Hi Jeremy,
This TF binaries have not been patched the latest SMCCC workaround; it is based on v1.4 release and was only patched with "disable/enable MMU in PSCI SMC call", as the commit in upstream TF code: f62ad322695d16178db464dc062fe0af592c6780
When we generated these binaries, SMCCC patches had not come out so they are not contained in these binaries.
Do you recommend using the latest smccc patches?
Thanks and regards,
Heyi
On Thu, Feb 22, 2018 at 08:37:11PM -0600, Jeremy Linton wrote:
Hi,
On 02/02/2018 05:57 AM, Heyi Guo wrote:
1 Workarounds for CVE-2017-5715 on Cortex A57/A72/A73 and A75 #1214.
I've been trying to verify spectre fixes, and I don't get a smccc version from this firmware (see this kernel branch https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti) image.
This means that the spectre BP hardening isn't activating on the D05. So, unless i'm doing something wrong (quite possible) it appears that this image isn't utilizing the correct ATF patches.
Can someone please verify/check this image with a SMCCC enabled kernel?
Thanks,
2 Upgrade trusted firmware to 1.4
Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ming Huang huangming23@huawei.com Signed-off-by: Heyi Guo heyi.guo@linaro.org Reviewed-by: Leif Lindholm leif.lindholm@linaro.org Reviewed-by: Ard Biesheuvel ard.biesheuvel@linaro.org
Platform/Hisilicon/D05/bl1.bin | Bin 14344 -> 12424 bytes Platform/Hisilicon/D05/fip.bin | Bin 41493 -> 37546 bytes 2 files changed, 0 insertions(+), 0 deletions(-)
diff --git a/Platform/Hisilicon/D05/bl1.bin b/Platform/Hisilicon/D05/bl1.bin index 7341476..b95257c 100644 Binary files a/Platform/Hisilicon/D05/bl1.bin and b/Platform/Hisilicon/D05/bl1.bin differ diff --git a/Platform/Hisilicon/D05/fip.bin b/Platform/Hisilicon/D05/fip.bin index 496a9b8..5958293 100644 Binary files a/Platform/Hisilicon/D05/fip.bin and b/Platform/Hisilicon/D05/fip.bin differ