From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E014C47404 for ; Wed, 9 Oct 2019 08:05:38 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EED2F206B6 for ; Wed, 9 Oct 2019 08:05:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="pxVMCBno"; dkim=fail reason="signature verification failed" (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="mMgqtLgk" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EED2F206B6 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:In-Reply-To: Date:From:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:References: List-Owner; bh=wpP3WadFwpnVM39krslchnZKdbl3RV3NG78McngCmtg=; b=pxVMCBnoaJat4Y nV6V4VDPa34iePzJNSHLmKyfB2UXOTryZgUpzrfikKVnIKGWzEdxh5JsQoIwk5ZLS2Iez8o6epPYc eIC786GWQz679j3AoiS+cAfNAyUJDgiVBPPttVzWqRDeXKPJVTz9tYeWzhHXJsE2pNatDTqutgQfB 8stJ+PQqJg2oXPzsdvO2CzfFkFBhWkOz9ZBuzsUrl5T8NK+jnMmzwe2NRVvySGGnnV3cH8VNYiQ2B x+8FJ8yj8j5uJRp1IfV4URIPWw5F9NId+VWDm+qkuyAiG8JKlMNAxbBBn6B5DHaAJIaCHXW+d91wf DtPcFhD3PB27Eu4bZxuA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.2 #3 (Red Hat Linux)) id 1iI6yQ-0005qd-0s; Wed, 09 Oct 2019 08:05:30 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.92.2 #3 (Red Hat Linux)) id 1iI6xI-0003pG-Oa for linux-arm-kernel@lists.infradead.org; Wed, 09 Oct 2019 08:04:22 +0000 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 608B2206C0; Wed, 9 Oct 2019 08:04:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570608259; bh=aFrWszwHOjyXBn/NkteD4Eke26RRpXCIU5m8xovx0cc=; h=Subject:To:Cc:From:Date:In-Reply-To:From; b=mMgqtLgkPwcd5KRf5r9U3P9pKeN1HSCFIcboXNgWEWtaXjLvnjxJTF4Lz/77Mbc+q 7k+EpJ9F3D1ZXaHLMBK0GgLu9ORsJzhGVwnZ+3puMcOlsAWjJbdxZBL2H9TRguTrco NuuRt6snm45eRodDK7DNKPuQcqhH9mLqaPFDnMNo= Subject: Patch "arm64: Always enable spectre-v2 vulnerability detection" has been added to the 4.19-stable tree To: andre.przywara@arm.com, ard.biesheuvel@linaro.org, catalin.marinas@arm.com, gregkh@linuxfoundation.org, jeremy.linton@arm.com, linux-arm-kernel@lists.infradead.org, stefan.wahren@i2se.com, will.deacon@arm.com From: Date: Wed, 09 Oct 2019 10:04:02 +0200 In-Reply-To: <20191008153930.15386-13-ard.biesheuvel@linaro.org> Message-ID: <157060824287@kroah.com> MIME-Version: 1.0 X-stable: commit X-Patchwork-Hint: ignore X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191009_010420_904452_3B012BC1 X-CRM114-Status: GOOD ( 13.26 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: stable-commits@vger.kernel.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org This is a note to let you know that I've just added the patch titled arm64: Always enable spectre-v2 vulnerability detection to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: arm64-always-enable-spectre-v2-vulnerability-detection.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed 09 Oct 2019 10:02:11 AM CEST From: Ard Biesheuvel Date: Tue, 8 Oct 2019 17:39:26 +0200 Subject: arm64: Always enable spectre-v2 vulnerability detection To: linux-arm-kernel@lists.infradead.org Cc: stable@vger.kernel.org, Jeremy Linton , Andre Przywara , Catalin Marinas , Stefan Wahren , Will Deacon , Ard Biesheuvel Message-ID: <20191008153930.15386-13-ard.biesheuvel@linaro.org> From: Jeremy Linton [ Upstream commit 8c1e3d2bb44cbb998cb28ff9a18f105fee7f1eb3 ] Ensure we are always able to detect whether or not the CPU is affected by Spectre-v2, so that we can later advertise this to userspace. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren Signed-off-by: Will Deacon Signed-off-by: Ard Biesheuvel Signed-off-by: Greg Kroah-Hartman --- arch/arm64/kernel/cpu_errata.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -87,7 +87,6 @@ cpu_enable_trap_ctr_access(const struct atomic_t arm64_el2_vector_last_slot = ATOMIC_INIT(-1); -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR #include #include @@ -225,11 +224,11 @@ static int detect_harden_bp_fw(void) ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) cb = qcom_link_stack_sanitization; - install_bp_hardening_cb(cb, smccc_start, smccc_end); + if (IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) + install_bp_hardening_cb(cb, smccc_start, smccc_end); return 1; } -#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); @@ -513,7 +512,6 @@ multi_entry_cap_cpu_enable(const struct caps->cpu_enable(caps); } -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR /* * List of CPUs that do not need any Spectre-v2 mitigation at all. */ @@ -545,6 +543,12 @@ check_branch_predictor(const struct arm6 if (!need_wa) return false; + if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { + pr_warn_once("spectrev2 mitigation disabled by kernel configuration\n"); + __hardenbp_enab = false; + return false; + } + /* forced off */ if (__nospectre_v2) { pr_info_once("spectrev2 mitigation disabled by command line option\n"); @@ -556,7 +560,6 @@ check_branch_predictor(const struct arm6 return (need_wa > 0); } -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS @@ -715,13 +718,11 @@ const struct arm64_cpu_capabilities arm6 ERRATA_MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), }, #endif -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR { .capability = ARM64_HARDEN_BRANCH_PREDICTOR, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = check_branch_predictor, }, -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS { .desc = "EL2 vector hardening", Patches currently in stable-queue which might be from ard.biesheuvel@linaro.org are queue-4.19/arm64-add-sysfs-vulnerability-show-for-meltdown.patch queue-4.19/arm64-force-ssbs-on-context-switch.patch queue-4.19/arm64-enable-generic-cpu-vulnerabilites-support.patch queue-4.19/arm64-provide-a-command-line-to-disable-spectre_v2-mitigation.patch queue-4.19/arm64-always-enable-spectre-v2-vulnerability-detection.patch queue-4.19/arm64-docs-document-ssbs-hwcap.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v1.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-speculative-store-bypass.patch queue-4.19/kvm-arm64-set-sctlr_el2.dssbs-if-ssbd-is-forcefully-disabled-and-vhe.patch queue-4.19/arm64-always-enable-ssb-vulnerability-detection.patch queue-4.19/arm64-advertise-mitigation-of-spectre-v2-or-lack-thereof.patch queue-4.19/arm64-ssbs-don-t-treat-cpus-with-ssbs-as-unaffected-by-ssb.patch queue-4.19/crypto-skcipher-unmap-pages-after-an-external-error.patch queue-4.19/arm64-cpufeature-detect-ssbs-and-advertise-to-userspace.patch queue-4.19/arm64-ssbd-add-support-for-pstate.ssbs-rather-than-trapping-to-el3.patch queue-4.19/arm64-fix-ssbs-sanitization.patch queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v2.patch _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel