From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tony Lindgren Subject: Re: ARM errata 430973 on multi platform kernels Date: Mon, 6 Apr 2015 08:19:40 -0700 Message-ID: <20150406151939.GG18048@atomide.com> References: <20150403163553.GA16247@earth> <551F0F50.1030701@gmail.com> <20150403221517.GX10805@atomide.com> <551F186B.90608@gmail.com> <20150403225212.GY10805@atomide.com> <5520E2EE.4080302@gmail.com> <5521A438.1070008@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from muru.com ([72.249.23.125]:42328 "EHLO muru.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752877AbbDFPX0 (ORCPT ); Mon, 6 Apr 2015 11:23:26 -0400 Content-Disposition: inline In-Reply-To: Sender: linux-omap-owner@vger.kernel.org List-Id: linux-omap@vger.kernel.org To: Matthijs van Duin Cc: Ivaylo Dimitrov , Sebastian Reichel , "linux-arm-kernel@lists.infradead.org" , "linux-omap@vger.kernel.org" , Pavel Machek * Matthijs van Duin [150405 16:53]: > Cortex-A8 errata doc states in its workaround for erratum 430973: > > > By default, the BTB Invalidate instruction is treated as a NOP on Cortex-A8. > > However, it is possible to enable the BTB Invalidate instruction such that it > > actually does a full invalidate of the BTB by setting the IBE bit (bit 6) in > > the CP15 Auxiliary Control Register. As a consequence of erratum 687067, the > > L1 System Array Debug Register should be cleared to 0 before the IBE bit is > > set using the following code sequence: > > MOV r1, #0 > > MCR p15, 0, r1, c15, c1, 0 ; write instruction data 0 register > > MRC p15, 0, R1, c1, c0, 1 ; read Aux Ctl Register > > ORR R1, R1 #(1 << 6) ; set IBE to 1 > > MCR p15, 0, R1, c1, c0, 1 ; write Aux Ctl Register > > The above code needs to be executed in Secure state. ARM Limited recommends > > that this code is added to the boot monitor. > > The 430973 workaround code in proc-v7.S will do absolutely nothing if > executed in non-secure state. Ditto for the 458693 workaround, and the > 460075 workaround should trigger an undefined instruction exception. > Maybe linux is started in secure mode on some targets and this code > was written for one of those? That's only for HS omaps, for those we currently only do it in the nokia_n900_legacy_init that calls rx51_secure_update_aux_cr. > I scanned DM814x secure ROM for any (ARM or Thumb) write to > Instruction L1 System Array Debug Register 0, but I found none, hence > my warning to watch out for erratum 687067. OK > Adding the full set of BTB invalidates while making sure IBE is > disabled on sufficiently recent Cortex-A8 revisions would be optimal > for the Cortex-A8. But, apparently (based on the description of the > ARMv7 CPUID registers) there are also processors which only require > BTB invalidates when code is modified, but not when context-switching, > so there may be performance considerations there... Attempting to summarize all that's been discussed.. It sounds like we need the following implemented: 1. For cortex-a8 revisions affected by 458693, we can do a custom cpu_v7_switch_mm function that always does flush BTAC/BTB. 2. For HS cortex-a8 processors other than n900 affected by 458693, we need to implement functions similar to rx51_secure_update_aux_cr, the bootrom on n900 is different from TI HS omaps so the SMC call numbering may be different. 3. For later cortex-a8 processors not affected by 458693, we need to clear IBE bit to avoid erratum 687067. Regards, Tony