106
fix(cpus): workaround for Cortex-A725 erratum 3711914
fix(cpus): workaround for Cortex-A725 erratum 2936490
fix(cpus): workaround for Cortex-A725 erratum 2874943
show more ...
|
| fd2fb5b7 | 04-Dec-2025 |
Govindraj Raja <govindraj.raja@arm.com> |
Merge changes from topic "ar/feat_uinj" into integration
* changes:
feat(cpufeat): add support for FEAT_UINJ
feat(cpufeat): enable mandatory Armv9.4–Armv9.6 features by default
fix(cpufeat): u
Merge changes from topic "ar/feat_uinj" into integration
* changes:
feat(cpufeat): add support for FEAT_UINJ
feat(cpufeat): enable mandatory Armv9.4–Armv9.6 features by default
fix(cpufeat): update feature names and comments
fix(cpufeat): simplify AArch32 feature disablement
show more ...
|
| 2ba920f4 | 04-Dec-2025 |
Govindraj Raja <govindraj.raja@arm.com> |
Merge changes from topic "xl/a65-errata" into integration
* changes:
fix(cpus): workaround for Cortex-A65 erratum 1541130
fix(cpus): workaround for Cortex-A65 erratum 1227419
fix(cpus): workar
Merge changes from topic "xl/a65-errata" into integration
* changes:
fix(cpus): workaround for Cortex-A65 erratum 1541130
fix(cpus): workaround for Cortex-A65 erratum 1227419
fix(cpus): workaround for Cortex-A65 erratum 1179935
show more ...
|
| 886f95d2 | 14-Nov-2025 |
Boyan Karatotev <boyan.karatotev@arm.com> |
fix(cm): do not check for AArch32 support to enable features
EL3 is running in AArch64 mode so it is always able to enable all
features. Some features are not implemented for AArch32 but that will b
fix(cm): do not check for AArch32 support to enable features
EL3 is running in AArch64 mode so it is always able to enable all
features. Some features are not implemented for AArch32 but that will be
handled architecturally on changing exception levels so we don't need to
worry about it. Always enable all features (checked on the FEAT_STATE
flag of course) and save ourselves the check.
To prevent confusion in future, the SCR bits that actually affect
AArch32 execution and must always be checked are moved up in the file
and grouped together, rather than being straddled by feature enablement.
Change-Id: I154957405befb750c03738d1989bfb12696fc79d
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
show more ...
|
| 403ca6da | 02-Dec-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A725 erratum 3456106
Cortex-A725 erratum 3456106 is a Cat B erratum that applies
to revisions r0p0, r0p1 and r0p2, it is still open.
This erratum can be avoided by
fix(cpus): workaround for Cortex-A725 erratum 3456106
Cortex-A725 erratum 3456106 is a Cat B erratum that applies
to revisions r0p0, r0p1 and r0p2, it is still open.
This erratum can be avoided by having Speculation Barrier (SB)
instruction after the writes to the PSTATE.SSBS.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-2832921/latest/
Change-Id: I10d1e8cb4da19ba4101a5617245ff75866707d25
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| 8177e1ef | 05-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A65 erratum 1541130
Cortex-A65 erratum 1541130 is a Cat B erratum that applies
to r0p0, r1p0, r1p1, r1p2 revisions of the CPU and is still open.
This erratum can be
fix(cpus): workaround for Cortex-A65 erratum 1541130
Cortex-A65 erratum 1541130 is a Cat B erratum that applies
to r0p0, r1p0, r1p1, r1p2 revisions of the CPU and is still open.
This erratum can be avoided by disable stage1 page table walk for
lower Els (EL1 and EL0) in EL3, so 'AT' speculative fetch at any
point produces either the correct result or failure without TLB
allocation.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1065159/latest/
Change-Id: I72498f60f8449193ed4b5b2a9e7a08530e786ec3
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| ba7716bb | 10-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A725 erratum 3711914
Cortex-A725 erratum 3711914 is a Cat B erratum that applies
to revisions r0p0 and r0p1 and it is fixed in r0p2.
This erratum can be avoided by
fix(cpus): workaround for Cortex-A725 erratum 3711914
Cortex-A725 erratum 3711914 is a Cat B erratum that applies
to revisions r0p0 and r0p1 and it is fixed in r0p2.
This erratum can be avoided by inserting a DMB LD after each DSB ST instruction.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-2832921/latest/
Change-Id: If3b9d3a0f495b3a172d3e6e5ca7afa8c30aeb4ea
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| d9a21d3c | 10-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A725 erratum 2936490
Cortex-A725 erratum 2936490 is a Cat B erratum that applies
to revisions in r0p0, and is fixed in r0p1.
This erratum can be avoided by setting
fix(cpus): workaround for Cortex-A725 erratum 2936490
Cortex-A725 erratum 2936490 is a Cat B erratum that applies
to revisions in r0p0, and is fixed in r0p1.
This erratum can be avoided by setting CPUACTLR2_EL1[37] to 1.
Setting this bit is expected to have a negligible performance impact.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-2832921/latest/
Change-Id: I9833f8831ba3735a94763791a65be11b95c00bdb
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| 74d75753 | 10-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A725 erratum 2874943
Cortex-A725 erratum 2874943 is a Cat B erratum that applies
to revision r0p0 when FEAT_SPE is enabled, it is fixed in r0p1.
This erratum can be
fix(cpus): workaround for Cortex-A725 erratum 2874943
Cortex-A725 erratum 2874943 is a Cat B erratum that applies
to revision r0p0 when FEAT_SPE is enabled, it is fixed in r0p1.
This erratum can be avoided by setting bits[58:57] to 0b11 in CPUACTLR_EL1.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-2832921/latest/
Change-Id: I686bbde8756d52afee92097ec05b97138b550025
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| ede3a236 | 16-Oct-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A65 erratum 1227419
Cortex-A65 erratum 1227419 is a Cat B erratum that applies
to r0p0, r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPUACTLR_E
fix(cpus): workaround for Cortex-A65 erratum 1227419
Cortex-A65 erratum 1227419 is a Cat B erratum that applies
to r0p0, r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPUACTLR_EL1[51] to 1.
This bit disables the cross-thread sharing in instruction uTLB.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1065159/latest/
Change-Id: I42371e7d53fce3a7e085bf0b348f080fa323fb51
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| 015e1cd5 | 16-Oct-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A65 erratum 1179935
Cortex-A65 erratum 1179935 is a Cat B erratum that applies
to r0p0, it is fixed in r1p0.
This erratum can be avoided by setting CPUACTLR_EL1[49]
fix(cpus): workaround for Cortex-A65 erratum 1179935
Cortex-A65 erratum 1179935 is a Cat B erratum that applies
to r0p0, it is fixed in r1p0.
This erratum can be avoided by setting CPUACTLR_EL1[49] to 1. The bit
prevents translation table walks from allocating lines into the
L1 cache. This has a negligible impact on performance when an
L2 cache is present.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1065159/latest/
Change-Id: Ie59a4897f849269a590d8fa2d25cceab5f2cba3c
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| f27e7f8e | 05-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A76AE erratum 2371140
Cortex-A76AE erratum 2371140 is a Cat B erratum that applies
to all revisions <= r1p1, and is still open.
This erratum can be avoided by setti
fix(cpus): workaround for Cortex-A76AE erratum 2371140
Cortex-A76AE erratum 2371140 is a Cat B erratum that applies
to all revisions <= r1p1, and is still open.
This erratum can be avoided by setting CPUACTLR2_EL1[0] to 1. The
bit force PLDW/PFRM ST to behave like PLD/PRFM LD and not cause
invalidations to other PE caches. There might be a small performance
degradation to this workaround for certain workloads that share data.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
Change-Id: Id65846bebde1a0911ba11956202d0d255d3c8c82
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| d428b422 | 05-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A76AE erratum 1969401
Cortex-A76AE erratum 1969401 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by inserting a
fix(cpus): workaround for Cortex-A76AE erratum 1969401
Cortex-A76AE erratum 1969401 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by inserting a DMB ST before acquire
atomic instructions without release semantics.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
Change-Id: I893452450d430833e6c5a8e33a1e37b708218576
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| 16de9fae | 05-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A76AE erratum 1931435
Cortex-A76AE erratum 1931435 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPU
fix(cpus): workaround for Cortex-A76AE erratum 1931435
Cortex-A76AE erratum 1931435 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPUACTLR_EL1[13] to 1. This bit
delays instruction fetch after branch misprediction. This workaround
will have a small impact on performance.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
Change-Id: I1baba8752f5f2e2ab5c873030e1f00cbb8cf1e60
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|
| 46f364fa | 05-Nov-2025 |
Xialin Liu <xialin.liu@arm.com> |
fix(cpus): workaround for Cortex-A76AE erratum 1931427
Cortex-A76AE erratum 1931427 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPU
fix(cpus): workaround for Cortex-A76AE erratum 1931427
Cortex-A76AE erratum 1931427 is a Cat B erratum that applies
to r0p0 and r1p0, it is fixed in r1p1.
This erratum can be avoided by setting CPUACTLR2_EL1[2] to 1. The bit
to force Atomic Store operations to write-back memory to be performed
in the L1 data cache.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
Change-Id: I31566838f894372e5627abda8b0bea1505f11f5d
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
show more ...
|