[PATCH] arm64: Add MIDR-based check for FEAT_ECBHB

Linux kernel -stable discussions
 help / color / mirror / Atom feed

From: Oliver Upton <oliver.upton@linux.dev>
To: linux-arm-kernel@lists.infradead.org
Cc: Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>,
	Mark Rutland <mark.rutland@arm.com>,
	Marc Zyngier <maz@kernel.org>, Mingwei Zhang <mizhang@google.com>,
	Oliver Upton <oliver.upton@linux.dev>,
	stable@vger.kernel.org
Subject: [PATCH] arm64: Add MIDR-based check for FEAT_ECBHB
Date: Thu, 22 May 2025 13:41:48 -0700	[thread overview]
Message-ID: <20250522204148.4007406-1-oliver.upton@linux.dev> (raw)

Prior to commit e8cde32f111f ("arm64/cpufeatures/kvm: Add ARMv8.9
FEAT_ECBHB bits in ID_AA64MMFR1 register") KVM was erroneously masking
FEAT_ECBHB from VMs, giving the perception that safe implementations are
actually vulnerable to Spectre-BHB. And, after commit e403e8538359
("arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre
BHB") guests are enabling the loop mitigation.

This broken virtual hardware is going to be around for some time, so do
the ugly thing and check for revisions of Neoverse-V2 [1], Cortex-X3 [2],
Cortex-A720 [3], and Neoverse-N3 [4] that are documented to have FEAT_ECBHB.

Cc: stable@vger.kernel.org
Link: https://developer.arm.com/documentation/102375/0002
Link: https://developer.arm.com/documentation/101593/0102
Link: https://developer.arm.com/documentation/102530/0002
Link: https://developer.arm.com/documentation/107997/0001
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
---

I thoroughly hate this but the alternative of nuking these busted VMs
isn't exactly popular...

 arch/arm64/include/asm/cputype.h |  1 +
 arch/arm64/kernel/proton-pack.c  | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/arch/arm64/include/asm/cputype.h b/arch/arm64/include/asm/cputype.h
index d1cc0571798b..5c6152e61cad 100644
--- a/arch/arm64/include/asm/cputype.h
+++ b/arch/arm64/include/asm/cputype.h
@@ -282,6 +282,7 @@ struct midr_range {
 #define MIDR_REV_RANGE(m, v, r_min, r_max) MIDR_RANGE(m, v, r_min, v, r_max)
 #define MIDR_REV(m, v, r) MIDR_RANGE(m, v, r, v, r)
 #define MIDR_ALL_VERSIONS(m) MIDR_RANGE(m, 0, 0, 0xf, 0xf)
+#define MIDR_MIN_VERSION(m, v, r) MIDR_RANGE(m, v, r, 0xf, 0xf)
 
 static inline bool midr_is_cpu_model_range(u32 midr, u32 model, u32 rv_min,
 					   u32 rv_max)
diff --git a/arch/arm64/kernel/proton-pack.c b/arch/arm64/kernel/proton-pack.c
index b198dde79e59..3d00d4c22d58 100644
--- a/arch/arm64/kernel/proton-pack.c
+++ b/arch/arm64/kernel/proton-pack.c
@@ -962,8 +962,24 @@ static bool has_spectre_bhb_fw_mitigation(void)
 
 static bool supports_ecbhb(int scope)
 {
+	static const struct midr_range spectre_ecbhb_list[] = {
+		MIDR_MIN_VERSION(MIDR_NEOVERSE_V2, 0, 2),
+		MIDR_MIN_VERSION(MIDR_CORTEX_X3, 1, 1),
+		MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N3),
+		MIDR_MIN_VERSION(MIDR_CORTEX_A720, 0, 1),
+		{},
+	};
 	u64 mmfr1;
 
+	/*
+	 * Prior to commit e8cde32f111f ("arm64/cpufeatures/kvm: Add ARMv8.9
+	 * FEAT_ECBHB bits in ID_AA64MMFR1 register"), KVM masked FEAT_ECBHB
+	 * on implementations that actually have the feature. That sucks; infer
+	 * presence of FEAT_ECBHB based on MIDR.
+	 */
+	if (is_midr_in_range_list(spectre_ecbhb_list))
+		return true;
+
 	if (scope == SCOPE_LOCAL_CPU)
 		mmfr1 = read_sysreg_s(SYS_ID_AA64MMFR1_EL1);
 	else

base-commit: b4432656b36e5cc1d50a1f2dc15357543add530e
-- 
2.39.5

next             reply	other threads:[~2025-05-22 20:42 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-22 20:41 Oliver Upton [this message]
2025-06-02 12:08 ` [PATCH] arm64: Add MIDR-based check for FEAT_ECBHB Will Deacon
2025-06-02 17:50   ` Oliver Upton

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:d1cc0571798 dfblob:5c6152e61ca dfblob:b198dde79e5
dfblob:3d00d4c22d5 )
 OR (
bs:"[PATCH] arm64: Add MIDR-based check for FEAT_ECBHB" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250522204148.4007406-1-oliver.upton@linux.dev \
    --to=oliver.upton@linux.dev \
    --cc=catalin.marinas@arm.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=mark.rutland@arm.com \
    --cc=maz@kernel.org \
    --cc=mizhang@google.com \
    --cc=stable@vger.kernel.org \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox