This SME erratum in C1-Pro means memory accesses from the CME unit can
remain outstanding after another CPU issues TLBI+DSB. This means SME
can access memory after it has been re-allocated, potentially
overwriting the new owner's data. With pKVM, this could allow the host
access to guest memory if the SME accesses survived the page being
donated to HYP and allocated to the guest.
The workaround is for all affected CPUs to issue DSB locally whenever
another CPU does TLB maintenance. The local DSB completes all
outstanding accesses.
Linux and pKVM share a security state in the GIC, meaning pKVM would
be exposed to interrupt blackouts caused by linux. It is difficult
for the non secure world to avoid races when an SGI is sent to a CPU
that is about go offline and can no longer take the interrupt.
(this would violate the PSCI rules for CPU_OFF calls).
Implement the workaround in EL3 using an SMC in the 'CPU vendor' space.
The workaround uses atomic_inc_return on a global counter to order
parallel callers. This gives each caller a deadline.
Secure SGI are sent to the affected C1 Pro CPUs causing them to run
the workaround, and update their local counter from the global counter.
The CPU that issued the SMC then waits for each SGI'd CPU to update
to at least the deadline from its call.
An SGI being sent can race with an SMC to PSCI CPU_OFF. To avoid
this SGI preventing the CPU from enterring WFI to power off, the
workaround is run pre-emptively and the SGI is masked at the GIC
redistributor.
This mitigation is coordinated with corresponding Operating System
updates for CVE-2026-0995. Both EL3 (TF-A) and the OS must include
their respective fixes to ensure complete mitigation. For example,
the Linux kernel implements a complementary workaround that must
be deployed alongside this TF-A update.
Linux commit:
https://lore.kernel.org/all/20260302165801.3014607-1-catalin.marinas@arm.com/
Ref: https://developer.arm.com/documentation/111823/latest/
Change-Id: Ie969354ad0693fe172d921953b87cfbf4a39ea8e
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
e9b6d2ae27