Hi On Sat, Jan 20, 2018 at 12:31 PM, Marc Zyngier <[email protected]> wrote: > On Sat, 20 Jan 2018 11:45:08 +0100 > Michael Nazzareno Trimarchi <[email protected]> wrote: > >> Hi Marc >> >> On Sat, Jan 20, 2018 at 11:42 AM, Marc Zyngier <[email protected]> wrote: >> > On Fri, 19 Jan 2018 16:56:14 -0500 >> > Tom Rini <[email protected]> wrote: >> > >> >> Hey all, >> >> >> >> So, now that things have quieted down a little bit in this area, I've >> >> been wondering about something. Over on the U-Boot side of things, are >> >> there changes we need to make in order to support the kernel side of the >> >> various mitigations properly? I know that for example currently >> >> https://developer.arm.com/support/security-update talks about ATF >> >> patches, in the context of AArch64 however. But on the other hand for >> >> variant 2, there's nothing listed on the Linux side for 32bit ARM, but >> >> there is for non-Linux OSes. >> >> >> >> And, in the event I'm also missing something else entirely that we need >> >> to do here, is there something that we need to be doing? Or is it still >> >> too early at this point in time to know? >> > >> > I've so far posted two revisions of a small patch series that deals >> > with variant-2 on the affected 32bit Cortex-A cores. These patches are >> > currently stashed on the branch[1] pointed at by the web page you >> > mentioned. >> > >> > A prerequisite for Cortex-A8 and A15 is that ACTLR[0] (IBE) is set from >> > secure mode. Cortex-A12/A17 do not need this. >> >> So IBE is not a pre-requisite for Cortex A9 family. Is this correct? > > Indeed. I'm not even sure A9 has that bit at all (ACTLR is > implementation specific). BPIALL works on A9 without any other setting. > >> I have already back--ported those patches on kernel 3.4. Is those enough? > > Define enough. These patches allow these CPUs to cope with variant-2, > and only variant-2. Variant-1 is still work in progress across all > architectures, variant-3 (aka Meltdown) doesn't concern 32bit ARM > implementations, and only A15 is susceptible to variant-3a. >
Just talking on variant-2 . If I understand for the variant 1 people are working on compiler side. Problem is that sometime It's not possible to re-compile userspace for the pre-build userspace library provide by the vendor. Michael > Thanks, > > M. > -- > Without deviation from the norm, progress is not possible. -- | Michael Nazzareno Trimarchi Amarula Solutions BV | | COO - Founder Cruquiuskade 47 | | +31(0)851119172 Amsterdam 1018 AM NL | | [`as] http://www.amarulasolutions.com | _______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
