From: alex.shi@linaro.org (Alex Shi)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH 45/52] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
Date: Mon, 26 Feb 2018 16:20:19 +0800 [thread overview]
Message-ID: <1519633227-29832-46-git-send-email-alex.shi@linaro.org> (raw)
In-Reply-To: <1519633227-29832-1-git-send-email-alex.shi@linaro.org>
From: Marc Zyngier <marc.zyngier@arm.com>
commit 3a0a397ff5ff upstream.
Now that we've standardised on SMCCC v1.1 to perform the branch
prediction invalidation, let's drop the previous band-aid.
If vendors haven't updated their firmware to do SMCCC 1.1, they
haven't updated PSCI either, so we don't loose anything.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Alex Shi <alex.shi@linaro.org>
Conflicts:
no falkor/thunderx2/vulcan in arch/arm64/kernel/cpu_errata.c
---
arch/arm64/kernel/bpi.S | 24 ------------------------
arch/arm64/kernel/cpu_errata.c | 41 +++++++++++------------------------------
arch/arm64/kvm/hyp/switch.c | 14 --------------
3 files changed, 11 insertions(+), 68 deletions(-)
diff --git a/arch/arm64/kernel/bpi.S b/arch/arm64/kernel/bpi.S
index c72f261..dc4eb15 100644
--- a/arch/arm64/kernel/bpi.S
+++ b/arch/arm64/kernel/bpi.S
@@ -54,30 +54,6 @@ ENTRY(__bp_harden_hyp_vecs_start)
vectors __kvm_hyp_vector
.endr
ENTRY(__bp_harden_hyp_vecs_end)
-ENTRY(__psci_hyp_bp_inval_start)
- sub sp, sp, #(8 * 18)
- stp x16, x17, [sp, #(16 * 0)]
- stp x14, x15, [sp, #(16 * 1)]
- stp x12, x13, [sp, #(16 * 2)]
- stp x10, x11, [sp, #(16 * 3)]
- stp x8, x9, [sp, #(16 * 4)]
- stp x6, x7, [sp, #(16 * 5)]
- stp x4, x5, [sp, #(16 * 6)]
- stp x2, x3, [sp, #(16 * 7)]
- stp x0, x1, [sp, #(16 * 8)]
- mov x0, #0x84000000
- smc #0
- ldp x16, x17, [sp, #(16 * 0)]
- ldp x14, x15, [sp, #(16 * 1)]
- ldp x12, x13, [sp, #(16 * 2)]
- ldp x10, x11, [sp, #(16 * 3)]
- ldp x8, x9, [sp, #(16 * 4)]
- ldp x6, x7, [sp, #(16 * 5)]
- ldp x4, x5, [sp, #(16 * 6)]
- ldp x2, x3, [sp, #(16 * 7)]
- ldp x0, x1, [sp, #(16 * 8)]
- add sp, sp, #(8 * 18)
-ENTRY(__psci_hyp_bp_inval_end)
.macro smccc_workaround_1 inst
sub sp, sp, #(8 * 4)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 9632319..8b74f80 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -53,7 +53,6 @@ static int cpu_enable_trap_ctr_access(void *__unused)
DEFINE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);
#ifdef CONFIG_KVM
-extern char __psci_hyp_bp_inval_start[], __psci_hyp_bp_inval_end[];
extern char __smccc_workaround_1_smc_start[];
extern char __smccc_workaround_1_smc_end[];
extern char __smccc_workaround_1_hvc_start[];
@@ -100,8 +99,6 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn,
spin_unlock(&bp_lock);
}
#else
-#define __psci_hyp_bp_inval_start NULL
-#define __psci_hyp_bp_inval_end NULL
#define __smccc_workaround_1_smc_start NULL
#define __smccc_workaround_1_smc_end NULL
#define __smccc_workaround_1_hvc_start NULL
@@ -146,24 +143,25 @@ static void call_hvc_arch_workaround_1(void)
arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
}
-static bool check_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry)
+static int enable_smccc_arch_workaround_1(void *data)
{
+ const struct arm64_cpu_capabilities *entry = data;
bp_hardening_cb_t cb;
void *smccc_start, *smccc_end;
struct arm_smccc_res res;
if (!entry->matches(entry, SCOPE_LOCAL_CPU))
- return false;
+ return 0;
if (psci_ops.smccc_version == SMCCC_VERSION_1_0)
- return false;
+ return 0;
switch (psci_ops.conduit) {
case PSCI_CONDUIT_HVC:
arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if (res.a0)
- return false;
+ return 0;
cb = call_hvc_arch_workaround_1;
smccc_start = __smccc_workaround_1_hvc_start;
smccc_end = __smccc_workaround_1_hvc_end;
@@ -173,35 +171,18 @@ static bool check_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *e
arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if (res.a0)
- return false;
+ return 0;
cb = call_smc_arch_workaround_1;
smccc_start = __smccc_workaround_1_smc_start;
smccc_end = __smccc_workaround_1_smc_end;
break;
default:
- return false;
+ return 0;
}
install_bp_hardening_cb(entry, cb, smccc_start, smccc_end);
- return true;
-}
-
-static int enable_psci_bp_hardening(void *data)
-{
- const struct arm64_cpu_capabilities *entry = data;
-
- if (psci_ops.get_version) {
- if (check_smccc_arch_workaround_1(entry))
- return 0;
-
- install_bp_hardening_cb(entry,
- (bp_hardening_cb_t)psci_ops.get_version,
- __psci_hyp_bp_inval_start,
- __psci_hyp_bp_inval_end);
- }
-
return 0;
}
#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */
@@ -301,22 +282,22 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
#endif
{
diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c
index 996328e..154b471 100644
--- a/arch/arm64/kvm/hyp/switch.c
+++ b/arch/arm64/kvm/hyp/switch.c
@@ -311,20 +311,6 @@ int __hyp_text __kvm_vcpu_run(struct kvm_vcpu *vcpu)
if (exit_code == ARM_EXCEPTION_TRAP && !__populate_fault_info(vcpu))
goto again;
- if (exit_code == ARM_EXCEPTION_TRAP &&
- (kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_HVC64 ||
- kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_HVC32)) {
- u32 val = vcpu_get_reg(vcpu, 0);
-
- if (val == PSCI_0_2_FN_PSCI_VERSION) {
- val = kvm_psci_version(vcpu, kern_hyp_va(vcpu->kvm));
- if (unlikely(val == KVM_ARM_PSCI_0_1))
- val = PSCI_RET_NOT_SUPPORTED;
- vcpu_set_reg(vcpu, 0, val);
- goto again;
- }
- }
-
if (static_branch_unlikely(&vgic_v2_cpuif_trap) &&
exit_code == ARM_EXCEPTION_TRAP) {
bool valid;
--
2.7.4
next prev parent reply other threads:[~2018-02-26 8:20 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1519633227-29832-1-git-send-email-alex.shi@linaro.org>
2018-02-26 8:19 ` [PATCH 02/52] arm64: alternatives: apply boot time fixups via the linear mapping Alex Shi
2018-02-26 8:19 ` [PATCH 03/52] arm64: barrier: Add CSDB macros to control data-value prediction Alex Shi
2018-02-26 8:19 ` [PATCH 04/52] arm64: Implement array_index_mask_nospec() Alex Shi
2018-02-26 8:19 ` [PATCH 05/52] arm64: move TASK_* definitions to <asm/processor.h> Alex Shi
2018-02-26 8:19 ` [PATCH 06/52] arm64: Factor out PAN enabling/disabling into separate uaccess_* macros Alex Shi
2018-02-26 8:19 ` [PATCH 07/52] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro Alex Shi
2018-02-26 8:19 ` [PATCH 08/52] arm64: uaccess: consistently check object sizes Alex Shi
2018-02-26 8:19 ` [PATCH 09/52] arm64: Make USER_DS an inclusive limit Alex Shi
2018-02-26 8:19 ` [PATCH 10/52] arm64: Use pointer masking to limit uaccess speculation Alex Shi
2018-02-26 8:19 ` [PATCH 11/52] arm64: syscallno is secretly an int, make it official Alex Shi
2018-02-26 8:19 ` [PATCH 12/52] arm64: entry: Ensure branch through syscall table is bounded under speculation Alex Shi
2018-02-26 8:19 ` [PATCH 13/52] arm64: uaccess: Prevent speculative use of the current addr_limit Alex Shi
2018-02-26 8:19 ` [PATCH 14/52] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user Alex Shi
2018-02-26 8:19 ` [PATCH 15/52] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user Alex Shi
2018-02-26 8:19 ` [PATCH 16/52] arm64: futex: Mask __user pointers prior to dereference Alex Shi
2018-02-26 8:19 ` [PATCH 17/52] drivers/firmware: Expose psci_get_version through psci_ops structure Alex Shi
2018-02-26 8:19 ` [PATCH 18/52] arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early Alex Shi
2018-02-26 8:19 ` [PATCH 19/52] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core Alex Shi
2018-02-26 8:19 ` [PATCH 20/52] arm64: Run enable method for errata work arounds on late CPUs Alex Shi
2018-02-26 8:19 ` [PATCH 21/52] arm64: cpufeature: Pass capability structure to ->enable callback Alex Shi
2018-02-26 8:19 ` [PATCH 22/52] arm64: Move post_ttbr_update_workaround to C code Alex Shi
2018-02-26 8:19 ` [PATCH 23/52] arm64: Add skeleton to harden the branch predictor against aliasing attacks Alex Shi
2018-02-26 8:19 ` [PATCH 24/52] arm64: Move BP hardening to check_and_switch_context Alex Shi
2018-02-26 8:19 ` [PATCH 25/52] arm64: KVM: Use per-CPU vector when BP hardening is enabled Alex Shi
2018-02-26 8:20 ` [PATCH 26/52] arm64: entry: Apply BP hardening for high-priority synchronous exceptions Alex Shi
2018-02-26 8:20 ` [PATCH 27/52] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 Alex Shi
2018-02-26 8:20 ` [PATCH 28/52] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 Alex Shi
2018-02-26 8:20 ` [PATCH 29/52] arm64: Implement branch predictor hardening for affected Cortex-A CPUs Alex Shi
2018-02-26 8:20 ` [PATCH 30/52] arm64: KVM: Increment PC after handling an SMC trap Alex Shi
2018-02-26 8:20 ` [PATCH 31/52] arm/arm64: KVM: Consolidate the PSCI include files Alex Shi
2018-02-26 8:20 ` [PATCH 32/52] arm/arm64: KVM: Add PSCI_VERSION helper Alex Shi
2018-02-26 8:20 ` [PATCH 33/52] arm/arm64: KVM: Add smccc accessors to PSCI code Alex Shi
2018-02-26 8:20 ` [PATCH 34/52] arm/arm64: KVM: Implement PSCI 1.0 support Alex Shi
2018-02-26 8:20 ` [PATCH 35/52] arm/arm64: KVM: Advertise SMCCC v1.1 Alex Shi
2018-02-26 8:20 ` [PATCH 36/52] arm64: KVM: Make PSCI_VERSION a fast path Alex Shi
2018-02-26 8:20 ` [PATCH 37/52] arm/arm64: KVM: Turn kvm_psci_version into a static inline Alex Shi
2018-02-26 8:20 ` [PATCH 38/52] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Alex Shi
2018-02-26 8:20 ` [PATCH 39/52] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling Alex Shi
2018-02-26 8:20 ` [PATCH 40/52] firmware/psci: Expose PSCI conduit Alex Shi
2018-02-26 8:20 ` [PATCH 41/52] firmware/psci: Expose SMCCC version through psci_ops Alex Shi
2018-02-26 8:20 ` [PATCH 44/52] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support Alex Shi
2018-02-26 8:20 ` Alex Shi [this message]
2018-02-26 8:20 ` [PATCH 46/52] arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 Alex Shi
2018-02-26 10:05 ` Greg KH
2018-02-26 10:40 ` Alex Shi
2018-02-26 10:45 ` Will Deacon
2018-02-28 4:10 ` Alex Shi
2018-02-26 8:20 ` [PATCH 47/52] arm: Invalidate BTB on prefetch abort outside of user mapping on Cortex A8, A9, " Alex Shi
2018-02-26 8:20 ` [PATCH 48/52] arm: KVM: Invalidate BTB on guest exit for Cortex-A12/A17 Alex Shi
2018-02-26 8:20 ` [PATCH 49/52] arm: Add icache invalidation on switch_mm for Cortex-A15 Alex Shi
2018-02-26 8:20 ` [PATCH 50/52] arm: Invalidate icache on prefetch abort outside of user mapping on Cortex-A15 Alex Shi
2018-02-26 8:20 ` [PATCH 51/52] arm: KVM: Invalidate icache on guest exit for Cortex-A15 Alex Shi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1519633227-29832-46-git-send-email-alex.shi@linaro.org \
--to=alex.shi@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).