Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: 8035edbe12f0f2a58e8fa9b06d05c8ee1c69ffae
https://github.com/tianocore/edk2/commit/8035edbe12f0f2a58e8fa9b06d05c8ee1c69ffae
Author: Vijayenthiran Subramaniam <[email protected]>
Date: 2020-06-05 (Fri, 05 Jun 2020)
Changed paths:
M ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S
M ArmPkg/Library/ArmSvcLib/Arm/ArmSvc.S
M ArmPkg/Library/ArmSvcLib/Arm/ArmSvc.asm
Log Message:
-----------
ArmPkg/ArmSvcLib: prevent speculative execution beyond svc
Supervisor Call instruction (SVC) is used by the Arm Standalone MM
environment to request services from the privileged software (such as
ARM Trusted Firmware running in EL3) and also return back to the
non-secure caller via EL3. Some Arm CPUs speculatively executes the
instructions after the SVC instruction without crossing the privilege
level (S-EL0). Although the results of this execution are
architecturally discarded, adversary running on the non-secure side can
manipulate the contents of the general purpose registers to leak the
secure work memory through spectre like micro-architectural side channel
attacks. This behavior is demonstrated by the SafeSide project [1] and
[2]. Add barrier instructions after SVC to prevent speculative execution
to mitigate such attacks.
[1]:
https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc
[2]:
https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c
Signed-off-by: Vijayenthiran Subramaniam <[email protected]>
Reviewed-by: Ard Biesheuvel <[email protected]>
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
