From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 0CEC1384B11C; Wed, 24 Apr 2024 15:40:06 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0CEC1384B11C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1713973206;
	bh=7+xbddWiUVzG8r/KezBZJlsDngTlt3O/7OUhTj9Bslc=;
	h=From:To:Subject:Date:From;
	b=S9tBHBvVvDjhqoM9aUx/m73KDqcAdAM6QUaMnySZQngGtY4r+duJvD2hh4RxnhR5r
	 oySxwZZ8wtGa10gPkzbDIrWI/PkIVqCl9ezc9m/Ad+3jZyIa9J3k+iBJdcm3o6LWCx
	 XWPN2ap3RNaS3cZJIUNWEQC+JA2A6lhAlrLPMVBM=
From: "ricbal02 at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug target/114837] New: [11/12/13/14] Fix to security weaknesses in
 PCS for CMSE
Date: Wed, 24 Apr 2024 15:40:05 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: target
X-Bugzilla-Version: 14.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: ricbal02 at gcc dot gnu.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter target_milestone
Message-ID: <bug-114837-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D114837

            Bug ID: 114837
           Summary: [11/12/13/14] Fix to security weaknesses in PCS for
                    CMSE
           Product: gcc
           Version: 14.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: target
          Assignee: unassigned at gcc dot gnu.org
          Reporter: ricbal02 at gcc dot gnu.org
  Target Milestone: ---

Security weaknesses exist in PCS for CMSE. To resolve this a patch will be
upstreamed and backported which will:

1) When calling a secure function from non-secure code then any arguments
   smaller than 32-bits that are passed in registers are zero- or
sign-extended.
2) After a non-secure function returns into secure code then any return val=
ue
   smaller than 32-bits that is passed in a register is  zero- or
sign-extended.

This patch will fix the following: CVE-2024-0151.=