From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
"Russell King (Oracle)" <rmk+kernel@armlinux.org.uk>,
Catalin Marinas <catalin.marinas@arm.com>,
James Morse <james.morse@arm.com>
Subject: [PATCH 4.14 16/27] arm64: entry: Make the kpti trampolines kpti sequence optional
Date: Fri, 1 Apr 2022 08:36:26 +0200 [thread overview]
Message-ID: <20220401063624.693165633@linuxfoundation.org> (raw)
In-Reply-To: <20220401063624.232282121@linuxfoundation.org>
From: James Morse <james.morse@arm.com>
commit c47e4d04ba0f1ea17353d85d45f611277507e07a upstream.
Spectre-BHB needs to add sequences to the vectors. Having one global
set of vectors is a problem for big/little systems where the sequence
is costly on cpus that are not vulnerable.
Making the vectors per-cpu in the style of KVM's bh_harden_hyp_vecs
requires the vectors to be generated by macros.
Make the kpti re-mapping of the kernel optional, so the macros can be
used without kpti.
Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/kernel/entry.S | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -1022,9 +1022,10 @@ alternative_else_nop_endif
sub \dst, \dst, PAGE_SIZE
.endm
- .macro tramp_ventry, vector_start, regsize
+ .macro tramp_ventry, vector_start, regsize, kpti
.align 7
1:
+ .if \kpti == 1
.if \regsize == 64
msr tpidrro_el0, x30 // Restored in kernel_ventry
.endif
@@ -1046,8 +1047,12 @@ alternative_insn isb, nop, ARM64_WORKARO
#endif
prfm plil1strm, [x30, #(1b - \vector_start)]
msr vbar_el1, x30
- add x30, x30, #(1b - \vector_start + 4)
isb
+ .else
+ ldr x30, =vectors
+ .endif // \kpti == 1
+
+ add x30, x30, #(1b - \vector_start + 4)
ret
.org 1b + 128 // Did we overflow the ventry slot?
.endm
@@ -1064,15 +1069,15 @@ alternative_insn isb, nop, ARM64_WORKARO
eret
.endm
- .macro generate_tramp_vector
+ .macro generate_tramp_vector, kpti
.Lvector_start\@:
.space 0x400
.rept 4
- tramp_ventry .Lvector_start\@, 64
+ tramp_ventry .Lvector_start\@, 64, \kpti
.endr
.rept 4
- tramp_ventry .Lvector_start\@, 32
+ tramp_ventry .Lvector_start\@, 32, \kpti
.endr
.endm
@@ -1083,7 +1088,7 @@ alternative_insn isb, nop, ARM64_WORKARO
.pushsection ".entry.tramp.text", "ax"
.align 11
ENTRY(tramp_vectors)
- generate_tramp_vector
+ generate_tramp_vector kpti=1
END(tramp_vectors)
ENTRY(tramp_exit_native)
next prev parent reply other threads:[~2022-04-01 6:37 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-01 6:36 [PATCH 4.14 00/27] 4.14.275-rc1 review Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 01/27] arm64: arch_timer: Add workaround for ARM erratum 1188873 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 02/27] arm64: arch_timer: avoid unused function warning Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 03/27] arm64: Add silicon-errata.txt entry for ARM erratum 1188873 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 04/27] arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 05/27] arm64: Add part number for Neoverse N1 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 06/27] arm64: Add part number for Arm Cortex-A77 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 07/27] arm64: Add Neoverse-N2, Cortex-A710 CPU part definition Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 08/27] arm64: Add Cortex-X2 " Greg Kroah-Hartman
2022-04-01 6:36 ` Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 09/27] arm64: entry.S: Add ventry overflow sanity checks Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 10/27] arm64: entry: Make the trampoline cleanup optional Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 11/27] arm64: entry: Free up another register on kptis tramp_exit path Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 12/27] arm64: entry: Move the trampoline data page before the text page Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 13/27] arm64: entry: Allow tramp_alias to access symbols after the 4K boundary Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 14/27] arm64: entry: Dont assume tramp_vectors is the start of the vectors Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 15/27] arm64: entry: Move trampoline macros out of ifdefd section Greg Kroah-Hartman
2022-04-01 6:36 ` Greg Kroah-Hartman [this message]
2022-04-01 6:36 ` [PATCH 4.14 17/27] arm64: entry: Allow the trampoline text to occupy multiple pages Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 18/27] arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 19/27] arm64: entry: Add vectors that have the bhb mitigation sequences Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 20/27] arm64: entry: Add macro for reading symbol addresses from the trampoline Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 21/27] arm64: Add percpu vectors for EL1 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 22/27] arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 23/27] KVM: arm64: Add templates for BHB mitigation sequences Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 24/27] arm64: Mitigate spectre style branch history side channels Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 25/27] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 26/27] arm64: add ID_AA64ISAR2_EL1 sys register Greg Kroah-Hartman
2022-04-01 6:36 ` [PATCH 4.14 27/27] arm64: Use the clearbhb instruction in mitigations Greg Kroah-Hartman
2022-04-01 10:43 ` [PATCH 4.14 00/27] 4.14.275-rc1 review Guenter Roeck
2022-04-01 18:26 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220401063624.693165633@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rmk+kernel@armlinux.org.uk \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.