Cortex-M52 is not affected by CVE-2021-35465.
The `cortex-m52` CPU definition no longer enables the `quirk_vlldm` feature, preventing unnecessary CVE-2021-35465 mitigations.
The cortex-m52 CPU definition in GCC is updated to remove the quirk_vlldm feature bit. This change reflects that the Cortex-M52 processor does not have the VLLDM erratum associated with CVE-2021-35465, meaning the -mfix-cmse-cve-2021-35465 flag will no longer be enabled by default. Additionally, a typo in the documentation for the CVE number has been corrected.
In Details
CVE-2021-35465 describes a security vulnerability related to the VLLDM instruction in certain ARM processors, specifically where exceptions during a partially completed VLLDM instruction could allow access to secure contexts. The quirk_vlldm feature bit is an internal GCC mechanism to enable workarounds for this erratum for affected CPUs. This commit revises the processor-specific feature flags to accurately reflect that the Cortex-M52 architecture is not susceptible to this particular VLLDM bug, thus avoiding unnecessary code generation for the CVE fix.
For Context
Compilers like GCC are designed to generate code for many different processors, each with its own specific features and sometimes, even bugs. This commit is about a specific ARM processor, the Cortex-M52. There was a security vulnerability (CVE-2021-35465) in some ARM processors related to a particular instruction called VLLDM. Previously, GCC was set up to apply a special fix for this vulnerability by default when compiling for the Cortex-M52. This change corrects that, as it turns out the Cortex-M52 is not affected by this specific bug. This means the compiler won't add unnecessary code to work around a problem that doesn't exist on this processor, potentially leading to slightly smaller or faster code, and it also fixes a small typo in the compiler's documentation.