From mboxrd@z Thu Jan 1 00:00:00 1970 From: andre.przywara@arm.com (Andre Przywara) Date: Tue, 9 Jan 2018 14:14:22 +0000 Subject: [PATCH v2 1/6] arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 In-Reply-To: <20180108185533.9698-2-marc.zyngier@arm.com> References: <20180108185533.9698-1-marc.zyngier@arm.com> <20180108185533.9698-2-marc.zyngier@arm.com> Message-ID: <5b7b171c-ea22-7c65-de8d-cb953a6f1ec3@arm.com> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org Hi, On 08/01/18 18:55, Marc Zyngier wrote: > In order to avoid aliasing attacks against the branch predictor, > some implementations require to invalidate the BTB when switching > from one user context to another. > > For this, we reuse the existing implementation for Cortex-A8, and > apply it to A9, A12 and A17. > > Signed-off-by: Marc Zyngier > --- > arch/arm/mm/proc-v7-2level.S | 4 ++-- > arch/arm/mm/proc-v7-3level.S | 6 ++++++ > arch/arm/mm/proc-v7.S | 30 +++++++++++++++--------------- > 3 files changed, 23 insertions(+), 17 deletions(-) > > diff --git a/arch/arm/mm/proc-v7-2level.S b/arch/arm/mm/proc-v7-2level.S > index c6141a5435c3..0422e58b74e8 100644 > --- a/arch/arm/mm/proc-v7-2level.S > +++ b/arch/arm/mm/proc-v7-2level.S > @@ -41,7 +41,7 @@ > * even on Cortex-A8 revisions not affected by 430973. > * If IBE is not set, the flush BTAC/BTB won't do anything. > */ > -ENTRY(cpu_ca8_switch_mm) > +ENTRY(cpu_v7_btbinv_switch_mm) > #ifdef CONFIG_MMU > mov r2, #0 > mcr p15, 0, r2, c7, c5, 6 @ flush BTAC/BTB > @@ -66,7 +66,7 @@ ENTRY(cpu_v7_switch_mm) > #endif > bx lr > ENDPROC(cpu_v7_switch_mm) > -ENDPROC(cpu_ca8_switch_mm) > +ENDPROC(cpu_v7_btbinv_switch_mm) > > /* > * cpu_v7_set_pte_ext(ptep, pte) > diff --git a/arch/arm/mm/proc-v7-3level.S b/arch/arm/mm/proc-v7-3level.S > index 7d16bbc4102b..f6adfe88ead2 100644 > --- a/arch/arm/mm/proc-v7-3level.S > +++ b/arch/arm/mm/proc-v7-3level.S > @@ -54,6 +54,11 @@ > * Set the translation table base pointer to be pgd_phys (physical address of > * the new TTB). > */ > +ENTRY(cpu_v7_btbinv_switch_mm) > +#ifdef CONFIG_MMU > + mov r3, #0 As Robin pointed out correctly, BPIALL ignores Rt, so you can get rid of that line entirely (which is not matching the actual Rt below, btw). Might be worth to add a comment about this. Cheers, Andre. > + mcr p15, 0, r2, c7, c5, 6 @ flush BTAC/BTB > +#endif > ENTRY(cpu_v7_switch_mm) > #ifdef CONFIG_MMU > mmid r2, r2 > @@ -64,6 +69,7 @@ ENTRY(cpu_v7_switch_mm) > #endif > ret lr > ENDPROC(cpu_v7_switch_mm) > +ENDPROC(cpu_v7_btbinv_switch_mm) > > #ifdef __ARMEB__ > #define rl r3 > diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S > index 01d64c0b2563..0a14967fd400 100644 > --- a/arch/arm/mm/proc-v7.S > +++ b/arch/arm/mm/proc-v7.S > @@ -159,18 +159,18 @@ ENDPROC(cpu_v7_do_resume) > #endif > > /* > - * Cortex-A8 > + * Cortex-A8/A12/A17 that require a BTB invalidation on switch_mm > */ > - globl_equ cpu_ca8_proc_init, cpu_v7_proc_init > - globl_equ cpu_ca8_proc_fin, cpu_v7_proc_fin > - globl_equ cpu_ca8_reset, cpu_v7_reset > - globl_equ cpu_ca8_do_idle, cpu_v7_do_idle > - globl_equ cpu_ca8_dcache_clean_area, cpu_v7_dcache_clean_area > - globl_equ cpu_ca8_set_pte_ext, cpu_v7_set_pte_ext > - globl_equ cpu_ca8_suspend_size, cpu_v7_suspend_size > + globl_equ cpu_v7_btbinv_proc_init, cpu_v7_proc_init > + globl_equ cpu_v7_btbinv_proc_fin, cpu_v7_proc_fin > + globl_equ cpu_v7_btbinv_reset, cpu_v7_reset > + globl_equ cpu_v7_btbinv_do_idle, cpu_v7_do_idle > + globl_equ cpu_v7_btbinv_dcache_clean_area, cpu_v7_dcache_clean_area > + globl_equ cpu_v7_btbinv_set_pte_ext, cpu_v7_set_pte_ext > + globl_equ cpu_v7_btbinv_suspend_size, cpu_v7_suspend_size > #ifdef CONFIG_ARM_CPU_SUSPEND > - globl_equ cpu_ca8_do_suspend, cpu_v7_do_suspend > - globl_equ cpu_ca8_do_resume, cpu_v7_do_resume > + globl_equ cpu_v7_btbinv_do_suspend, cpu_v7_do_suspend > + globl_equ cpu_v7_btbinv_do_resume, cpu_v7_do_resume > #endif > > /* > @@ -181,7 +181,7 @@ ENDPROC(cpu_v7_do_resume) > globl_equ cpu_ca9mp_reset, cpu_v7_reset > globl_equ cpu_ca9mp_do_idle, cpu_v7_do_idle > globl_equ cpu_ca9mp_dcache_clean_area, cpu_v7_dcache_clean_area > - globl_equ cpu_ca9mp_switch_mm, cpu_v7_switch_mm > + globl_equ cpu_ca9mp_switch_mm, cpu_v7_btbinv_switch_mm > globl_equ cpu_ca9mp_set_pte_ext, cpu_v7_set_pte_ext > .globl cpu_ca9mp_suspend_size > .equ cpu_ca9mp_suspend_size, cpu_v7_suspend_size + 4 * 2 > @@ -548,8 +548,8 @@ __v7_setup_stack: > > @ define struct processor (see and proc-macros.S) > define_processor_functions v7, dabort=v7_early_abort, pabort=v7_pabort, suspend=1 > + define_processor_functions v7_btbinv, dabort=v7_early_abort, pabort=v7_pabort, suspend=1 > #ifndef CONFIG_ARM_LPAE > - define_processor_functions ca8, dabort=v7_early_abort, pabort=v7_pabort, suspend=1 > define_processor_functions ca9mp, dabort=v7_early_abort, pabort=v7_pabort, suspend=1 > #endif > #ifdef CONFIG_CPU_PJ4B > @@ -614,7 +614,7 @@ __v7_ca9mp_proc_info: > __v7_ca8_proc_info: > .long 0x410fc080 > .long 0xff0ffff0 > - __v7_proc __v7_ca8_proc_info, __v7_setup, proc_fns = ca8_processor_functions > + __v7_proc __v7_ca8_proc_info, __v7_setup, proc_fns = v7_btbinv_processor_functions > .size __v7_ca8_proc_info, . - __v7_ca8_proc_info > > #endif /* CONFIG_ARM_LPAE */ > @@ -658,7 +658,7 @@ __v7_ca7mp_proc_info: > __v7_ca12mp_proc_info: > .long 0x410fc0d0 > .long 0xff0ffff0 > - __v7_proc __v7_ca12mp_proc_info, __v7_ca12mp_setup > + __v7_proc __v7_ca12mp_proc_info, __v7_ca12mp_setup, proc_fns = v7_btbinv_processor_functions > .size __v7_ca12mp_proc_info, . - __v7_ca12mp_proc_info > > /* > @@ -688,7 +688,7 @@ __v7_b15mp_proc_info: > __v7_ca17mp_proc_info: > .long 0x410fc0e0 > .long 0xff0ffff0 > - __v7_proc __v7_ca17mp_proc_info, __v7_ca17mp_setup > + __v7_proc __v7_ca17mp_proc_info, __v7_ca17mp_setup, proc_fns = v7_btbinv_processor_functions > .size __v7_ca17mp_proc_info, . - __v7_ca17mp_proc_info > > /* >