lersek / edk2

Clone
Source Code
GIT

8035edb ArmPkg/ArmSvcLib: prevent speculative execution beyond svc

3 files Authored by Vijayenthiran Subramaniam 3 years ago, Committed by mergify[bot] 3 years ago,
raw patch tree parent
3 files changed. 12 lines added. 3 lines removed.
ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S
file modified
+4 -1
ArmPkg/Library/ArmSvcLib/Arm/ArmSvc.S
file modified
+4 -1
ArmPkg/Library/ArmSvcLib/Arm/ArmSvc.asm
file modified
+4 -1 
    ArmPkg/ArmSvcLib: prevent speculative execution beyond svc
    
    Supervisor Call instruction (SVC) is used by the Arm Standalone MM
    environment to request services from the privileged software (such as
    ARM Trusted Firmware running in EL3) and also return back to the
    non-secure caller via EL3. Some Arm CPUs speculatively executes the
    instructions after the SVC instruction without crossing the privilege
    level (S-EL0). Although the results of this execution are
    architecturally discarded, adversary running on the non-secure side can
    manipulate the contents of the general purpose registers to leak the
    secure work memory through spectre like micro-architectural side channel
    attacks. This behavior is demonstrated by the SafeSide project [1] and
    [2]. Add barrier instructions after SVC to prevent speculative execution
    to mitigate such attacks.
    
    [1]: https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc
    [2]: https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c
    
    Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
    Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
file modified
+4 -1
file modified
+4 -1
file modified
+4 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.