From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS,URIBL_BLOCKED,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 87382C43144 for ; Mon, 25 Jun 2018 08:03:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 470022558E for ; Mon, 25 Jun 2018 08:03:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 470022558E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=atomide.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753066AbeFYIDQ (ORCPT ); Mon, 25 Jun 2018 04:03:16 -0400 Received: from muru.com ([72.249.23.125]:48828 "EHLO muru.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752280AbeFYIDM (ORCPT ); Mon, 25 Jun 2018 04:03:12 -0400 Received: from atomide.com (localhost [127.0.0.1]) by muru.com (Postfix) with ESMTPS id 0521780E1; Mon, 25 Jun 2018 08:05:59 +0000 (UTC) Date: Mon, 25 Jun 2018 01:03:09 -0700 From: Tony Lindgren To: Nishanth Menon Cc: Russell King - ARM Linux , linux-kernel@vger.kernel.org, linux-omap@vger.kernel.org, linux-arm-kernel@lists.infradead.org Subject: Re: [PATCH] ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores Message-ID: <20180625080309.GH112168@atomide.com> References: <20180612213611.2484-1-nm@ti.com> <20180613101153.GD6920@n2100.armlinux.org.uk> <20180613132910.wr7ngq4nvxlgaoqi@kahuna> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180613132910.wr7ngq4nvxlgaoqi@kahuna> User-Agent: Mutt/1.10.0 (2018-05-17) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Nishanth Menon [180613 13:31]: > On 10:11-20180613, Russell King - ARM Linux wrote: > > On Tue, Jun 12, 2018 at 04:36:11PM -0500, Nishanth Menon wrote: > > > Call secure services to enable ACTLR[0] (Enable invalidates of BTB with > > > ICIALLU) when branch hardening is enabled for kernel. > > > > As mentioned elsewhere, I don't think this is a good idea - if the secure > > world is not implementing the Spectre workarounds, then the _system_ is > > exploitable. > > > > If the secure world is implementing the spectre workarounds, it will > > already have enabled the IBE bit (which is r/w from secure, read only > > from non-secure.) > > > > So, basically, lack of the IBE bit being set is basically telling the > > kernel that it's running on a vulnerable platform _even if the kernel > > were to set it through some means_. > > On GP devices OMAP5/DRA7, there is no possibility to update secure side > since "secure world" is ROM and there are no override mechanisms possible. > on HS devices, I agree, appropriate PPA will do the workarounds as well. > > However, this patch is to enable the IBE enable on GP device for _a_ > core can only be done via SMC services that ROM provides for > specifically the reasons you have already stated. u-boot will only > enable the IBE for the boot core, by the time the secondary cores start > up, u-boot is long gone.. so someone has to invoke the SMC call to > enable the IBE bit for the secondary core. > > This is what the patch does. > > If the above explanation makes sense, I will add that to the commit log > as well. Probably good idea to also add a comment to the code that this is for the secondary core. Regards, Tony