From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 858A9C47404 for ; Wed, 9 Oct 2019 08:07:13 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 41C9F206B6 for ; Wed, 9 Oct 2019 08:07:13 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="ei2qAdc4"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="A66ycLRY" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 41C9F206B6 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:In-Reply-To: Date:From:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:References: List-Owner; bh=fiNWAZ9LVBLiB235efPUfbPAr5bHIk+OLFUxBr9nOlI=; b=ei2qAdc4FuwHnX XyUaclfmM0cGVPdLEa26y2bfaVjgiqf66CIebBrmNp4pd1V7QWLxWDzztjFDlykvXIkO5h1zJD9uZ 81gGj9LVvRfKPyt+ruNGwz6ufRJJyn5IUCgA8pjf0UfsXaLCRmmyHaSpWhAJFvDF21I/A5woV2kVl kzTwcGPU9l4Hg09GOqDb/EY9zdrD6BmTqWwQZwgWSXlDUzjLGzDllQ06RR6wbsDqwEclYPejb7G/r K09rWgxwa150YKH0gQlqCVkleXo9eL0YJmzF8wHreJbvF7Kff76fnVUgcyBU0dXfu4cZZNKvfkmjj KiFV1H/7LFdRKB/Q3uTg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.2 #3 (Red Hat Linux)) id 1iI703-0007RI-SW; Wed, 09 Oct 2019 08:07:11 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.92.2 #3 (Red Hat Linux)) id 1iI6xY-00042g-V1 for linux-arm-kernel@lists.infradead.org; Wed, 09 Oct 2019 08:04:40 +0000 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1E21F206C0; Wed, 9 Oct 2019 08:04:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570608275; bh=R4Zy2Y8PeNpKXH/kJFxsnrjSfVSFK8eO/1A2Cije6dA=; h=Subject:To:Cc:From:Date:In-Reply-To:From; b=A66ycLRYzpXR4UucwzeI0+0Q6bXiOrmY4lifBKG4zqcxPoQtCIEiumZp2r4eOs6bM qatEDyu7oFXX0d4qHxyXPj1sP1g4R+B8db73BF8C0Dj5zj9cl9ZqSmeA/W8Zazbq5d W/Av9NQ3JQIXdQsydVrd193Di9Huf710+IbW31GU= Subject: Patch "arm64: Force SSBS on context switch" has been added to the 4.19-stable tree To: ard.biesheuvel@linaro.org, gregkh@linuxfoundation.org, linux-arm-kernel@lists.infradead.org, marc.zyngier@arm.com, will@kernel.org From: Date: Wed, 09 Oct 2019 10:04:02 +0200 In-Reply-To: <20191008153930.15386-17-ard.biesheuvel@linaro.org> Message-ID: <1570608242191132@kroah.com> MIME-Version: 1.0 X-stable: commit X-Patchwork-Hint: ignore X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191009_010437_112273_4B949B7C X-CRM114-Status: GOOD ( 15.09 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: stable-commits@vger.kernel.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org This is a note to let you know that I've just added the patch titled arm64: Force SSBS on context switch to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: arm64-force-ssbs-on-context-switch.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed 09 Oct 2019 10:02:12 AM CEST From: Ard Biesheuvel Date: Tue, 8 Oct 2019 17:39:30 +0200 Subject: arm64: Force SSBS on context switch To: linux-arm-kernel@lists.infradead.org Cc: stable@vger.kernel.org, Marc Zyngier , Will Deacon , Ard Biesheuvel Message-ID: <20191008153930.15386-17-ard.biesheuvel@linaro.org> From: Marc Zyngier [ Upstream commit cbdf8a189a66001c36007bf0f5c975d0376c5c3a ] On a CPU that doesn't support SSBS, PSTATE[12] is RES0. In a system where only some of the CPUs implement SSBS, we end-up losing track of the SSBS bit across task migration. To address this issue, let's force the SSBS bit on context switch. Fixes: 8f04e8e6e29c ("arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3") Signed-off-by: Marc Zyngier [will: inverted logic and added comments] Signed-off-by: Will Deacon Signed-off-by: Ard Biesheuvel Signed-off-by: Greg Kroah-Hartman --- arch/arm64/include/asm/processor.h | 14 ++++++++++++-- arch/arm64/kernel/process.c | 29 ++++++++++++++++++++++++++++- 2 files changed, 40 insertions(+), 3 deletions(-) --- a/arch/arm64/include/asm/processor.h +++ b/arch/arm64/include/asm/processor.h @@ -177,6 +177,16 @@ static inline void start_thread_common(s regs->pc = pc; } +static inline void set_ssbs_bit(struct pt_regs *regs) +{ + regs->pstate |= PSR_SSBS_BIT; +} + +static inline void set_compat_ssbs_bit(struct pt_regs *regs) +{ + regs->pstate |= PSR_AA32_SSBS_BIT; +} + static inline void start_thread(struct pt_regs *regs, unsigned long pc, unsigned long sp) { @@ -184,7 +194,7 @@ static inline void start_thread(struct p regs->pstate = PSR_MODE_EL0t; if (arm64_get_ssbd_state() != ARM64_SSBD_FORCE_ENABLE) - regs->pstate |= PSR_SSBS_BIT; + set_ssbs_bit(regs); regs->sp = sp; } @@ -203,7 +213,7 @@ static inline void compat_start_thread(s #endif if (arm64_get_ssbd_state() != ARM64_SSBD_FORCE_ENABLE) - regs->pstate |= PSR_AA32_SSBS_BIT; + set_compat_ssbs_bit(regs); regs->compat_sp = sp; } --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -360,7 +360,7 @@ int copy_thread(unsigned long clone_flag childregs->pstate |= PSR_UAO_BIT; if (arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE) - childregs->pstate |= PSR_SSBS_BIT; + set_ssbs_bit(childregs); p->thread.cpu_context.x19 = stack_start; p->thread.cpu_context.x20 = stk_sz; @@ -402,6 +402,32 @@ void uao_thread_switch(struct task_struc } /* + * Force SSBS state on context-switch, since it may be lost after migrating + * from a CPU which treats the bit as RES0 in a heterogeneous system. + */ +static void ssbs_thread_switch(struct task_struct *next) +{ + struct pt_regs *regs = task_pt_regs(next); + + /* + * Nothing to do for kernel threads, but 'regs' may be junk + * (e.g. idle task) so check the flags and bail early. + */ + if (unlikely(next->flags & PF_KTHREAD)) + return; + + /* If the mitigation is enabled, then we leave SSBS clear. */ + if ((arm64_get_ssbd_state() == ARM64_SSBD_FORCE_ENABLE) || + test_tsk_thread_flag(next, TIF_SSBD)) + return; + + if (compat_user_mode(regs)) + set_compat_ssbs_bit(regs); + else if (user_mode(regs)) + set_ssbs_bit(regs); +} + +/* * We store our current task in sp_el0, which is clobbered by userspace. Keep a * shadow copy so that we can restore this upon entry from userspace. * @@ -429,6 +455,7 @@ __notrace_funcgraph struct task_struct * contextidr_thread_switch(next); entry_task_switch(next); uao_thread_switch(next); + ssbs_thread_switch(next); /* * Complete any pending TLB or cache maintenance on this CPU in case Patches currently in stable-queue which might be from ard.biesheuvel@linaro.org are queue-4.19/arm64-add-sysfs-vulnerability-show-for-meltdown.patch queue-4.19/arm64-force-ssbs-on-context-switch.patch queue-4.19/arm64-enable-generic-cpu-vulnerabilites-support.patch queue-4.19/arm64-provide-a-command-line-to-disable-spectre_v2-mitigation.patch queue-4.19/arm64-always-enable-spectre-v2-vulnerability-detection.patch queue-4.19/arm64-docs-document-ssbs-hwcap.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v1.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-speculative-store-bypass.patch queue-4.19/kvm-arm64-set-sctlr_el2.dssbs-if-ssbd-is-forcefully-disabled-and-vhe.patch queue-4.19/arm64-always-enable-ssb-vulnerability-detection.patch queue-4.19/arm64-advertise-mitigation-of-spectre-v2-or-lack-thereof.patch queue-4.19/arm64-ssbs-don-t-treat-cpus-with-ssbs-as-unaffected-by-ssb.patch queue-4.19/crypto-skcipher-unmap-pages-after-an-external-error.patch queue-4.19/arm64-cpufeature-detect-ssbs-and-advertise-to-userspace.patch queue-4.19/arm64-ssbd-add-support-for-pstate.ssbs-rather-than-trapping-to-el3.patch queue-4.19/arm64-fix-ssbs-sanitization.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v2.patch _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel