diff options
| author |   Pgowda <pgowda.cve@gmail.com> | 2021-11-15 03:18:21 -0800 |
|---|---|---|
| committer |   Anuj Mittal <anuj.mittal@intel.com> | 2021-12-28 11:20:20 +0800 |
| commit | e82ffd7dc34609a8174c48a34efffbf833967ed1 (patch) | |
| tree | c84f840f36b2e49a96bf718114952f663e2e8865 /meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch | |
| parent | 10db2106122b02c7d1cfca065c3bd9c8ff7d19f8 (diff) | |
| download | openembedded-core-contrib-e82ffd7dc34609a8174c48a34efffbf833967ed1.tar.gz | |
gcc: Fix CVE-2021-35465
source : https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102035
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7]
Signed-off-by: Pgowda <pgowda.cve@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8a1726feaf705683e80d85811ae482c6ebc3172)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch')
| -rw-r--r-- | meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch new file mode 100644 index 0000000000..98841e6d7c --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch @@ -0,0 +1,39 @@ +From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw <rearnsha@arm.com> +Date: Fri, 18 Jun 2021 17:16:25 +0100 +Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call + [PR102035] + +Add the recommended erratum mitigation sequence to +__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this +is in the library code we cannot know in advance whether the core we +are running on will be affected by this, so always enable it. + +libgcc: + PR target/102035 + * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call): + Add vlldm erratum work-around. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S +--- a/libgcc/config/arm/cmse_nonsecure_call.S ++++ b/libgcc/config/arm/cmse_nonsecure_call.S +@@ -102,6 +102,11 @@ blxns r4 + #ifdef __ARM_PCS_VFP + vpop.f64 {d8-d15} + #else ++/* VLLDM erratum mitigation sequence. */ ++mrs r5, control ++tst r5, #8 /* CONTROL_S.SFPA */ ++it ne ++.inst.w 0xeeb00a40 /* vmovne s0, s0 */ + vlldm sp /* Lazy restore of d0-d16 and FPSCR. */ + add sp, sp, #0x88 /* Free space used to save floating point registers. */ + #endif /* __ARM_PCS_VFP */ |