New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TFV-6: Arm Trusted Firmware exposure to speculative processor vulnerabilities using cache timing side-channels #541

Open
danh-arm opened this Issue Jan 4, 2018 · 5 comments

Comments

Projects
None yet
1 participant
@danh-arm
Contributor

danh-arm commented Jan 4, 2018

Please note there is a new TF security advisory, describing the Arm Trusted Firmware exposure to the recently announced speculative processor vulnerabilities using cache timing side-channels:

https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6

For more information about these vulnerabilities, please see the Google Project Zero blog and Arm Processor Security Update:

https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html
http://www.arm.com/security-update

@danh-arm

This comment has been minimized.

Show comment
Hide comment
@danh-arm

danh-arm Jan 11, 2018

Contributor

Please note the advisory above has been updated. Changes in this version:

  • Removed reference to the "IC ALLU" variant 2 workaround for Cortex-A57/A72, since there is a problematic A57 erratum (833069). When "Disabling MMU Translation with CPUACTLR_EL1 "Enable Invalidates of BTB" bit set can cause Invalidate by PA or VA to fail". This was the least preferred method anyway due to the performance impact.

  • Clarified that the BPIALL instruction is not effective at invalidating the branch predictor on all Arm CPUs. In particular, I indicated the alternative workaround method for Cortex-A15.

  • Added some performance numbers for the variant 2 workarounds.

  • Mentioned that there will be a future specified SMC for branch predictor invalidation. Details will follow when we have them.

  • Mentioned that there will be a future PR to show an example on SP_MIN of how to implement a Variant 2 workaround on AArch32 systems, although this will need separately implementing on each AArch32 Trusted OS.

Contributor

danh-arm commented Jan 11, 2018

Please note the advisory above has been updated. Changes in this version:

  • Removed reference to the "IC ALLU" variant 2 workaround for Cortex-A57/A72, since there is a problematic A57 erratum (833069). When "Disabling MMU Translation with CPUACTLR_EL1 "Enable Invalidates of BTB" bit set can cause Invalidate by PA or VA to fail". This was the least preferred method anyway due to the performance impact.

  • Clarified that the BPIALL instruction is not effective at invalidating the branch predictor on all Arm CPUs. In particular, I indicated the alternative workaround method for Cortex-A15.

  • Added some performance numbers for the variant 2 workarounds.

  • Mentioned that there will be a future specified SMC for branch predictor invalidation. Details will follow when we have them.

  • Mentioned that there will be a future PR to show an example on SP_MIN of how to implement a Variant 2 workaround on AArch32 systems, although this will need separately implementing on each AArch32 Trusted OS.

@danh-arm

This comment has been minimized.

Show comment
Hide comment
@danh-arm

danh-arm Jan 18, 2018

Contributor

Please note the above advisory has been updated again. Change in this version:

Contributor

danh-arm commented Jan 18, 2018

Please note the above advisory has been updated again. Change in this version:

@danh-arm

This comment has been minimized.

Show comment
Hide comment
@danh-arm

danh-arm Jan 26, 2018

Contributor

Please note the above advisory has been updated again. Changes in this version:

  • Provided link to PR1240 that implements the new CVE-2017-5715 mitigation specification

  • Provided performance numbers using the SMCCC_ARCH_WORKAROUND_1 SMC. Also clarified these numbers include the time spent in the caller implementing the SMCCC from AArch64.

  • Removed the sentence "Therefore we expect that [MMU enable/disable] workaround to be used where possible". Although implementing this workaround locally avoids a dependency on firmware, it may be more desirable from a standardization point of view to use the firmware interface anyway. This is a choice for the normal world privileged software.

Contributor

danh-arm commented Jan 26, 2018

Please note the above advisory has been updated again. Changes in this version:

  • Provided link to PR1240 that implements the new CVE-2017-5715 mitigation specification

  • Provided performance numbers using the SMCCC_ARCH_WORKAROUND_1 SMC. Also clarified these numbers include the time spent in the caller implementing the SMCCC from AArch64.

  • Removed the sentence "Therefore we expect that [MMU enable/disable] workaround to be used where possible". Although implementing this workaround locally avoids a dependency on firmware, it may be more desirable from a standardization point of view to use the firmware interface anyway. This is a choice for the normal world privileged software.

@danh-arm

This comment has been minimized.

Show comment
Hide comment
@danh-arm

danh-arm Jan 30, 2018

Contributor

Please note the above advisory has been updated again. Changes in this version:

  • Updated the variant 2 mitigation instructions for Cortex-A8: "For Cortex-A8, also set ACTLR[6] to 1 during early processor initialization".
Contributor

danh-arm commented Jan 30, 2018

Please note the above advisory has been updated again. Changes in this version:

  • Updated the variant 2 mitigation instructions for Cortex-A8: "For Cortex-A8, also set ACTLR[6] to 1 during early processor initialization".
@danh-arm

This comment has been minimized.

Show comment
Hide comment
@danh-arm

danh-arm Jun 7, 2018

Contributor

Please note the above advisory has been updated again. Changes in this version:

  • Added Cortex-A76 vulnerability information (not affected variants 2 and 3).

  • Add link to PR that optimises the SMCCC_ARCH_WORKAROUND_1 fast path for AArch32 callers.

  • Updated link to firmware specification.

Contributor

danh-arm commented Jun 7, 2018

Please note the above advisory has been updated again. Changes in this version:

  • Added Cortex-A76 vulnerability information (not affected variants 2 and 3).

  • Add link to PR that optimises the SMCCC_ARCH_WORKAROUND_1 fast path for AArch32 callers.

  • Updated link to firmware specification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment