audk/Arm at cb8349f01ae05cce46213fc98308ee524adf257b - audk

History

Vijayenthiran Subramaniam 8035edbe12 ArmPkg/ArmSvcLib: prevent speculative execution beyond svc Supervisor Call instruction (SVC) is used by the Arm Standalone MM environment to request services from the privileged software (such as ARM Trusted Firmware running in EL3) and also return back to the non-secure caller via EL3. Some Arm CPUs speculatively executes the instructions after the SVC instruction without crossing the privilege level (S-EL0). Although the results of this execution are architecturally discarded, adversary running on the non-secure side can manipulate the contents of the general purpose registers to leak the secure work memory through spectre like micro-architectural side channel attacks. This behavior is demonstrated by the SafeSide project [1] and [2]. Add barrier instructions after SVC to prevent speculative execution to mitigate such attacks. [1]: https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc [2]: https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>	2020-06-05 08:05:03 +00:00
..
ArmSvc.S	ArmPkg/ArmSvcLib: prevent speculative execution beyond svc	2020-06-05 08:05:03 +00:00
ArmSvc.asm	ArmPkg/ArmSvcLib: prevent speculative execution beyond svc	2020-06-05 08:05:03 +00:00

Vijayenthiran Subramaniam 8035edbe12 ArmPkg/ArmSvcLib: prevent speculative execution beyond svc

Supervisor Call instruction (SVC) is used by the Arm Standalone MM
environment to request services from the privileged software (such as
ARM Trusted Firmware running in EL3) and also return back to the
non-secure caller via EL3. Some Arm CPUs speculatively executes the
instructions after the SVC instruction without crossing the privilege
level (S-EL0). Although the results of this execution are
architecturally discarded, adversary running on the non-secure side can
manipulate the contents of the general purpose registers to leak the
secure work memory through spectre like micro-architectural side channel
attacks. This behavior is demonstrated by the SafeSide project [1] and
[2]. Add barrier instructions after SVC to prevent speculative execution
to mitigate such attacks.

[1]: https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc
[2]: https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c

Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>

2020-06-05 08:05:03 +00:00

ArmSvc.S

ArmPkg/ArmSvcLib: prevent speculative execution beyond svc

2020-06-05 08:05:03 +00:00

ArmSvc.asm

ArmPkg/ArmSvcLib: prevent speculative execution beyond svc

2020-06-05 08:05:03 +00:00