From: <gregkh@linuxfoundation.org>
To: ard.biesheuvel@linaro.org, catalin.marinas@arm.com,
christoffer.dall@arm.com, gregkh@linuxfoundation.org,
linux-arm-kernel@lists.infradead.org, will.deacon@arm.com
Cc: stable-commits@vger.kernel.org
Subject: Patch "KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe" has been added to the 4.19-stable tree
Date: Wed, 09 Oct 2019 10:04:02 +0200 [thread overview]
Message-ID: <157060824297191@kroah.com> (raw)
In-Reply-To: <20191008153930.15386-4-ard.biesheuvel@linaro.org>
This is a note to let you know that I've just added the patch titled
KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
kvm-arm64-set-sctlr_el2.dssbs-if-ssbd-is-forcefully-disabled-and-vhe.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
From foo@baz Wed 09 Oct 2019 10:02:11 AM CEST
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Tue, 8 Oct 2019 17:39:17 +0200
Subject: KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
To: linux-arm-kernel@lists.infradead.org
Cc: stable@vger.kernel.org, Will Deacon <will.deacon@arm.com>, Christoffer Dall <christoffer.dall@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>
Message-ID: <20191008153930.15386-4-ard.biesheuvel@linaro.org>
From: Will Deacon <will.deacon@arm.com>
[ Upstream commit 7c36447ae5a090729e7b129f24705bb231a07e0b ]
When running without VHE, it is necessary to set SCTLR_EL2.DSSBS if SSBD
has been forcefully disabled on the kernel command-line.
Acked-by: Christoffer Dall <christoffer.dall@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/include/asm/kvm_host.h | 11 +++++++++++
arch/arm64/kvm/hyp/sysreg-sr.c | 11 +++++++++++
2 files changed, 22 insertions(+)
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -398,6 +398,8 @@ struct kvm_vcpu *kvm_mpidr_to_vcpu(struc
DECLARE_PER_CPU(kvm_cpu_context_t, kvm_host_cpu_state);
+void __kvm_enable_ssbs(void);
+
static inline void __cpu_init_hyp_mode(phys_addr_t pgd_ptr,
unsigned long hyp_stack_ptr,
unsigned long vector_ptr)
@@ -418,6 +420,15 @@ static inline void __cpu_init_hyp_mode(p
*/
BUG_ON(!static_branch_likely(&arm64_const_caps_ready));
__kvm_call_hyp((void *)pgd_ptr, hyp_stack_ptr, vector_ptr, tpidr_el2);
+
+ /*
+ * Disabling SSBD on a non-VHE system requires us to enable SSBS
+ * at EL2.
+ */
+ if (!has_vhe() && this_cpu_has_cap(ARM64_SSBS) &&
+ arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE) {
+ kvm_call_hyp(__kvm_enable_ssbs);
+ }
}
static inline bool kvm_arch_check_sve_has_vhe(void)
--- a/arch/arm64/kvm/hyp/sysreg-sr.c
+++ b/arch/arm64/kvm/hyp/sysreg-sr.c
@@ -293,3 +293,14 @@ void kvm_vcpu_put_sysregs(struct kvm_vcp
vcpu->arch.sysregs_loaded_on_cpu = false;
}
+
+void __hyp_text __kvm_enable_ssbs(void)
+{
+ u64 tmp;
+
+ asm volatile(
+ "mrs %0, sctlr_el2\n"
+ "orr %0, %0, %1\n"
+ "msr sctlr_el2, %0"
+ : "=&r" (tmp) : "L" (SCTLR_ELx_DSSBS));
+}
Patches currently in stable-queue which might be from ard.biesheuvel@linaro.org are
queue-4.19/arm64-add-sysfs-vulnerability-show-for-meltdown.patch
queue-4.19/arm64-force-ssbs-on-context-switch.patch
queue-4.19/arm64-enable-generic-cpu-vulnerabilites-support.patch
queue-4.19/arm64-provide-a-command-line-to-disable-spectre_v2-mitigation.patch
queue-4.19/arm64-always-enable-spectre-v2-vulnerability-detection.patch
queue-4.19/arm64-docs-document-ssbs-hwcap.patch
queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v1.patch
queue-4.19/arm64-add-sysfs-vulnerability-show-for-speculative-store-bypass.patch
queue-4.19/kvm-arm64-set-sctlr_el2.dssbs-if-ssbd-is-forcefully-disabled-and-vhe.patch
queue-4.19/arm64-always-enable-ssb-vulnerability-detection.patch
queue-4.19/arm64-advertise-mitigation-of-spectre-v2-or-lack-thereof.patch
queue-4.19/arm64-ssbs-don-t-treat-cpus-with-ssbs-as-unaffected-by-ssb.patch
queue-4.19/crypto-skcipher-unmap-pages-after-an-external-error.patch
queue-4.19/arm64-cpufeature-detect-ssbs-and-advertise-to-userspace.patch
queue-4.19/arm64-ssbd-add-support-for-pstate.ssbs-rather-than-trapping-to-el3.patch
queue-4.19/arm64-fix-ssbs-sanitization.patch
queue-4.19/arm64-add-sysfs-vulnerability-show-for-spectre-v2.patch
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-10-09 8:05 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-08 15:39 [PATCH for-stable-v4.19 00/16] arm64 spec mitigation backports Ard Biesheuvel
2019-10-08 15:39 ` [PATCH for-stable-v4.19 01/16] arm64: cpufeature: Detect SSBS and advertise to userspace Ard Biesheuvel
2019-10-08 15:39 ` [PATCH for-stable-v4.19 02/16] arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 03/16] KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe Ard Biesheuvel
2019-10-09 8:04 ` gregkh [this message]
2019-10-08 15:39 ` [PATCH for-stable-v4.19 04/16] arm64: docs: Document SSBS HWCAP Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: docs: Document SSBS HWCAP" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 05/16] arm64: fix SSBS sanitization Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: fix SSBS sanitization" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 06/16] arm64: Add sysfs vulnerability show for spectre-v1 Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Add sysfs vulnerability show for spectre-v1" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 07/16] arm64: add sysfs vulnerability show for meltdown Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: add sysfs vulnerability show for meltdown" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 08/16] arm64: enable generic CPU vulnerabilites support Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: enable generic CPU vulnerabilites support" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 09/16] arm64: Always enable ssb vulnerability detection Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Always enable ssb vulnerability detection" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 10/16] arm64: Provide a command line to disable spectre_v2 mitigation Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Provide a command line to disable spectre_v2 mitigation" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 11/16] arm64: Advertise mitigation of Spectre-v2, or lack thereof Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Advertise mitigation of Spectre-v2, or lack thereof" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 12/16] arm64: Always enable spectre-v2 vulnerability detection Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Always enable spectre-v2 vulnerability detection" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 13/16] arm64: add sysfs vulnerability show for spectre-v2 Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: add sysfs vulnerability show for spectre-v2" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 14/16] arm64: add sysfs vulnerability show for speculative store bypass Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: add sysfs vulnerability show for speculative store bypass" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 15/16] arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB" has been added to the 4.19-stable tree gregkh
2019-10-08 15:39 ` [PATCH for-stable-v4.19 16/16] arm64: Force SSBS on context switch Ard Biesheuvel
2019-10-09 8:04 ` Patch "arm64: Force SSBS on context switch" has been added to the 4.19-stable tree gregkh
2019-10-09 8:04 ` [PATCH for-stable-v4.19 00/16] arm64 spec mitigation backports Greg KH
2019-10-09 8:17 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=157060824297191@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=christoffer.dall@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=stable-commits@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).