From: Catalin Marinas <catalin.marinas@arm.com>
To: James Morse <james.morse@arm.com>
Cc: linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Lorenzo Pieralisi <lpieralisi@kernel.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Marc Zyngier <maz@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>
Subject: Re: [PATCH 0/6] arm64: errata: Disable FWB on parts with non-ARM interconnects
Date: Thu, 11 May 2023 18:15:15 +0100 [thread overview]
Message-ID: <ZF0io4mDjRdm1AxN@arm.com> (raw)
In-Reply-To: <20230330165128.3237939-1-james.morse@arm.com>
Hi James,
On Thu, Mar 30, 2023 at 05:51:22PM +0100, James Morse wrote:
> When stage1 translation is disabled, the SCTRL_E1.I bit controls the
> attributes used for instruction fetch, one of the options results in a
> non-cacheable access. A whole host of CPUs missed the FWB override
> in this case, meaning a KVM guest could fetch stale/junk data instead of
> instructions.
>
> The workaround is to disable FWB, and do the required cache maintenance
> instead.
I think the workaround can be to only do the required cache maintenance
without disabling FWB. Having FWB on doesn't bring any performance
benefits if we do the cache maintenance anyway but keeping it around may
be useful for other reasons (e.g. KVM device pass-through using
cacheable mappings, though not something KVM supports currently).
> Unfortunately, no-one has firmware that supports this new interface yet,
> and the least surprising thing to do is to enable the workaround by default,
> meaning FWB is disabled on all these cores, even for unaffected platforms.
> ACPI Platforms that are not-affected can either take a firmware-update to
> support the interface, or if the kernel they run will only run on hardware
> that is unaffected, disable the workaround at build time.
Given that we know of more platforms that are _not_ affected and vendors
are pretty vague on whether they need this, I'd rather swap the default
and keep the workaround off with a firmware interface, DT or command
line opt-in.
That said, maybe we can reduce the risk further by doing the
vcpu_has_run_once() trick with !FWB and clean the D side to PoC on a
stage 2 exec fault (together with the I-cache invalidation). We can then
ignore any other cache maintenance on S2 faults until someone shouts (we
can maybe recommend forcing FWB off on the command line through the
cpuid override).
--
Catalin
next prev parent reply other threads:[~2023-05-11 17:15 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-30 16:51 [PATCH 0/6] arm64: errata: Disable FWB on parts with non-ARM interconnects James Morse
2023-03-30 16:51 ` [PATCH 1/6] dt-bindings: firmware: Add arm,errata-management James Morse
2023-03-30 20:50 ` Rob Herring
2023-03-31 8:29 ` Krzysztof Kozlowski
2023-03-31 16:58 ` James Morse
2023-04-03 9:15 ` Krzysztof Kozlowski
2023-04-03 12:05 ` Marc Zyngier
2023-03-31 13:46 ` Rob Herring
2023-03-31 16:58 ` James Morse
2023-04-03 15:45 ` Rob Herring
2023-04-04 15:19 ` James Morse
2023-03-30 16:51 ` [PATCH 2/6] firmware: smccc: Add support for erratum discovery API James Morse
2023-03-30 20:34 ` kernel test robot
2023-03-30 16:51 ` [PATCH 3/6] arm64: cputype: Add new part numbers for Cortex-X3, and Neoverse-V2 James Morse
2023-03-30 16:51 ` [PATCH 4/6] arm64: errata: Disable FWB on parts with non-ARM interconnects James Morse
2023-03-30 16:51 ` [PATCH 5/6] firmware: smccc: Allow errata management to be overridden by device tree James Morse
2023-03-30 20:44 ` kernel test robot
2023-03-31 17:05 ` James Morse
2023-03-30 16:51 ` [PATCH 6/6] arm64: errata: Add a commandline option to enable/disable #2701951 James Morse
2023-03-31 12:57 ` [PATCH 0/6] arm64: errata: Disable FWB on parts with non-ARM interconnects Rob Herring
2023-03-31 13:03 ` Rob Herring
2023-05-11 17:15 ` Catalin Marinas [this message]
2023-05-11 18:42 ` Marc Zyngier
2023-05-11 21:13 ` Catalin Marinas
2023-05-16 16:29 ` James Morse
2023-05-23 12:24 ` Robin Murphy
2023-05-23 10:48 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZF0io4mDjRdm1AxN@arm.com \
--to=catalin.marinas@arm.com \
--cc=devicetree@vger.kernel.org \
--cc=james.morse@arm.com \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=lpieralisi@kernel.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=robh+dt@kernel.org \
--cc=sudeep.holla@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).