1*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 2*4fe91230SJoel Hutton| Title | Not initializing or saving/restoring ``PMCR_EL0`` can leak | 3*4fe91230SJoel Hutton| | secure world timing information | 4*4fe91230SJoel Hutton+================+=============================================================+ 5*4fe91230SJoel Hutton| CVE ID | CVE-2017-15031 | 6*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 7*4fe91230SJoel Hutton| Date | 02 Oct 2017 | 8*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 9*4fe91230SJoel Hutton| Versions | All, up to and including v1.4 | 10*4fe91230SJoel Hutton| Affected | | 11*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 12*4fe91230SJoel Hutton| Configurations | All | 13*4fe91230SJoel Hutton| Affected | | 14*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 15*4fe91230SJoel Hutton| Impact | Leakage of sensitive secure world timing information | 16*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 17*4fe91230SJoel Hutton| Fix Version | `Pull Request #1127`_ (merged on 18 October 2017) | 18*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 19*4fe91230SJoel Hutton| Credit | Arm | 20*4fe91230SJoel Hutton+----------------+-------------------------------------------------------------+ 21*4fe91230SJoel Hutton 22*4fe91230SJoel HuttonThe ``PMCR_EL0`` (Performance Monitors Control Register) provides details of the 23*4fe91230SJoel HuttonPerformance Monitors implementation, including the number of counters 24*4fe91230SJoel Huttonimplemented, and configures and controls the counters. If the ``PMCR_EL0.DP`` 25*4fe91230SJoel Huttonbit is set to zero, the cycle counter (when enabled) counts during secure world 26*4fe91230SJoel Huttonexecution, even when prohibited by the debug signals. 27*4fe91230SJoel Hutton 28*4fe91230SJoel HuttonSince Arm TF does not save and restore ``PMCR_EL0`` when switching between the 29*4fe91230SJoel Huttonnormal and secure worlds, normal world code can set ``PMCR_EL0.DP`` to zero to 30*4fe91230SJoel Huttoncause leakage of secure world timing information. This register should be added 31*4fe91230SJoel Huttonto the list of saved/restored registers. 32*4fe91230SJoel Hutton 33*4fe91230SJoel HuttonFurthermore, ``PMCR_EL0.DP`` has an architecturally ``UNKNOWN`` reset value. 34*4fe91230SJoel HuttonSince Arm TF does not initialize this register, it's possible that on at least 35*4fe91230SJoel Huttonsome implementations, ``PMCR_EL0.DP`` is set to zero by default. This and other 36*4fe91230SJoel Huttonbits with an architecturally UNKNOWN reset value should be initialized to 37*4fe91230SJoel Huttonsensible default values in the secure context. 38*4fe91230SJoel Hutton 39*4fe91230SJoel HuttonThe same issue exists for the equivalent AArch32 register, ``PMCR``, except that 40*4fe91230SJoel Huttonhere ``PMCR_EL0.DP`` architecturally resets to zero. 41*4fe91230SJoel Hutton 42*4fe91230SJoel Hutton.. _Pull Request #1127: https://github.com/ARM-software/arm-trusted-firmware/pull/1127 43