From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Marc Zyngier <marc.zyngier@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Greg Hackmann <ghackmann@google.com>,
Mark Rutland <mark.rutland@arm.com>
Subject: [PATCH 4.9 50/66] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
Date: Tue, 17 Apr 2018 17:59:23 +0200 [thread overview]
Message-ID: <20180417155648.065189897@linuxfoundation.org> (raw)
In-Reply-To: <20180417155645.868055442@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mark Rutland <mark.rutland@arm.com>
From: Marc Zyngier <marc.zyngier@arm.com>
commit 3a0a397ff5ff8b56ca9f7908b75dee6bf0b5fabb upstream.
Now that we've standardised on SMCCC v1.1 to perform the branch
prediction invalidation, let's drop the previous band-aid.
If vendors haven't updated their firmware to do SMCCC 1.1, they
haven't updated PSCI either, so we don't loose anything.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Mark Rutland <mark.rutland@arm.com> [v4.9 backport]
Tested-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/kernel/bpi.S | 24 ---------------------
arch/arm64/kernel/cpu_errata.c | 45 +++++++++++------------------------------
arch/arm64/kvm/hyp/switch.c | 14 ------------
3 files changed, 13 insertions(+), 70 deletions(-)
--- a/arch/arm64/kernel/bpi.S
+++ b/arch/arm64/kernel/bpi.S
@@ -54,30 +54,6 @@ ENTRY(__bp_harden_hyp_vecs_start)
vectors __kvm_hyp_vector
.endr
ENTRY(__bp_harden_hyp_vecs_end)
-ENTRY(__psci_hyp_bp_inval_start)
- sub sp, sp, #(8 * 18)
- stp x16, x17, [sp, #(16 * 0)]
- stp x14, x15, [sp, #(16 * 1)]
- stp x12, x13, [sp, #(16 * 2)]
- stp x10, x11, [sp, #(16 * 3)]
- stp x8, x9, [sp, #(16 * 4)]
- stp x6, x7, [sp, #(16 * 5)]
- stp x4, x5, [sp, #(16 * 6)]
- stp x2, x3, [sp, #(16 * 7)]
- stp x0, x1, [sp, #(16 * 8)]
- mov x0, #0x84000000
- smc #0
- ldp x16, x17, [sp, #(16 * 0)]
- ldp x14, x15, [sp, #(16 * 1)]
- ldp x12, x13, [sp, #(16 * 2)]
- ldp x10, x11, [sp, #(16 * 3)]
- ldp x8, x9, [sp, #(16 * 4)]
- ldp x6, x7, [sp, #(16 * 5)]
- ldp x4, x5, [sp, #(16 * 6)]
- ldp x2, x3, [sp, #(16 * 7)]
- ldp x0, x1, [sp, #(16 * 8)]
- add sp, sp, #(8 * 18)
-ENTRY(__psci_hyp_bp_inval_end)
.macro smccc_workaround_1 inst
sub sp, sp, #(8 * 4)
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -53,7 +53,6 @@ static int cpu_enable_trap_ctr_access(vo
DEFINE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);
#ifdef CONFIG_KVM
-extern char __psci_hyp_bp_inval_start[], __psci_hyp_bp_inval_end[];
extern char __smccc_workaround_1_smc_start[];
extern char __smccc_workaround_1_smc_end[];
extern char __smccc_workaround_1_hvc_start[];
@@ -100,8 +99,6 @@ static void __install_bp_hardening_cb(bp
spin_unlock(&bp_lock);
}
#else
-#define __psci_hyp_bp_inval_start NULL
-#define __psci_hyp_bp_inval_end NULL
#define __smccc_workaround_1_smc_start NULL
#define __smccc_workaround_1_smc_end NULL
#define __smccc_workaround_1_hvc_start NULL
@@ -146,24 +143,25 @@ static void call_hvc_arch_workaround_1(v
arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
}
-static bool check_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry)
+static int enable_smccc_arch_workaround_1(void *data)
{
+ const struct arm64_cpu_capabilities *entry = data;
bp_hardening_cb_t cb;
void *smccc_start, *smccc_end;
struct arm_smccc_res res;
if (!entry->matches(entry, SCOPE_LOCAL_CPU))
- return false;
+ return 0;
if (psci_ops.smccc_version == SMCCC_VERSION_1_0)
- return false;
+ return 0;
switch (psci_ops.conduit) {
case PSCI_CONDUIT_HVC:
arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if (res.a0)
- return false;
+ return 0;
cb = call_hvc_arch_workaround_1;
smccc_start = __smccc_workaround_1_hvc_start;
smccc_end = __smccc_workaround_1_hvc_end;
@@ -173,35 +171,18 @@ static bool check_smccc_arch_workaround_
arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if (res.a0)
- return false;
+ return 0;
cb = call_smc_arch_workaround_1;
smccc_start = __smccc_workaround_1_smc_start;
smccc_end = __smccc_workaround_1_smc_end;
break;
default:
- return false;
+ return 0;
}
install_bp_hardening_cb(entry, cb, smccc_start, smccc_end);
- return true;
-}
-
-static int enable_psci_bp_hardening(void *data)
-{
- const struct arm64_cpu_capabilities *entry = data;
-
- if (psci_ops.get_version) {
- if (check_smccc_arch_workaround_1(entry))
- return 0;
-
- install_bp_hardening_cb(entry,
- (bp_hardening_cb_t)psci_ops.get_version,
- __psci_hyp_bp_inval_start,
- __psci_hyp_bp_inval_end);
- }
-
return 0;
}
#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */
@@ -301,32 +282,32 @@ const struct arm64_cpu_capabilities arm6
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
{
.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2),
- .enable = enable_psci_bp_hardening,
+ .enable = enable_smccc_arch_workaround_1,
},
#endif
{
--- a/arch/arm64/kvm/hyp/switch.c
+++ b/arch/arm64/kvm/hyp/switch.c
@@ -311,20 +311,6 @@ again:
if (exit_code == ARM_EXCEPTION_TRAP && !__populate_fault_info(vcpu))
goto again;
- if (exit_code == ARM_EXCEPTION_TRAP &&
- (kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_HVC64 ||
- kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_HVC32)) {
- u32 val = vcpu_get_reg(vcpu, 0);
-
- if (val == PSCI_0_2_FN_PSCI_VERSION) {
- val = kvm_psci_version(vcpu, kern_hyp_va(vcpu->kvm));
- if (unlikely(val == KVM_ARM_PSCI_0_1))
- val = PSCI_RET_NOT_SUPPORTED;
- vcpu_set_reg(vcpu, 0, val);
- goto again;
- }
- }
-
if (static_branch_unlikely(&vgic_v2_cpuif_trap) &&
exit_code == ARM_EXCEPTION_TRAP) {
bool valid;
next prev parent reply other threads:[~2018-04-17 15:59 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-17 15:58 [PATCH 4.9 00/66] 4.9.95-stable review Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 01/66] media: v4l2-compat-ioctl32: dont oops on overlay Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 02/66] parisc: Fix out of array access in match_pci_device() Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 03/66] Drivers: hv: vmbus: do not mark HV_PCIE as perf_device Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 04/66] perf intel-pt: Fix overlap detection to identify consecutive buffers correctly Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 05/66] perf intel-pt: Fix sync_switch Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 06/66] perf intel-pt: Fix error recovery from missing TIP packet Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 07/66] perf intel-pt: Fix timestamp following overflow Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 08/66] perf/core: Fix use-after-free in uprobe_perf_close() Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 10/66] arm64: barrier: Add CSDB macros to control data-value prediction Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 11/66] arm64: Implement array_index_mask_nospec() Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 12/66] arm64: move TASK_* definitions to <asm/processor.h> Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 13/66] arm64: Make USER_DS an inclusive limit Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 14/66] arm64: Use pointer masking to limit uaccess speculation Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 15/66] arm64: entry: Ensure branch through syscall table is bounded under speculation Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 16/66] arm64: uaccess: Prevent speculative use of the current addr_limit Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 17/66] arm64: uaccess: Dont bother eliding access_ok checks in __{get, put}_user Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 18/66] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 19/66] arm64: cpufeature: __this_cpu_has_cap() shouldnt stop early Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 20/66] arm64: Run enable method for errata work arounds on late CPUs Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 21/66] arm64: cpufeature: Pass capability structure to ->enable callback Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 22/66] drivers/firmware: Expose psci_get_version through psci_ops structure Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 23/66] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 24/66] arm64: Move post_ttbr_update_workaround to C code Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 25/66] arm64: Add skeleton to harden the branch predictor against aliasing attacks Greg Kroah-Hartman
2018-04-17 15:58 ` [PATCH 4.9 26/66] arm64: Move BP hardening to check_and_switch_context Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 27/66] mm: Introduce lm_alias Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 28/66] arm64: KVM: Use per-CPU vector when BP hardening is enabled Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 29/66] arm64: entry: Apply BP hardening for high-priority synchronous exceptions Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 30/66] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 31/66] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 32/66] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 33/66] arm64: Implement branch predictor hardening for affected Cortex-A CPUs Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 34/66] arm64: Branch predictor hardening for Cavium ThunderX2 Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 35/66] arm64: KVM: Increment PC after handling an SMC trap Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 36/66] arm/arm64: KVM: Consolidate the PSCI include files Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 37/66] arm/arm64: KVM: Add PSCI_VERSION helper Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 38/66] arm/arm64: KVM: Add smccc accessors to PSCI code Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 39/66] arm/arm64: KVM: Implement PSCI 1.0 support Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 40/66] arm/arm64: KVM: Advertise SMCCC v1.1 Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 41/66] arm64: KVM: Make PSCI_VERSION a fast path Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 42/66] arm/arm64: KVM: Turn kvm_psci_version into a static inline Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 43/66] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 44/66] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 45/66] firmware/psci: Expose PSCI conduit Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 46/66] firmware/psci: Expose SMCCC version through psci_ops Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 47/66] arm/arm64: smccc: Make function identifiers an unsigned quantity Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 48/66] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 49/66] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support Greg Kroah-Hartman
2018-04-17 15:59 ` Greg Kroah-Hartman [this message]
2018-04-17 15:59 ` [PATCH 4.9 51/66] sunrpc: remove incorrect HMAC request initialization Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 52/66] Revert "perf tests: Decompress kernel module before objdump" Greg Kroah-Hartman
2018-09-05 18:50 ` Florian Fainelli
2018-09-05 19:29 ` Greg Kroah-Hartman
2018-09-05 20:08 ` Florian Fainelli
2018-04-17 15:59 ` [PATCH 4.9 53/66] block/loop: fix deadlock after loop_set_status Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 54/66] nfit: fix region registration vs block-data-window ranges Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 55/66] s390/qdio: dont retry EQBS after CCQ 96 Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 56/66] s390/qdio: dont merge ERROR output buffers Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 57/66] s390/ipl: ensure loadparm valid flag is set Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 58/66] getname_kernel() needs to make sure that ->name != ->iname in long case Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 59/66] Bluetooth: Fix connection if directed advertising and privacy is used Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 60/66] rtl8187: Fix NULL pointer dereference in priv->conf_mutex Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 61/66] hwmon: (ina2xx) Fix access to uninitialized mutex Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 62/66] cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 63/66] rds: MP-RDS may use an invalid c_path Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 64/66] slip: Check if rstate is initialized before uncompressing Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 65/66] vhost: fix vhost_vq_access_ok() log check Greg Kroah-Hartman
2018-04-17 15:59 ` [PATCH 4.9 66/66] lan78xx: Correctly indicate invalid OTP Greg Kroah-Hartman
2018-04-17 21:04 ` [PATCH 4.9 00/66] 4.9.95-stable review Shuah Khan
2018-04-18 15:38 ` Guenter Roeck
2018-04-18 17:42 ` Dan Rue
2018-04-19 7:56 ` Greg Kroah-Hartman
2018-04-19 11:12 ` Naresh Kamboju
2018-04-19 12:09 ` Ben Hutchings
2018-04-19 12:30 ` Naresh Kamboju
2018-04-19 13:21 ` Dan Rue
2018-04-19 14:03 ` Greg Kroah-Hartman
2018-04-19 20:04 ` Dan Rue
2018-04-20 6:27 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180417155648.065189897@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=ghackmann@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.zyngier@arm.com \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).