[PATCH 0/4] arm64: mitigate CVE-2024-7881 in the absence of firmware mitigation
Catalin Marinas
catalin.marinas at arm.com
Tue Mar 18 04:24:10 PDT 2025
On Mon, Mar 17, 2025 at 03:38:34PM -0700, Oliver Upton wrote:
> On Mon, Mar 17, 2025 at 09:26:12PM +0000, Will Deacon wrote:
> > On Fri, Mar 14, 2025 at 06:37:25PM +0000, Catalin Marinas wrote:
> > > On Tue, 28 Jan 2025 15:54:24 +0000, Mark Rutland wrote:
> > > > On some CPUs from Arm Ltd, it is possible for unprivileged code to cause
> > > > a hardware prefetcher to form an address using the contents of a memory
> > > > location which is accessible by privileged accesses in the active
> > > > translation regime, potentially leaking the contents of this memory
> > > > location via a side channel. This has been assigned CVE-2024-7881:
> > > >
> > > > https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
> > > >
> > > > [...]
> > >
> > > Applied to arm64 (for-next/leaky-prefetcher), thanks!
> > >
> > > There hasn't been much review (thanks Oliver for looking at the KVM
> > > bits) and there's some implied work that can go on top of this series.
> > > But the patches looked fine to me, so I queued them. Mark or others,
> > > please shout if you'd like them dropped, they are on a branch.
> >
> > I'm really not comfortable with this series and would prefer to see it
> > dropped while we continue the discussion, especially as it's causing
> > minor conflicts with the KVM/arm64 tree in -next.
>
> Catalin, unless you say otherwise, I'm going to assume this will be
> dropped in the interim.
Yes, I just dropped it.
--
Catalin
More information about the linux-arm-kernel
mailing list