arm-trusted-firmware - Debian Package Tracker

general

source: arm-trusted-firmware (main)
version: 2.12.1+dfsg-1
maintainer: Vagrant Cascadian (DMD)
arch: any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.4+dfsg-2
oldstable: 2.8.0+dfsg-1
stable: 2.12.1+dfsg-1
testing: 2.12.1+dfsg-1
unstable: 2.12.1+dfsg-1

versioned links

2.4+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.12.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

arm-trusted-firmware
arm-trusted-firmware-tools

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

filenamemangle failed for arm-trusted-firmware-2.14.0.tar.xz

Created: 2025-11-26 Last update: 2026-02-07 00:00

3 security issues in buster high

There are 3 open security issues in buster.

2 important issues:

CVE-2024-6285: Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
CVE-2024-6287: Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite an already loaded image partly or completely, which could result in code execution and bypass of secure boot.

1 issue postponed or untriaged:

CVE-2023-49100: (needs triaging) Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.

Created: 2024-06-28 Last update: 2024-06-28 20:13

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2025-01-06 Last update: 2026-02-07 02:30

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.12.9+dfsg-1~0, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit a52c0192e787b17a5945a68c31296f0668e30e8e
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 14:12:32 2026 -0800

    debian/changelog: Update for 2.12.9.

commit 5fb98819551f079870d6c9444c5b245a72649162
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 13:58:15 2026 -0800

    debian/control: Update Standards Version to 4.7.3.

commit 6a218b81002e91428bf0886ce3fa4d90bf115456
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 13:57:20 2026 -0800

    debian/control: Remove Rules-Requires-Root.

commit 6e39489dede874eb5e4f7c072c70cf792597644f
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 13:56:54 2026 -0800

    debian/control: Remove Priority.

commit 087a1fe48767d4d0d2f48e3b5a7533ef098dadcc
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 13:55:06 2026 -0800

    debian/copyright: Update for 2.12.9.

commit 7ccefc378fbc3668e648e513943f6b4c50351707
Merge: c2cd8bfb8 c2a0e7080
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Wed Jan 21 13:47:55 2026 -0800

    Merge tag 'lts-v2.12.9' into debian/latest

commit c2a0e7080d64d69940be4ad0ff6578501f3cbf9e
Author: Release CI <ci@trustedfirmware.org>
Date:   Thu Jan 15 18:21:08 2026 +0000

    docs(changelog): changelog for lts-v2.12.9 release
    
    Change-Id: I393e0a880ca3ae22186befdeb90a43bb67890ca2
    Signed-off-by: Release CI <ci@trustedfirmware.org>

commit c57bd3df6ffa31b6af32e371ac3c938f74834516
Merge: 1e8992732 5bbe15b28
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Thu Jan 15 18:06:10 2026 +0000

    Merge changes from topic "for-lts-v2.12.9" into lts-v2.12
    
    * changes:
      fix(fvp): avoid stack usage in check_cpupwrctrl_el1_is_available()
      fix(cpus): workaround for Cortex-A720 erratum 3456091
      fix(cpus): workaround for Cortex-A715 erratum 3456084
      fix(cpus): workaround for Cortex-X2 erratum 3324338
      fix(cpus): workaround for Cortex-A710 erratum 3324338
      fix(cpus): register ARCH_WORKAROUND_3 for Neoverse V2
      docs(security): update CVE-2024-7881 affected CPU revisions
      fix(security): update Neoverse-V2 fix version for CVE-2024-7881
      fix(security): update Cortex-X3 fix version for CVE-2024-7881
      fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
      fix(security): update Cortex-X4 fix version for CVE-2024-7881
      docs(security): add CVE-2024-5660 and CVE-2024-7881 reference links
      fix(cpus): workaround for Cortex-A725 erratum 3456106
      fix(cpus): workaround for Cortex-A725 erratum 3711914
      fix(cpus): workaround for Cortex-A725 erratum 2936490
      fix(cpus): workaround for Cortex-A725 erratum 2874943
      fix(cpus): workaround for Cortex-A65 erratum 1541130
      fix(cpus): workaround for Cortex-A65 erratum 1227419
      fix(cpus): workaround for Cortex-A65 erratum 1179935
      fix(build): set ERRATA_SPECULATIVE_AT after platform.mk
      fix(cpus): workaround for Cortex-A76AE erratum 2371140
      fix(cpus): workaround for Cortex-A76AE erratum 1969401
      fix(cpus): workaround for Cortex-A76AE erratum 1931435
      fix(cpus): workaround for Cortex-A76AE erratum 1931427

commit 5bbe15b28793c50e6c9a588389fa37da1ba65344
Author: Linus Nielsen <linus@haxx.se>
Date:   Fri May 23 10:39:26 2025 +0200

    fix(fvp): avoid stack usage in check_cpupwrctrl_el1_is_available()
    
    The function is called from assembly language before the stack is set
    up. This fix prevents accessing unmapped memory at 0xffffffff_ffffffxx
    by not storing the midr_no_cpupwrctl array on the stack.
    
    Change-Id: I920e32c34bddf86a1dbf05b7115026413483b3c1
    Signed-off-by: Linus Nielsen <linus@haxx.se>

commit 58a6ddd237aacaf4669e98042ba2ee8ba383e169
Author: John Powell <john.powell@arm.com>
Date:   Wed Dec 17 15:14:35 2025 -0600

    fix(cpus): workaround for Cortex-A720 erratum 3456091
    
    Cortex-A720 erratum 3456091 is a Cat B erratum that applies
    to revisions r0p0, r0p1 and r0p2, and is still open.
    
    This errata can be avoided by adding a speculation barrier
    instruction following writes to the SSBS register to
    ensure the new value of PSTATE.SSBS affects the subsequent
    instructions in the execution stream under speculation.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2439421
    
    Change-Id: Ia22a0d6bb98d1a0edb11d2469beab22c7f7aba3a
    Signed-off-by: John Powell <john.powell@arm.com>

commit c5af478c0792d0c6f3c26a19a64e4be1c4392d72
Author: John Powell <john.powell@arm.com>
Date:   Wed Dec 17 14:59:03 2025 -0600

    fix(cpus): workaround for Cortex-A715 erratum 3456084
    
    Cortex-A715 erratum 3456084 is a Cat B erratum that applies
    to revisions r0p0, r1p0, r1p1, r1p2 and r1p3, and is still open.
    
    This errata can be avoided by adding a speculation barrier
    instruction following writes to the SSBS register to
    ensure the new value of PSTATE.SSBS affects the subsequent
    instructions in the execution stream under speculation.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2148827
    
    Change-Id: Ie3f2b46051539cdebc151c46f80045a7156e0386
    Signed-off-by: John Powell <john.powell@arm.com>

commit 17f11f645cc0967da27b0d8c4833373df1b2f7f2
Author: John Powell <john.powell@arm.com>
Date:   Wed Dec 17 13:33:17 2025 -0600

    fix(cpus): workaround for Cortex-X2 erratum 3324338
    
    Cortex-X2 erratum 3324338 is a Cat B erratum that applies
    to revisions r0p0, r1p0, r2p0 and r2p1, and is still open.
    
    This errata can be avoided by adding a speculation barrier
    instruction following writes to the SSBS register to
    ensure the new value of PSTATE.SSBS affects the subsequent
    instructions in the execution stream under speculation.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100
    
    Change-Id: Ibbe55a55bd6cf5e159dab92a78ecb55c5a4d7eb1
    Signed-off-by: John Powell <john.powell@arm.com>

commit c462d3e264cf131ea950850809c959506b1275d2
Author: John Powell <john.powell@arm.com>
Date:   Wed Dec 17 13:14:09 2025 -0600

    fix(cpus): workaround for Cortex-A710 erratum 3324338
    
    Cortex-A710 erratum 3324338 is a Cat B erratum that applies
    to revisions r0p0, r1p0, r2p0 and r2p1, and is still open.
    
    This errata can be avoided by adding a speculation barrier
    instruction following writes to the SSBS register to
    ensure the new value of PSTATE.SSBS affects the subsequent
    instructions in the execution stream under speculation.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775101
    
    Change-Id: I9325f3715f4fa17bfb7ded9d5c69c59645f65b27
    Signed-off-by: John Powell <john.powell@arm.com>

commit 5aa4bb35a61d4eed8693981435dcb5005c0b0925
Author: Manish Pandey <manish.pandey2@arm.com>
Date:   Wed Dec 3 11:38:37 2025 +0000

    fix(cpus): register ARCH_WORKAROUND_3 for Neoverse V2
    
    Neoverse V2 never registered ARCH_WORKAROUND_3 in the errata
    framework, causing SMCCC_ARCH_WORKAROUND_3 discovery to always return 1.
    
    The SMCCC specification language prior to 1.6 G EAC1 was ambiguous
    regarding the meaning of return value 1, leading to inconsistent
    interpretations by callers. This ambiguity has since been resolved in
    1.6 G EAC1 release, which clarifies that a return value of 1 does *not*
    mean the core is unaffected and that callers must independently
    determine the erratum status.
    
    While TF-A has always followed this interpretation, some consumers may
    still treat a return value of 1 as “not affected”, potentially leading
    to security issues if the OS does not apply its own workaround.
    
    Firmware originally returned 1 on V2 to avoid unnecessary WA3 SMC calls
    on every syscall return, since this would negatively impact performance.
    For Cortex-A57/72/73/75, SMCCC_ARCH_WORKAROUND_3 returns 0, while for
    many newer cores (A76, A78, X2, A715, Neoverse V1/V2) the return value
    is 1 because a local OS mitigation is available and calling into
    firmware is not required.
    
    Because this interface was expected to age out, we do not want to change
    the status quo for other CPUs. This patch confines the fix to Neoverse
    V2 only by adding the missing ARCH_WORKAROUND_3 registration, allowing
    affected V2 revisions to return 0 as intended.
    
    Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
    Change-Id: I8c08c26e0b7c268772d75d36d759564a7d67cd76

commit d2e5cb077576d5965a52066f94f96d44b4eee045
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Dec 5 12:28:25 2025 -0600

    docs(security): update CVE-2024-7881 affected CPU revisions
    
    This patch updates the affected versions for the following CPUs -
    Cortex-X3 [1], Cortex-X4 [2], Cortex-X925 [3], Neoverse-V2 [4],
    Neoverse-V3 [5] and Neoverse-V3AE [6].
    Errata IDs for reference in the respective SDENs
    
    Cortex-X3 - 3692984
    Cortex-X4 - 3692983
    Cortex-X925 - 3692980
    Neoverse-V2 - 3696445
    Neoverse-V3/V3AE - 3696307
    
    [1] https://developer.arm.com/documentation/SDEN-2055130/latest/
    [2] https://developer.arm.com/documentation/SDEN-2432808/latest
    [3] https://developer.arm.com/documentation/109180/latest/
    [4] https://developer.arm.com/documentation/SDEN-2332927/latest
    [5] https://developer.arm.com/documentation/SDEN-2891958/latest/
    [6] https://developer.arm.com/documentation/SDEN-2615521/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Iad109561a144169fd3805c179a4f8e3bfdd59a65

commit 03b289bd52ed1a7c5970f494c9dfeef3bc917a80
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Dec 5 12:21:15 2025 -0600

    fix(security): update Neoverse-V2 fix version for CVE-2024-7881
    
    This patch updates the Neoverse-V2 revisions for
    which the CVE-2024-7881 [1] / Cat B erratum 3696445 [2] applies.
    The erratum applies to r0p0, r0p1, r0p2 and is still open.
    
    [1] https://developer.arm.com/documentation/110326/latest/
    [2] https://developer.arm.com/documentation/SDEN-2332927/latest
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: I1ae196fa8ce4579524faba4916f631e7c4db358b

commit cd24fc78da66d1e22be31fd2cc92b44536286e03
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Dec 5 12:05:50 2025 -0600

    fix(security): update Cortex-X3 fix version for CVE-2024-7881
    
    This patch updates the Cortex-X3 revisions for
    which the CVE-2024-7881 [1] / Cat B erratum 3692984 [2] applies.
    The erratum applies to r0p0, r1p0, r1p1, r1p2 and is still open.
    
    [1] https://developer.arm.com/documentation/110326/latest/
    [2] https://developer.arm.com/documentation/SDEN-2055130/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Ia1ff75602a0dfa758a223549d92ea87543fa44b6

commit 53b539727db4d3301da6321b1b15e2dbc80606ff
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Dec 5 11:52:37 2025 -0600

    fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
    
    This patch updates the Neoverse-V3 / Neoverse-V3AE revisions for
    which the CVE-2024-7881 [1] / Cat B erratum 3696307 [2][3] applies.
    The erratum applies to r0p0, r0p1 and is fixed in r0p2.
    
    [1] https://developer.arm.com/documentation/110326/latest/
    [2] https://developer.arm.com/documentation/SDEN-2891958/latest/
    [3] https://developer.arm.com/documentation/SDEN-2615521/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: If3e2989a4b5a5c68dc12e23978b226c73f21ba14

commit 98efb2cddab7a3311232b493f75a3390b56b4dd4
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Dec 5 11:19:45 2025 -0600

    fix(security): update Cortex-X4 fix version for CVE-2024-7881
    
    This patch updates the Cortex-X4 revisions for which the
    CVE-2024-7881 [1] / Cat B erratum 3692983 [2] applies. The erratum
    applies to r0p0, r0p1, r0p2 and is fixed in r0p3.
    
    [1] https://developer.arm.com/documentation/110326/latest/
    [2] https://developer.arm.com/documentation/SDEN-2432808/latest
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Iae84f26fdce96a61fdc942b7595ccf8b9c7783f9

commit f557bb98319d7d3f94b8afefcb2aa2593542c5b6
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Wed Dec 3 17:06:57 2025 -0600

    docs(security): add CVE-2024-5660 and CVE-2024-7881 reference links
    
    Add missing hyperlink targets for CVE-2024-5660 and CVE-2024-7881 in
    cpu-specific-build-macros.rst to allow cross-referencing these CVEs
    from documentation.
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Ia3c003d5c359f101f230fbd54845f61117456abb

commit a5dc9181521be5b68a2d676452548d5426316149
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Tue Dec 2 13:46:02 2025 -0600

    fix(cpus): workaround for Cortex-A725 erratum 3456106
    
    Cortex-A725 erratum 3456106 is a Cat B erratum that applies
    to revisions r0p0, r0p1 and r0p2, it is still open.
    
    This erratum can be avoided by having Speculation Barrier (SB)
    instruction after the writes to the PSTATE.SSBS.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2832921/latest/
    
    Change-Id: I10d1e8cb4da19ba4101a5617245ff75866707d25
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit d3771e5eb50314b0855529d45c3da9473ee09fb6
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Mon Nov 10 14:48:16 2025 -0600

    fix(cpus): workaround for Cortex-A725 erratum 3711914
    
    Cortex-A725 erratum 3711914 is a Cat B erratum that applies
    to revisions r0p0 and r0p1 and it is fixed in r0p2.
    
    This erratum can be avoided by inserting a DMB LD after each DSB ST instruction.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2832921/latest/
    
    Change-Id: If3b9d3a0f495b3a172d3e6e5ca7afa8c30aeb4ea
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit 58130aca265bcfd8da731db44d37816f061e4089
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Mon Nov 10 15:01:20 2025 -0600

    fix(cpus): workaround for Cortex-A725 erratum 2936490
    
    Cortex-A725 erratum 2936490 is a Cat B erratum that applies
    to revisions in r0p0, and is fixed in r0p1.
    
    This erratum can be avoided by setting CPUACTLR2_EL1[37] to 1.
    Setting this bit is expected to have a negligible performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2832921/latest/
    
    Change-Id: I9833f8831ba3735a94763791a65be11b95c00bdb
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit aad5e748cd1a74d74a5267619ac8f83d6c4a895b
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Mon Nov 10 15:28:55 2025 -0600

    fix(cpus): workaround for Cortex-A725 erratum 2874943
    
    Cortex-A725 erratum 2874943 is a Cat B erratum that applies
    to revision r0p0 when FEAT_SPE is enabled, it is fixed in r0p1.
    
    This erratum can be avoided by setting bits[58:57] to 0b11 in CPUACTLR_EL1.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2832921/latest/
    
    Change-Id: I686bbde8756d52afee92097ec05b97138b550025
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit bf539177b53cc2ccc6a04e456fb01ce0e2bfb4c4
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Wed Nov 5 12:38:21 2025 -0600

    fix(cpus): workaround for Cortex-A65 erratum 1541130
    
    Cortex-A65 erratum 1541130 is a Cat B erratum that applies
    to r0p0, r1p0, r1p1, r1p2 revisions of the CPU and is still open.
    
    This erratum can be avoided by disable stage1 page table walk for
    lower Els (EL1 and EL0) in EL3, so 'AT' speculative fetch at any
    point produces either the correct result or failure without TLB
    allocation.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1065159/latest/
    
    Change-Id: I72498f60f8449193ed4b5b2a9e7a08530e786ec3
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit 655417b8598cb1b344f5109ba776c84412379ee9
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Thu Oct 16 15:50:07 2025 -0500

    fix(cpus): workaround for Cortex-A65 erratum 1227419
    
    Cortex-A65 erratum 1227419 is a Cat B erratum that applies
    to r0p0, r1p0, it is fixed in r1p1.
    
    This erratum can be avoided by setting CPUACTLR_EL1[51] to 1.
    This bit disables the cross-thread sharing in instruction uTLB.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1065159/latest/
    
    Change-Id: I42371e7d53fce3a7e085bf0b348f080fa323fb51
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit ef2975fbea10e8423d1fa14fd6b9e396666ac3e0
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Thu Oct 16 18:28:16 2025 -0500

    fix(cpus): workaround for Cortex-A65 erratum 1179935
    
    Cortex-A65 erratum 1179935 is a Cat B erratum that applies
    to r0p0, it is fixed in r1p0.
    
    This erratum can be avoided by setting CPUACTLR_EL1[49] to 1. The bit
    prevents translation table walks from allocating lines into the
    L1 cache. This has a negligible impact on performance when an
    L2 cache is present.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1065159/latest/
    
    Change-Id: Ie59a4897f849269a590d8fa2d25cceab5f2cba3c
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit f5daa76a26e5055baf8cff9a621a24e58568a421
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Thu Oct 23 13:23:04 2025 +0100

    fix(build): set ERRATA_SPECULATIVE_AT after platform.mk
    
    This was introduced in
    289737419: fix(build): align the cpu-ops flags with all others
    
    That patch reduced cpu-ops.mk to an elaborate defaults.mk and moved it
    before platform.mk was evaluated. However, that patch missed the
    ERRATA_SPECULATIVE_AT setting which must happen after platform.mk,
    otherwise its value will not reflect errata state. So put it in the main
    Makefile with other similar flag settings after platform.mk.
    
    Change-Id: I221dab39c417531c5a148886d3e29709ba8b51a8
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

commit 8b11b602c19e2dee641f3986c453bbd889d3ca86
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Wed Nov 5 14:29:57 2025 -0600

    fix(cpus): workaround for Cortex-A76AE erratum 2371140
    
    Cortex-A76AE erratum 2371140 is a Cat B erratum that applies
    to all revisions <= r1p1, and is still open.
    
    This erratum can be avoided by setting CPUACTLR2_EL1[0] to 1. The
    bit force PLDW/PFRM ST to behave like PLD/PRFM LD and not cause
    invalidations to other PE caches. There might be a small performance
    degradation to this workaround for certain workloads that share data.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
    
    Change-Id: Id65846bebde1a0911ba11956202d0d255d3c8c82
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit d24cf8d8f67b60bb77a580141e2302b73443cff1
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Wed Nov 5 16:16:18 2025 -0600

    fix(cpus): workaround for Cortex-A76AE erratum 1969401
    
    Cortex-A76AE erratum 1969401 is a Cat B erratum that applies
    to r0p0 and r1p0, it is fixed in r1p1.
    
    This erratum can be avoided by inserting a DMB ST before acquire
    atomic instructions without release semantics.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
    
    Change-Id: I893452450d430833e6c5a8e33a1e37b708218576
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit bfe756d615cff1f5297a0f16bd187845d650d6be
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Wed Nov 5 16:02:57 2025 -0600

    fix(cpus): workaround for Cortex-A76AE erratum 1931435
    
    Cortex-A76AE erratum 1931435 is a Cat B erratum that applies
    to r0p0 and r1p0, it is fixed in r1p1.
    
    This erratum can be avoided by setting CPUACTLR_EL1[13] to 1. This bit
    delays instruction fetch after branch misprediction. This workaround
    will have a small impact on performance.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
    
    Change-Id: I1baba8752f5f2e2ab5c873030e1f00cbb8cf1e60
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit 71d033c7b973cc1bbf4fcb3b986fde58f718c9be
Author: Xialin Liu <xialin.liu@arm.com>
Date:   Wed Nov 5 14:40:18 2025 -0600

    fix(cpus): workaround for Cortex-A76AE erratum 1931427
    
    Cortex-A76AE erratum 1931427 is a Cat B erratum that applies
    to r0p0 and r1p0, it is fixed in r1p1.
    
    This erratum can be avoided by setting CPUACTLR2_EL1[2] to 1. The bit
    to force Atomic Store operations to write-back memory to be performed
    in the L1 data cache.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1277541/1700/?lang=en
    
    Change-Id: I31566838f894372e5627abda8b0bea1505f11f5d
    Signed-off-by: Xialin Liu <xialin.liu@arm.com>

commit 1e899273294e9d54258fb67e7ff1b23357481433
Merge: 95bbf00da 3f73a85fb
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Thu Jan 8 21:02:53 2026 +0000

    Merge changes from topic "for-lts-v2.12.9" into lts-v2.12
    
    * changes:
      fix(cpus): workaround for Cortex-A715 erratum 3711916
      fix(cpus): workaround for Cortex-A715 erratum 2376701
      fix(cpus): workaround for Cortex-A715 erratum 2409570
      fix(security): add clrbhb support
      fix(cpufeat): do feature detection before feature enablement
      feat(cpufeat): do feature detection on secondary cores too
      fix(security): remove CVE_2022_23960 Cortex-A720
      fix(security): remove CVE_2022_23960 Neoverse V3
      fix(security): remove CVE_2022_23960 Cortex-X4
      fix(security): fix Neoverse V2 CVE-2022-23960
      fix(security): fix Cortex-X3 CVE-2022-23960
      fix(security): fix Cortex-A715 CVE-2022-23960
      fix(security): fix spectre bhb loop count for Cortex-A720

commit 3f73a85fb676e623507fd083291f7e50946b1cda
Author: John Powell <john.powell@arm.com>
Date:   Mon Oct 6 16:30:34 2025 -0500

    fix(cpus): workaround for Cortex-A715 erratum 3711916
    
    Cortex-A715 erratum 3711916 is a Cat B erratum that applies to
    revisions r0p0, r1p0, r1p1, r1p2 and r1p3, and is still open.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2148827
    
    Change-Id: Iad149a2c02a804b3f4f0f2f5b89e866675cb4093
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 5c5b9e3e05d2d9dfcf594754e82889fe710beef4)

commit 214d51629abcab58e7155c25f9fb5afef3d16744
Author: John Powell <john.powell@arm.com>
Date:   Mon Oct 6 16:10:04 2025 -0500

    fix(cpus): workaround for Cortex-A715 erratum 2376701
    
    Cortex-A715 erratum 2376701 is a Cat B erratum that applies to
    revisions r0p0 and r1p0, and is fixed in r1p1.
    
    This workaround is not expected to have a significant performance
    impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2148827
    
    Change-Id: Idcd2a07d269d55534dc5faa59c454d37426f2cfa
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 4fca3ee496ff218e2b6efdcc979602dadc96bc27)

commit ed331c19c209bb550eaf4b29e71b304cdff80a9f
Author: John Powell <john.powell@arm.com>
Date:   Mon Oct 6 15:28:20 2025 -0500

    fix(cpus): workaround for Cortex-A715 erratum 2409570
    
    Cortex-A715 erratum 2409570 is a Cat B erratum that applies to
    revisions r0p0 and r1p0, and is fixed in r1p1.
    
    This workaround could have a significant performance impact for
    software that relies heavily on using store-release instructions.
    
    This workaround only applies to r1p0, r0p0 has a different
    workaround but is not used in production hardware so has not been
    implemented.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2148827
    
    Change-Id: Id9429831525b842779d7b7e60f103c93be4acd67
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit d6e941e2325627379cd16f8399378bdcc1aecf81)

commit 0df7d4ca07f34c35bc53c18252c7113f2a9453b4
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Thu Oct 2 11:00:15 2025 -0500

    fix(security): add clrbhb support
    
    TF-A mitigates spectre-bhb(CVE-2022-23960) issue with loop
    workaround based on - https://developer.arm.com/documentation/110280/latest/
    
    On platforms that support `clrbhb` instruction it is recommended to
    use `clrbhb` instruction instead of the loop workaround.
    
    Ref- https://developer.arm.com/documentation/102898/0108/
    
    Change-Id: Ie6e56e96378503456a1617d5e5d51bc64c2e0f0b
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit d6affea1608080fa3a10dedc7b6abd3010d5eaf1)

commit b173b79485fad0c7fc038738364d9661a1fbbe4d
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Thu Jul 3 15:05:24 2025 +0100

    fix(cpufeat): do feature detection before feature enablement
    
    Situations where feature configuration does not reflect hardware's
    features can cause unhandled exceptions at EL3. Feature detection is
    meant to guard against these errors by checking hardware against the
    configuration. For this to happen though, feature detection has to
    happen before these unhandled exceptions have had a chance to happen.
    
    Change-Id: I47f05a9f01321e011623083afb638552311ed013
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 0f57a3889c423d02c0e0645701f0e1856ead0f20)

commit 6c535b5ae4e15b58d25b35b0b202f1232555420a
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Thu Jul 3 14:59:55 2025 +0100

    feat(cpufeat): do feature detection on secondary cores too
    
    Feature detection currently only happens on the boot core, however, it
    is possible to have asymmetry between cores. TF-A supports limited such
    configurations so it should check secondary cores too.
    
    Change-Id: Iee4955714685be9ae6a017af4a6c284e835ff299
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit d335bbb1e20d4a8f0a6a26b97ba2a710015bf727)

commit b75f2db651a459cbb8b1025dbf5af5f1d036435c
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Mon Oct 27 14:40:08 2025 -0500

    fix(security): remove CVE_2022_23960 Cortex-A720
    
    Cortex-A720 has ECBHB implemented and is protected against X-Context
    attacks.
    
    Ref: https://developer.arm.com/documentation/110280/latest/
    TRM: https://developer.arm.com/documentation/102530/0002/The-Cortex-A720--core/Supported-standards-and-specifications?lang=en
    
    Remove WORKAROUND_CVE_2022_23960 for Cortex-A720 to avoid accidental
    enabling of this workaround and using loop workaround.
    
    This was accidentally added with
    commit@c2a15217c3053117f4d39233002cb1830fa96670
    
    Change-Id: I3c68b5f5d85ede37a6a039369de8ed2aa9205395
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit e22ccf01a9e03fc08f6bfd07ca0032aaa16b579d)

commit 9afe25a13b93f8fddc65a09aa1962b8fc88952d0
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Mon Oct 27 14:46:15 2025 -0500

    fix(security): remove CVE_2022_23960 Neoverse V3
    
    Neoverse V3 has ECBHB implemented and is protected against X-Context
    attacks.
    
    Ref: https://developer.arm.com/documentation/110280/latest/
    TRM: https://developer.arm.com/documentation/107734/0002/The-Neoverse--V3--core/Supported-standards-and-specifications?lang=en
    
    Remove WORKAROUND_CVE_2022_23960 to avoid accidental enabling of this
    workaround and using loop workaround.
    
    This was accidentally added with
    commit@c2a15217c3053117f4d39233002cb1830fa96670
    
    Change-Id: I13b27c04c3da5ec80fa79422b4ef4fee64738caa
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit a2e22acfdb9d32d115798eddceec9fff53a4867b)

commit f1b4da3e661c22107afd8468c5861967f05f910f
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Mon Oct 27 14:57:22 2025 -0500

    fix(security): remove CVE_2022_23960 Cortex-X4
    
    Cortex-X4 has ECBHB implemented and is protected against X-Context
    attacks.
    
    Ref: https://developer.arm.com/documentation/110280/latest/
    TRM: https://developer.arm.com/documentation/102484/0003/The-Cortex-X4--core/Supported-standards-and-specifications?lang=en
    
    Remove WORKAROUND_CVE_2022_23960 for Cortex-X4 to avoid accidental
    enabling of this workaround and using loop workaround.
    
    This was accidentally added with
    commit@8c87becbc64f2e233ac905aa006d5e15a63a9a8b
    
    Change-Id: I23f5fa748377a920340b3c5a6584ccfadeea901a
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit a055fdddf01635c1ee2549319aeaa1830569c7c1)

commit d69858d6e4e2bb8e90be60d92922d954c4c59cd4
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Tue Sep 16 12:06:32 2025 -0500

    fix(security): fix Neoverse V2 CVE-2022-23960
    
    Apply CVE-2022-23960 mitigation to Neoverse V2, revision r0p0 only.
    Ref - https://developer.arm.com/documentation/110280/latest/
    
    Change-Id: I859012281fc67243f050d27e364f27434389c0cf
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit 3084363cd2333263e91ac79b365424f7c756c47b)

commit dd0d59764b1e720e00a29ed9355ec971ee533c10
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Tue Sep 16 12:05:33 2025 -0500

    fix(security): fix Cortex-X3 CVE-2022-23960
    
    Apply CVE-2022-23960 mitigation to Cortex-X3, revision r1p0 and earlier only.
    Ref - https://developer.arm.com/documentation/110280/latest/
    
    Change-Id: I3d46fa70c80129ca0085d8245ee013f11a8842e3
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit 07df6c1cd678facb00e9810453260afec3d32528)

commit 6d19bed6aa77ef4993bbec19dc0ba08e11215c51
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Tue Sep 16 12:04:30 2025 -0500

    fix(security): fix Cortex-A715 CVE-2022-23960
    
    Apply CVE-2022-23960 mitigation to Cortex-A715, revision r1p0 and earlier only.
    Ref - https://developer.arm.com/documentation/110280/latest/
    
    Change-Id: Ib6b704733e474824772cb27bd048b1e179d90da9
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit ad0e8487fc640882c55dfced5e8c2d9412160094)

commit 78fb9b74550f4d6641401fb9aad3473091d4b3fc
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Thu Sep 11 10:56:25 2025 -0500

    fix(security): fix spectre bhb loop count for Cortex-A720
    
    fix@c2a15217c3053117f4d39233002cb1830fa96670
    based on https://developer.arm.com/documentation/110280/latest/
    Spectre-BHB loop count K value for Cortex-A720 is 38.
    
    Change-Id: Ib6862dbed55e5ffcd0fcd58b45a88cf925c54154
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit 9fd05e648bc4cbe50a5794ae25e9a24b1c8d6eb3)

commit 95bbf00da21bb8eb535d5c9836d7f2b6113519dd
Author: Release CI <ci@trustedfirmware.org>
Date:   Fri Oct 31 16:33:52 2025 +0000

    docs(changelog): changelog for lts-v2.12.8 release
    
    Change-Id: I305a54ae3377b2e552818e5cc103e4f534910cf2
    Signed-off-by: Release CI <ci@trustedfirmware.org>

commit f0bedb27e207794ee01443480e8ae599606ddee3
Merge: cb20c3dfd 200fa2012
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Oct 24 16:31:35 2025 +0000

    Merge "fix(spm-mm): prevent excessive racing" into lts-v2.12

commit 200fa2012666f5eadfb08e5a98d1258e08c7cc2b
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Thu Apr 3 10:29:39 2025 +0100

    fix(spm-mm): prevent excessive racing
    
    The current code does the following:
    
    sp_state_wait_switch:
            lock()
            if (status == 0)
                    status = 1
            unlock()
    
    [critical section]
    
    sp_state_set:
            lock()
            status = 0
            unlock()
    
    One core will obtain the status for itself and then all other cores will
    get the lock, see the status is not available, release the lock, and try
    again. However, when there are many cores this causes a lot of lock
    contention and the original core is racing to obtain the lock to release
    the status. This starves the holder of the lock, resulting in an
    apparent deadlock, although given enough time it will pass.
    
    Hold the lock throughout to prevent this.
    
    Also make the functions static as they are never exported and drop
    sp_state_try_switch() as its unused and would not work anymore.
    
    Change-Id: I0861d04ed95437e4ca9f203d9e79a6296b1ead56
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 48426cff7250486b9a00a2e0e69d53cb5ae6e413)

commit cb20c3dfd96ac55403f22755b5c741a004b81da0
Merge: 7988f11d3 776781d6d
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Oct 17 19:34:19 2025 +0000

    Merge "fix(simd): fix base register in fpregs_context_*" into lts-v2.12

commit 7988f11d3681cc1cdcc6fd63f04964445abad103
Merge: 2b3c7a5e8 ccb421921
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Oct 17 19:33:49 2025 +0000

    Merge changes from topic "for-lts-v2.12.7" into lts-v2.12
    
    * changes:
      refactor: fix workaround order for Cortex-A720
      fix(cpus): workaround for Cortex-A720 erratum 2729604
      fix(cpus): workaround for Cortex-A720 erratum 3711910

commit 2b3c7a5e853c0a93146994483b9475d7dd1661f7
Author: Release CI <ci@trustedfirmware.org>
Date:   Fri Oct 17 18:07:15 2025 +0000

    docs(changelog): changelog for lts-v2.12.7 release
    
    Change-Id: I8e75b7fbe61955079e1ea8341f5e1665f92fed90
    Signed-off-by: Release CI <ci@trustedfirmware.org>

commit ccb4219217926604a555f5e09c92098ee1c560dc
Author: John Powell <john.powell@arm.com>
Date:   Tue Sep 30 19:03:28 2025 -0500

    refactor: fix workaround order for Cortex-A720
    
    One of the Cortex-A720 errata was below the CVE workaround, this
    moves it up to the correct place.
    
    Change-Id: I6770567a9580973ceedb5911f0a495391ef9e839
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 816a999c90e00bbe60f5303f7a847dbd8b811b58)

commit 6cce5175fb92dda0d61fd7f569eed6687b0b7fcb
Author: John Powell <john.powell@arm.com>
Date:   Tue Sep 30 18:53:38 2025 -0500

    fix(cpus): workaround for Cortex-A720 erratum 2729604
    
    Cortex-A720 erratum 2729604 is a Cat B erratum that applies to
    revisions r0p0 and r0p1, and is fixed in r0p2.
    
    This workaround might impact performance of workloads heavily
    relying on floating point division or square root operations.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2439421
    
    Change-Id: I4567d75ba9f17146d0d7bc5cdb622bb63efadc3c
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 217a79c4c3cfe714cb1ce4d083bd8f174d1be93c)

commit 0dba1a220fadb868b86bd6973d9dd50ec30ea721
Author: John Powell <john.powell@arm.com>
Date:   Tue Sep 30 18:32:02 2025 -0500

    fix(cpus): workaround for Cortex-A720 erratum 3711910
    
    Cortex-A720 erratum 3711910 is a Cat B erratum that applies to
    revisions r0p0, r0p1 and r0p2, and is still open.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2439421
    
    Change-Id: Id65d5ba41b96648b07c09df77fb25cc4bdb50800
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 87e69a8ff3820350adf64b910bddffcb5b1d8eca)

commit 776781d6d816f7f29c58049495974e23f33fda6b
Author: Andrei Homescu <ahomescu@google.com>
Date:   Sat Dec 14 14:12:56 2024 +0000

    fix(simd): fix base register in fpregs_context_*
    
    The fpregs_state_* macros require the base register
    to point to the start of the simd_regs_t structure.
    The fpregs_context_* functions were passing the
    address incorrectly shifted by 512 bytes.
    
    Signed-off-by: Andrei Homescu <ahomescu@google.com>
    Change-Id: I757a26f8910c2ab648116e001e06baa3deb2eec4
    (cherry picked from commit 09ada2f8d63fabd1bb01494c2466f647441107b1)

commit d7c00ae2f48ba35ed8be60bddf759a3931e170d9
Merge: c6b15b00f 72f26f182
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Sat Oct 4 16:26:30 2025 +0000

    Merge changes from topic "for-lts-v2.12.8" into lts-v2.12
    
    * changes:
      fix(cpus): workaround for Neoverse-V2 erratum 3701771
      fix(cpus): workaround for Neoverse-V2 erratum 3841324
      fix(cpus): workaround for Cortex-A510 erratum 3704847
      fix(cpus): workaround for Cortex-A510 erratum 3672349
      fix(cpus): workaround for Cortex-A510 erratum 2420992
      fix(cpus): workaround for Cortex-A510 erratum 2218134
      fix(cpus): workaround for Cortex-A510 erratum 2169012
      fix(cpus): workaround for Cortex-A510 erratum 2008766

commit 72f26f182fe4e73522c52cae0df00cebdbc479a2
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Mon Sep 8 10:45:16 2025 -0500

    fix(cpus): workaround for Neoverse-V2 erratum 3701771
    
    Neoverse-V2 erratum 3701771 that applies to r0p0, r0p1, r0p2 is
    still Open.
    
    The workaround is for EL3 software that performs context save/restore
    on a change of Security state to use a value of SCR_EL3.NS when
    accessing ICH_VMCR_EL2 that reflects the Security state that owns the
    data being saved or restored.
    
    The mitigation is implemented in commit 7455cd172 and this patch should be applied on top of it.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2332927/latest
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Ic0ad68f7bd393bdc03343d5ba815adb23bf6a24d
    (cherry picked from commit 98ea7329c52b864473e5280bba3806dd04b30dc7)

commit e26cd2c524653846eb9a65801bbcdfdecef94e5e
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Thu Aug 28 13:52:15 2025 -0500

    fix(cpus): workaround for Neoverse-V2 erratum 3841324
    
    Neoverse-V2 erratum 3841324 is a Cat B erratum that applies to
    r0p0 and r0p1. It is fixed in r0p2.
    
    This erratum can be avoided by setting CPUACTLR_EL1[1]
    prior to enabling MMU. This bit will disable a branch predictor
    power savings feature. Disabling this power feature
    results in negligible power movement and no performance impact.
    
    SDEN Documentation:
    https://developer.arm.com/documentation/SDEN-2332927/latest
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: I9b3a5266103e5000d207c7a270c65455d0646102
    (cherry picked from commit 7d947650dc41712cfc8830068a7ce06d56c6c205)

commit 1f547e2282ae7035e8108c37e6942b8992d6b05f
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 18:44:16 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 3704847
    
    Cortex-A510 erratum 3704847 is a Cat B erratum that applies to
    revisions r0p0, r0p1, r0p2, r0p3, r1p0, r1p1, r1p2 and r1p3, and
    is still open.
    
    The workaround is to set bit 9 in CPUACTLR_EL1.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: I2c7c8da9c66471115b5bf8fb5c87d4de46ca265c
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit ea88493655a82b9f363951cf6b604ff21cd711f0)

commit 8c67b1a2797105a100fcf9d7f6312973a99ab9af
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 18:29:59 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 3672349
    
    Cortex-A510 erratum 3672349 is a Cat B erratum that applies to
    revisions r0p0, r0p1, r0p2, r0p3, r1p0, r1p1, r1p2 and r1p3, and
    is still open.
    
    The workaround is to clear the WFE_RET_CTRL and WFI_RET_CTRL fields
    in CPUPWRCTLR_EL1 to disable full retention.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: I9786ab8843a2eab45e650c6af50b6933481527ec
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit af1fa79631262d2b1454dec37cb52f64705b016e)

commit 05f71e3443d3ec04f39c1f6afbf0c023bd2c3637
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 17:50:30 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 2420992
    
    Cortex-A510 erratum 2420992 is a Cat B erratum that applies only to
    revisions r1p0 and r1p1, and is fixed in r1p1.
    
    The workaround is to set bit 3 in CPUACTLR3_EL1 which will have no
    performance impact, but will increase power consumption by 0.3-0.5%.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: Ia76ba2431d76f14c08b95a998806986190d682c3
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 4fb7090e72617f87ceb118a61bff8f393cdb31c1)

commit 399477f9fbb1cec0a8613818369b2a14ab3a43b6
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 16:54:02 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 2218134
    
    Cortex-A510 erratum 2218134 is a Cat B erratum that applies only to
    revision r1p0 and is fixed in r1p1.
    
    The workaround is to set bit 43 in CPUACTLR2_EL1 which will correct
    the instruction fetch stream with no performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: Ifec40dee2f7e42c56c9ed447b6b1997b170f9453
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 4592f4eaea7c40b4a7d59cad381611f07a91f406)

commit 4e62dbf9b62b0b8709d83dcac648f25e6e22ce4c
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 16:10:33 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 2169012
    
    Cortex-A510 erratum 2169012 is a Cat B erratum that applies to
    revisions r0p0, r0p1, r0p2, r0p3 and r1p0, and is fixed in r1p1.
    
    This erratum has an identical workaround to 1922240 and resolves
    a similar issue, but that erratum only applies to r0p0 which is
    not used in any production hardware, so it has been removed.
    
    This workaround has a negligible performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: Ifdd59c09e84252dc292600630d81d32986fd6c0c
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 124ff99fab733926afab60781c175261813f0834)

commit 7c300227e459637e2dd67d694f982b93ae3f82a0
Author: John Powell <john.powell@arm.com>
Date:   Fri Aug 29 14:57:44 2025 -0500

    fix(cpus): workaround for Cortex-A510 erratum 2008766
    
    Cortex-A510 erratum 2008766 is a Cat B erratum that applies to
    revisions r0p0, r0p1, r0p2, r0p3, r1p0, r1p1, r1p2 and r1p3, and
    is still open.
    
    The workaround is to clear the ERXCTLR_EL1.ED bit before power
    down, which will cause any detected errors during power down to
    be ignored.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1873361/latest/
    
    Change-Id: Id1aa0f2c518a055363c962f9abdb27e1ee8bff18
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit d64d4215744bb34bba96ab088fb05ab6cffda846)

commit c6b15b00fce06d091d20ed854341ed27877efcb3
Merge: c2ed51b94 9cb5a78aa
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Tue Sep 30 05:32:07 2025 +0000

    Merge changes from topic "for-lts-v2.12.7" into lts-v2.12
    
    * changes:
      fix(aarch32): make get_cpu_ops_ptr() PCS compliant
      build(allwinner): disable unneeded CVE workarounds and MPAM
      fix(cpus): use correct Makefile indentation for CVE-2018-3639 check

commit 9cb5a78aa57574ef965d976dab573765788e4d97
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Mon Aug 18 15:38:30 2025 +0100

    fix(aarch32): make get_cpu_ops_ptr() PCS compliant
    
    The get_cpu_ops_ptr() function gets called from C (mainly in errata
    reporting) but it is not PCS compliant - it clobbers r4 and r5. This
    doesn't usually cause any problems, but if the stars align it blows up.
    
    Convert the heart of the function to a non-PCS compliant macro that can
    be invoked in the early entrypoint code and change the get_cpu_ops_ptr()
    to a PCS compliant wrapper for calling into C. Additionally, the
    resultant inlining in the entrypoint will lead to a tiny performance
    bump due to the one fewer jump to an uncached memory location.
    
    Change-Id: I7f3b50e56a1288d2a8136a7b8c01544bab19c57b
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 71f7a363fe9d5aa6466ffd4b663cf52d9033deaa)

commit 84e8bc22f5fe4f11dd6b9dffb205cecd1ba308d8
Author: Andre Przywara <andre.przywara@arm.com>
Date:   Mon Sep 1 01:06:49 2025 +0100

    build(allwinner): disable unneeded CVE workarounds and MPAM
    
    There are a number of workarounds for CVEs related to sidechannel
    attacks on some CPU cores, most of them listed here:
    https://developer.arm.com/documentation/110280/latest/
    Also there are two other CVEs:
    https://developer.arm.com/documentation/110324/latest/
    https://developer.arm.com/documentation/110326/latest/
    
    As these page reveals, those workaround do not apply to the Cortex-A53
    (or A55) cores, so we can safely disable them in the Allwinner build
    recipes, since they only use those two cores so far.
    
    Also disable FEAT_MPAM, which is one of the only three later features
    that are enabled default, but are not enabled in Cortex-A53 or A55
    cores. Use the opportunity to group those options together and improve
    the comment.
    
    This decreases the code size by a few hundred bytes.
    
    Change-Id: Ibc52a4fc9b8f5d9b2b28a2ce13d3ab99b63e9640
    Signed-off-by: Andre Przywara <andre.przywara@arm.com>
    (cherry picked from commit d86ddcef6fee6d48285dd781f21dc44cdb3a8a45)

commit 79ba33aa3900d94f44264660674ca7a50da34550
Author: Andre Przywara <andre.przywara@arm.com>
Date:   Mon Sep 1 01:02:06 2025 +0100

    fix(cpus): use correct Makefile indentation for CVE-2018-3639 check
    
    Makefiles need to use spaces for indentation when using make syntax,
    tabs are reserved for (shell) recipes.
    
    Replace tabs with spaces on the WORKAROUND_CVE_2018_3639 check, to fix
    the error report when WORKAROUND_CVE_2018_3639 is disabled:
    lib/cpus/cpu-ops.mk:1147: *** recipe commences before first target. Stop.
    
    Also this revealed that DYNAMIC_WORKAROUND_CVE_2018_3639 was not
    initialised, so it always triggered that condition. Set it to 0, to
    allow disabling WORKAROUND_CVE_2018_3639 on the command line.
    
    Use the opportunity to also convert some unrelated tab to spaces, in a
    line continuation.
    
    Change-Id: Ieb56af33a11c40b6753738669eee929c264261cf
    Signed-off-by: Andre Przywara <andre.przywara@arm.com>
    (cherry picked from commit 360460a1b0ebf338224e9b6b8abb032177acd6c0)

commit c2ed51b94890c98153b12f430451783a78a79342
Merge: 10ae965e5 01d80d085
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Sep 19 18:01:45 2025 +0000

    Merge changes from topic "for-lts-v2.12.7" into lts-v2.12
    
    * changes:
      docs(security): update Advisory TFV-6
      fix(cpus): inform the compiler that struct cpu_ops is aligned
      fix(smccc): cleanup unused declaration

commit 01d80d085df090c75c269c26badd200ec82b5d21
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Thu Aug 7 15:07:07 2025 -0500

    docs(security): update Advisory TFV-6
    
    Update Advisory TFV-6 based on -
    https://developer.arm.com/documentation/110280/latest/
    
    Link all the impacted variants to this page correctly.
    
    Change-Id: Icb3d039c8949fd6036c729a845646170710ba011
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit 03c7510bbbe046afacfbaaeadc3546996b0e52b9)

commit 616a7983db27e17969e9e9de0d7f4da88857b78c
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Wed Aug 13 15:08:28 2025 +0100

    fix(cpus): inform the compiler that struct cpu_ops is aligned
    
    The only way to access a cpu_ops structure is through a pointer returned
    from assembly so the compiler can't know its alignment and it must
    assume the worst. As a result, it's scared to do 64 bit loads and must
    do 8 single byte loads that it then can combine together.
    
    Well, the cpu assembly macros take care to align the cpu_ops entries to
    a word boundary so we can propagate that information to the structure
    definition as well and removed the compiler's paranoia.
    
    Change-Id: Id38d6f1b92527b8a414cfbb856a5a82c76a1b1a8
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 759ed9461296ffa74473ea31a8e5f1f03d8b9af3)

commit 7a241814b11d74018888c5d9e4e63cb756b4dbd2
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Wed Sep 3 12:44:50 2025 -0500

    fix(smccc): cleanup unused declaration
    
    Remove check_wa_cve_2024_7881() declaration left behind by patch
    fd04156eb792963cb21144063e421d074efa6386.
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Iae81e0bcbd2feb2b72a4e4e8fd27a27ae00c9cb4
    (cherry picked from commit 8397768665785a9379475b9bf781ea2caaf22888)

commit 10ae965e520d612c27866796632090222ce9036d
Author: Release CI <ci@trustedfirmware.org>
Date:   Fri Aug 29 16:27:10 2025 +0000

    docs(changelog): changelog for lts-v2.12.6 release
    
    Change-Id: I764b9b689db53ea0399b5ef363c0499b6612c3ff
    Signed-off-by: Release CI <ci@trustedfirmware.org>

commit 83f607a2af3c5d702f405c0f6e11745de1b781f4
Merge: dd3786b55 ace292ef2
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Fri Aug 29 16:24:23 2025 +0000

    Merge changes from topic "for-lts-v2.12.6" into lts-v2.12
    
    * changes:
      fix(cpus): workaround for Cortex-X4 erratum 3887999
      fix(cpus): workaround for Cortex-X4 erratum 3133195
      fix(cpus): organize Cortex-X2 errata entries
      fix(cpus): workaround for Cortex-X2 erratum 2291219
      fix(cpus): workaround for Cortex-X2 erratum 2267065
      fix(cpus): workaround for Cortex-X2 erratum 2136059
      fix(cpus): workaround for Cortex-X2 erratum 1934260
      fix(cpus): workaround for Cortex-X2 erratum 1927200
      fix(cpus): workaround for Cortex-X2 erratum 1917258
      fix(cpus): workaround for Cortex-X2 erratum 1916945
      fix(cpus): workaround for Cortex-X2 erratum 1901946

commit ace292ef2e0ceab8006cb3f8fd611b3d5bfbeba7
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Tue Jul 29 14:44:40 2025 -0500

    fix(cpus): workaround for Cortex-X4 erratum 3887999
    
    Cortex-X4 erratum 3887999 is a Cat B erratum that applies
    to all revisions <= r0p3 and is still open.
    
    The erratum can be avoided by setting CPUACTLR2[22] to 1'b1 which will
    disable linking multiple Non-Cacheable or Device GRE loads to the same
    read request for the cache-line. This might have a significant
    performance impact to Non-cacheable and Device GRE read bandwidth for
    streaming scenarios
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2432808/latest
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: I851746b7b430eac85184c8d402d1aa5bb3c94a8e
    (cherry picked from commit 5a45f0fca7002c2b5d4138d51d9ea5788440c229)

commit 7fc7f929c4ae03eceb2e5a1f06f09bbb0a8970f9
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Tue Jul 29 14:05:41 2025 -0500

    fix(cpus): workaround for Cortex-X4 erratum 3133195
    
    Cortex-X4 erratum 3133195 is a Cat B erratum that applies
    to all revisions = r0p2 and is fixed in r0p3.
    
    This erratum can be avoided by writing to a set of implementation
    defined registers which will execute a PSB instruction following
    the TSB CSYNC instruction.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-2432808/latest
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Id44daf950124e7c2d46cb5d6d6a1083d06fad12d
    (cherry picked from commit 58148b92bed490cd050df4c6faad080b1f3f2571)

commit 885b1291ab9abd61def2b504e82582fdc2928ad4
Author: John Powell <john.powell@arm.com>
Date:   Mon Jul 14 13:38:14 2025 -0500

    fix(cpus): organize Cortex-X2 errata entries
    
    The entries in cpu-ops.mk and cpu-specific-build-macros.rst are out of
    order and the formatting is not consistent. This patch corrects these
    minor formatting issues.
    
    Change-Id: Ic01517d58d3ca1b2d39be5282b0058c94fa5d0e7
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit f753b4a99651bfb662137c98f2e0aaa43c577a2c)

commit d1ed44d6421af6d03bd8cd61e685362a22445f0b
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 22:45:42 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 2291219
    
    Cortex-X2 erratum 2291219 is a Cat B erratum that applies to
    revisions r0p0, r1p0 and r2p0 and is fixed in r2p1.
    
    The workaround is to set CPUACTLR2_EL1[36] before the power
    down sequence that sets PWRDN_EN and executes WFI. This bit
    should be be cleared after exiting WFI.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I43af57961feba3a1c001d09ad804740b996f1db7
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 989c798d5ad7a3965747c54695f5f307bd44f37c)

commit 7430412dbaa311447a2f71ace360d3ebac38afa6
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 22:11:49 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 2267065
    
    Cortex-X2 erratum 2267065 is a Cat B erratum that applies to
    revisions r0p0, r1p0 and r2p0 and is fixed in r2p1.
    
    The workaround is to set CPUACTLR_EL1[22].
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I540e113f209ef11ec7103d4ef4e48ffb52416b4e
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 41b969764a866587c1403db0971877aa267fd783)

commit 66f25a8325d24f9bf66cdef1c404915cd5003b8e
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 21:55:56 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 2136059
    
    Cortex-X2 erratum 2136059 is a Cat B erratum that applies to
    revisions r0p0, r1p0 and r2p0 and is fixed in r2p1.
    
    The workaround is to set CPUACTLR5_EL1[44].
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I156467537c3f235b50fc8aa19a969f2798bd891b
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit a8e4d5a5549d47ebc41fbfbc5e22b4e4c66ae918)

commit 851c5bf1ab6025dd8ee96424546e6cfe0672bd18
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 21:43:58 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 1934260
    
    Cortex-X2 erratum 1934260 is a Cat B erratum that applies only
    to revision r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUECTLR_EL1[25:18] to 0xFF. This
    workaround will result in reduced performance for workloads
    that benefit from write streaming.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I180d38fee27175dc8ac5fa6726e5b71c3340285f
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 2c0467af6a62263401181cdf3e88cf0016457b02)

commit 47ddedb4d888991df3d797b6926c3b7922d2cca9
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 21:26:00 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 1927200
    
    Cortex-X2 erratum 1927200 is a Cat B erratum that applies to
    revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The workaround is to use instruction patching to insert a DMB ST
    before acquire atomic instructions without release semantics.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I8d9038df1907888b3c5b2520d06bc150665e74a1
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit e236548455cc3f8e28cdd2daa3cffc6fae6ea73c)

commit 7f0fc6bd0516b51ee4dee8cb15b401f6de73288a
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 21:06:49 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 1917258
    
    Cortex-X2 erratum 1917258 is a Cat B erratum that applies to
    revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUACTLR4_EL1[43]. This has no
    performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: Ic18a5179856f861701f09b2556906a6722db8150
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit ccee7fa879a4252b3e665b07c302a5fc47fd129d)

commit 7054fa4e758e50841e620f2cd9b32c8bba2073e6
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 19:27:15 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 1916945
    
    Cortex-X2 erratum 1916945 is a Cat B erratum that applies to
    revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUECTLR_EL1[8]. This has a small
    performance impact (<0.5%).
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: If810b1d0a07c43b3e1aa70d2ec88c1dcfa6f735f
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit ff879c528056dd49b9fa18c544e832d6dc0dd75c)

commit 4b559e72cf0cb7b20356feee3356d16eed25297e
Author: John Powell <john.powell@arm.com>
Date:   Fri Jul 11 19:10:52 2025 -0500

    fix(cpus): workaround for Cortex-X2 erratum 1901946
    
    Cortex-X2 erratum 1901946 is a Cat B erratum that applies to
    revision r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUACTLR4_EL1[15]. This has a small
    performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN-1775100/latest
    
    Change-Id: I5a65db60f06982191994db49815419c4d72506cf
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit ce64ea6ecb2b03eaf23fd4ec1460072ed472a92b)

commit dd3786b55575a0f2d37e4094a04ad1e73c67a758
Merge: cb256c8a1 e90ce7577
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Aug 1 18:16:49 2025 +0000

    Merge changes from topic "for-lts-v2.12.6" into lts-v2.12
    
    * changes:
      docs(security): security advisory for CVE-2024-7881
      docs(security): security advisory for CVE-2024-5660
      fix(cpus): workaround for Cortex-X3 erratum 3213672
      fix(cpus): workaround for Cortex-X3 erratum 3827463
      fix(cpus): workaround for Cortex-X3 erratum 3692984
      fix(cpus): check minor revision before applying runtime errata
      fix(cpus): put back the global declaration for erratum #3701747

commit e90ce75774a81528cf4950fbdb898d9edd64eec2
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Fri Jul 11 10:22:00 2025 -0500

    docs(security): security advisory for CVE-2024-7881
    
    Add CVE-2024-7881 security advisory document.
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Ide976bc8754dc94d23e76001aaecf52556e7039a
    (cherry picked from commit b1f8b71ca8d94b2965b59ba5257cfeb59fea8562)

commit 76a1cce97b16f7f289b6c755f5ef6c42188fb2aa
Author: Govindraj Raja <govindraj.raja@arm.com>
Date:   Mon Jul 7 14:22:27 2025 -0500

    docs(security): security advisory for CVE-2024-5660
    
    Add CVE-2024-5660 security advisory document.
    
    Change-Id: I0d0428061f60b6fe83d03362b27b960f6ddcc6f4
    Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
    (cherry picked from commit e0cb13fdda3f6d8d387a28b77da0fe7d2f0b7449)

commit e9bc0b98b1d60fa371e1ba2237ecb57fb252a26c
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Thu Jul 10 09:59:00 2025 -0500

    fix(cpus): workaround for Cortex-X3 erratum 3213672
    
    Cortex-X3 erratum 3213672 is a Cat B erratum that applies to
    r0p0, r1p0, r1p1 and r1p2. It is still open.
    
    This erratum can be worked around by setting CPUACTLR_EL1[36]
    before enabling icache.
    
    SDEN Documentation:
    https://developer.arm.com/documentation/SDEN-2055130/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: Ia1c03217f4e1816b4e8754a090cf5bc17546be40
    (cherry picked from commit 42920aa743901395431f8c0ad0b79d0d79ef4ade)

commit cafd1afdccaab2560c23e3200442fd6b330bfee2
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Thu Jul 3 16:30:03 2025 -0500

    fix(cpus): workaround for Cortex-X3 erratum 3827463
    
    Cortex-X3 erratum 3827463 is a Cat B erratum that applies to
    r0p0, r1p0 and r1p1. It is fixed in r1p2.
    
    This erratum can be avoided by setting CPUACTLR_EL1[1]
    prior to enabling MMU. This bit will disable a branch predictor
    power savings feature. Disabling this power feature
    results in negligible power movement and no performance impact.
    
    SDEN Documentation:
    https://developer.arm.com/documentation/SDEN-2055130/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: I1d4a2b9641400d8b9061f7cb32a8312c3995613e
    (cherry picked from commit 6a464ee7754d9b24a9a35668bc5019164267dac7)

commit 44fc77fef621d4ebc1aaf10b5da0c8c98a778e8a
Author: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Date:   Mon Jun 30 16:22:46 2025 -0500

    fix(cpus): workaround for Cortex-X3 erratum 3692984
    
    Cortex-X3 erratum 3692984 is a Cat B erratum that applies to
    r0p0, r1p0, r1p1 and r1p2 and is still open.
    
    The erratum can be avoided by disabling the
    affected prefetcher setting CPUACTLR6_EL1[41].
    
    SDEN Documentation:
    https://developer.arm.com/documentation/SDEN-2055130/latest/
    
    Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
    Change-Id: I054b47d33fd1ff7bde3ae12e8ee3d99e9203965f
    (cherry picked from commit f828efe258e148b2707249a65b2e31ab9718c4a6)

commit 621560d745b5ec9a3aad5a1e01865e27e20dac53
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Wed Jul 23 09:48:13 2025 +0100

    fix(cpus): check minor revision before applying runtime errata
    
    Patch db9ee83432 removed cpu_rev checking for runtime errata
    within cpu functions with the argument that if we're in the cpu file,
    we've already check the MIDR and matched against the CPU. However, that
    also removes the revision check which being in the cpu file does not
    guarantee. Reintroduce the MIDR checking so that the revision check
    happens and errata can be skipped if they don't apply.
    
    Change-Id: I46b2ba8b524a073e02b4b5de641ae97795bc176b
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 645917ab32a25457824d0c7039e80b1cc228925b)

commit 27fa107db4e05454f4f79ad3a1986d4c8ed8c890
Author: Boyan Karatotev <boyan.karatotev@arm.com>
Date:   Wed Jul 30 14:32:06 2025 +0100

    fix(cpus): put back the global declaration for erratum #3701747
    
    Patch 89dba82df accidentally removed it. Put it back.
    
    Change-Id: Ic7a5a13ae89b0b86ccbea56fecfe12bef57a90b9
    Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
    (cherry picked from commit 28a0b5a16ac19abe4545b400c2124d5f846bacf6)

commit cb256c8a1526907a51d248379d0a1f4782a82521
Author: Release CI <ci@trustedfirmware.org>
Date:   Fri Jul 25 17:28:59 2025 +0000

    docs(changelog): changelog for lts-v2.12.5 release
    
    Change-Id: Idbb833413ac48d9a1dfc9d75c94ce27b574aea95
    Signed-off-by: Release CI <ci@trustedfirmware.org>

commit 2340a7be9925aa20788f7332c76ff0e09f9587b8
Merge: a9fcaf3cc 4aa3e4c6c
Author: ci-bot <openci-infra-admins@review.trustedfirmware.org>
Date:   Fri Jul 25 17:21:00 2025 +0000

    Merge changes from topic "for-lts-v2.12.5" into lts-v2.12
    
    * changes:
      fix(cpus): workaround for Cortex-A710 erratum 1927200
      fix(cpus): workaround for Cortex-A710 erratum 1917258
      fix(cpus): workaround for Cortex-A710 erratum 1916945
      fix(cpus): workaround for Cortex-A710 erratum 1901946
      fix(imx8mp): remove ERR050463 VPUMIX workaround
      fix(zynqmp): workaround issue around cntpct_el0

commit 4aa3e4c6c3ac512833fbe14f78d11a491051866c
Author: John Powell <john.powell@arm.com>
Date:   Mon Jun 9 17:06:55 2025 -0500

    fix(cpus): workaround for Cortex-A710 erratum 1927200
    
    Cortex-A710 erratum 1927200 is a Cat B erratum that applies
    to revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The fix is to insert DMB ST before acquire atomic instructions
    without release semantics via instruction patching.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1775101
    
    Change-Id: I53c4aa17c1c2dc85b68f17d58f93bb1ee6b3d488
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit cb2702c4b72746b6ef4e2da8d04d3f4b56d85398)

commit bdb9f85e1f1b65bd9cea0f2b127addcb0ab5ae3e
Author: John Powell <john.powell@arm.com>
Date:   Mon Jun 9 14:32:39 2025 -0500

    fix(cpus): workaround for Cortex-A710 erratum 1917258
    
    Cortex-A710 erratum 1917258 is a Cat B erratum that applies
    to revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUACTLR4_EL1[43]. This has no
    performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1775101
    
    Change-Id: I1fae91a5e3a8ecea255f0f0a481bfd6196a7db51
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit d91c417716f260081e6a78f561224117088fc2e0)

commit e3f2ee2ca7851dbfe9224f8f142b04ad9e11fe34
Author: John Powell <john.powell@arm.com>
Date:   Mon Jun 9 13:46:11 2025 -0500

    fix(cpus): workaround for Cortex-A710 erratum 1916945
    
    Cortex-A710 erratum 1916945 is a Cat B erratum that applies
    to revisions r0p0 and r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUECTLR_EL1[8]. This has a slight
    performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1775101
    
    Change-Id: I54793492c527928d7f266165a31b8613de838e69
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit df067c0a60b0c05554ebac51a37fb7d9ba866130)

commit da60f9c0229d03ba1f2194bc815b3841ba896c18
Author: John Powell <john.powell@arm.com>
Date:   Mon Jun 9 13:14:33 2025 -0500

    fix(cpus): workaround for Cortex-A710 erratum 1901946
    
    Cortex-A710 erratum 1901946 is a Cat B erratum that applies
    to revision r1p0 and is fixed in r2p0.
    
    The workaround is to set CPUACTLR4_EL1[15]. This has a slight
    performance impact.
    
    SDEN documentation:
    https://developer.arm.com/documentation/SDEN1775101
    
    Change-Id: I703f0e6ee122e44a9bc284d90f1465039e3b40e4
    Signed-off-by: John Powell <john.powell@arm.com>
    (cherry picked from commit 4467348b63e02fde9a823bd476e50bc281ed63f7)

Created: 2026-01-21 Last update: 2026-02-04 13:02

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-03-03 Last update: 2025-04-10 14:00

5 low-priority security issues in bookworm low

There are 5 open security issues in bookworm.

5 issues left for the package maintainer to handle:

CVE-2024-5660: (needs triaging) Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass of Stage-2 translation and/or GPT protection.
CVE-2024-6563: (needs triaging) Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.
CVE-2024-6564: (needs triaging) Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.
CVE-2024-7881: (needs triaging) An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is also dereferenced.
CVE-2023-49100: (needs triaging) Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-23 Last update: 2025-08-10 06:32

debian/patches: 5 patches to forward upstream low

Among the 5 debian patches available in version 2.12.1+dfsg-1 of the package, we noticed the following issues:

5 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-03-03 09:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.7.2).

Created: 2025-12-23 Last update: 2025-12-23 20:00

news

[rss feed]

[2025-03-08] arm-trusted-firmware 2.12.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-03-02] Accepted arm-trusted-firmware 2.12.1+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2025-01-26] arm-trusted-firmware 2.12.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2025-01-21] Accepted arm-trusted-firmware 2.12.0+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2025-01-14] arm-trusted-firmware 2.10.10+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-01-08] Accepted arm-trusted-firmware 2.10.10+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2025-01-08] Accepted arm-trusted-firmware 2.12.0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2023-12-09] arm-trusted-firmware 2.10.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-12-04] Accepted arm-trusted-firmware 2.10.0+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2023-07-06] arm-trusted-firmware 2.9.0+dfsg-3 MIGRATED to testing (Debian testing watch)
[2023-07-01] Accepted arm-trusted-firmware 2.9.0+dfsg-3 (source) into unstable (Vagrant Cascadian)
[2023-06-19] Accepted arm-trusted-firmware 2.9.0+dfsg-2 (source) into experimental (Vagrant Cascadian)
[2023-06-19] Accepted arm-trusted-firmware 2.9.0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2022-11-30] arm-trusted-firmware 2.8.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-11-25] Accepted arm-trusted-firmware 2.8.0+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2022-08-11] arm-trusted-firmware 2.7.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2022-08-06] Accepted arm-trusted-firmware 2.7.0+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2022-06-09] Accepted arm-trusted-firmware 2.7.0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-12-02] arm-trusted-firmware 2.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-11-27] Accepted arm-trusted-firmware 2.6+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2021-11-17] Accepted arm-trusted-firmware 2.6~rc0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-09-20] arm-trusted-firmware 2.5+dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-09-09] Accepted arm-trusted-firmware 2.5+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2021-06-09] Accepted arm-trusted-firmware 2.5+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-01-22] arm-trusted-firmware 2.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-01-17] Accepted arm-trusted-firmware 2.4+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2021-01-04] Accepted arm-trusted-firmware 2.4+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2020-10-23] arm-trusted-firmware 2.3+dfsg-3 MIGRATED to testing (Debian testing watch)
[2020-10-18] Accepted arm-trusted-firmware 2.3+dfsg-3 (source) into unstable (Vagrant Cascadian)
[2020-10-15] Accepted arm-trusted-firmware 2.3+dfsg-2 (source arm64) into experimental, experimental (Debian FTP Masters) (signed by: Vagrant Cascadian)

bugs [bug history graph]

all: 1
RC: 0
I&N: 0
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 2)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.12.1+dfsg-1