Google Git
Sign in
chromium / external / github.com / ARM-software / arm-trusted-firmware / c09454d0c86d347105708a361d2751e8f1a9514d
commitc09454d0c86d347105708a361d2751e8f1a9514d[log] [tgz]
authorArvind Ram Prakash <[email protected]>Fri Nov 14 20:48:25 2025
committerArvind Ram Prakash <[email protected]>Thu Dec 04 22:33:14 2025
treed1e20b9980eb6f70cb8adfdb589f332a54a3913d
parent83ad6baebe522430911e0cdf8961fab105e97d45 [diff]
fix(security): add CVE-2024-7881 mitigation to C1-Pro CPU

This patch mitigates Cat B erratum 3684268 [2] / CVE-2024-7881 [1]
for C1-Pro CPU. This CVE applies to r0p0, r1p0 and
is fixed in r1p1 [2].

This CVE can be mitigated by disabling the affected prefetcher
by setting IMP_CPUECTLR_EL1[49].

Note: C1-Pro has a different workaround for CVE-2024-7881
which is not reflected in Security Bulletin yet. Refer
SDEN for correct workaround description.

[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/SDEN-3273080/latest/

Signed-off-by: Arvind Ram Prakash <[email protected]>
Change-Id: I6b0eca1fc340f18dcbede920a0dd1c882bfe12c1
1 file changed
tree: d1e20b9980eb6f70cb8adfdb589f332a54a3913d
  1. .github/
  2. .husky/
  3. .vscode/
  4. bl1/
  5. bl2/
  6. bl2u/
  7. bl31/
  8. bl32/
  9. common/
  10. contrib/
  11. docs/
  12. drivers/
  13. fdts/
  14. include/
  15. lib/
  16. licenses/
  17. make_helpers/
  18. plat/
  19. services/
  20. tools/
  21. .checkpatch.conf
  22. .clang-format
  23. .commitlintrc.js
  24. .ctags
  25. .cz-adapter.cjs
  26. .cz.json
  27. .editorconfig
  28. .gitignore
  29. .gitmodules
  30. .gitreview
  31. .nvmrc
  32. .readthedocs.yaml
  33. .versionrc.cjs
  34. changelog.yaml
  35. dco.txt
  36. license.rst
  37. Makefile
  38. package-lock.json
  39. package.json
  40. poetry.lock
  41. pyproject.toml
  42. readme.rst