[PATCH 0/4] arm64: mitigate CVE-2024-7881 in the absence of firmware mitigation
Catalin Marinas
catalin.marinas at arm.com
Fri Mar 14 11:37:25 PDT 2025
On Tue, 28 Jan 2025 15:54:24 +0000, Mark Rutland wrote:
> On some CPUs from Arm Ltd, it is possible for unprivileged code to cause
> a hardware prefetcher to form an address using the contents of a memory
> location which is accessible by privileged accesses in the active
> translation regime, potentially leaking the contents of this memory
> location via a side channel. This has been assigned CVE-2024-7881:
>
> https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
>
> [...]
Applied to arm64 (for-next/leaky-prefetcher), thanks!
There hasn't been much review (thanks Oliver for looking at the KVM
bits) and there's some implied work that can go on top of this series.
But the patches looked fine to me, so I queued them. Mark or others,
please shout if you'd like them dropped, they are on a branch.
[1/4] arm64: cpufeature: rename unmap_kernel_at_el0() -> needs_kpti()
https://git.kernel.org/arm64/c/174ade921138
[2/4] arm64: cpufeature: factor out cpu_is_meltdown_safe()
https://git.kernel.org/arm64/c/f4fe70cd8522
[3/4] arm64: cpufeature: mitigate CVE-2024-7881
https://git.kernel.org/arm64/c/837dfd070e94
[4/4] KVM: arm64: expose SMCCC_ARCH_WORKAROUND_4 to guests
https://git.kernel.org/arm64/c/d2c173acbf93
--
Catalin
More information about the linux-arm-kernel
mailing list