From patchwork Tue Jan 16 14:23:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 124719 Delivered-To: patch@linaro.org Received: by 10.46.64.148 with SMTP id r20csp1031485lje; Tue, 16 Jan 2018 06:26:07 -0800 (PST) X-Google-Smtp-Source: ACJfBovfio3ek3VIiP/4pkQuppC1NiadWSNds+coeX3+EXiftxHxVjuxfmMqF8+qkhR9Erl+Bne+ X-Received: by 10.107.232.7 with SMTP id f7mr39075458ioh.171.1516112767650; Tue, 16 Jan 2018 06:26:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516112767; cv=none; d=google.com; s=arc-20160816; b=GE8VcATA1NnvHC++PvB0hArqB4lT4Wa8/5NFdGrAebWoxaYXBfLfCyrpVaypbFv8zp ehEi0Hov0N0071N4SKSK56PilGw6vumdeBvKzr/uk5zi8s2fSPTzyrPKo7Fec+CvzlWW 7GJo0KTvpdTOM0wNgXG45s38WS3p+AHUAQWBKtRySYAxU+kPn9YnjLlrkKarMD1q2TcB fIop7h+mYE+OcNSW3bELb4wSTGTcndVpLuKJCmPBfjAKU9ngpqonTD592wlDfKSQXwxC NuuEgN41C5YNtUgp5fg+39Z7FpSuiVYC9B7jQmkGf4Yj2TLJhO4tewxck2sLR+IVRPLN AkMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:cc:message-id:date:to:from:dkim-signature :arc-authentication-results; bh=4ahlFBberIbo+2hfSySy3wRgTjdjL00/G56tlZxUZHo=; b=TF0HBk7+UxZpmq2kYwuTQB2dT3PRFGE81hyH1DQ3uVq1vs/Xh+toV1baXaOyoLNfgV TvZSZbXq/EC6ezNcsFRMgOoAHu6ivRw445LmafeRjmnoj+w/qLCs4dVi94Xl5sD7NYPK ajrrJl27Cf18DzkZERKVxICPQt8ZlXab8vbSkw2Qgk1eiayqd0yeobqrjMm8whwZFXSI /U2CTH4EWP37dg6iUAW8v352Z8PWVR2DBqfO53zEA4AL8cALslP6Gm1A0tdT/YjvvOnh qX2CuuWim9ezRfzoX/+3BQM4w/GC0RbHRPdvoreb60A9q6Hr/MVmgUDPLYoYQkRij/l3 QZAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HwnTLqsU; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id z29si1939199ioi.91.2018.01.16.06.26.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Jan 2018 06:26:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=HwnTLqsU; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ebS9R-0002B8-SU; Tue, 16 Jan 2018 14:23:45 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ebS9Q-0002AS-Dg for xen-devel@lists.xen.org; Tue, 16 Jan 2018 14:23:44 +0000 X-Inumbo-ID: a4f57131-fac8-11e7-b4a6-bc764e045a96 Received: from mail-wm0-x242.google.com (unknown [2a00:1450:400c:c09::242]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTPS id a4f57131-fac8-11e7-b4a6-bc764e045a96; Tue, 16 Jan 2018 15:22:13 +0100 (CET) Received: by mail-wm0-x242.google.com with SMTP id f71so8739726wmf.0 for ; Tue, 16 Jan 2018 06:23:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=ObVWd+Hj8CFDrcNaki25pRmRpEsjDBjtjcJEO2/rx4M=; b=HwnTLqsUjYhD7zYn38ntM7+vIUhUslAjc7XDfx9pKmAVhdxIZkZXXC038fjB3H/OpF LJiFLfdRrT+BkAsGmoS6brpHkurs7n+ihRiswk4tLXAa8FKx8OoEDPlvSrm7icxZ2vGE JvE//k5GQAhh0A91cmB0dO/ZzEtoxqbUNrJiY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=ObVWd+Hj8CFDrcNaki25pRmRpEsjDBjtjcJEO2/rx4M=; b=fbaHAlrhcozw8RGfLs+AfD46mL4vn38VeEzlqtpfmgj0s+T3Zvgqk7lXZckYfdPURP aZCAAaD1ix/qStiX9Eu8Gf5wM23s27xY1EQQAB9r/sIgg9cYV4TFJCfs38jZgjZgvjJ+ hRxbfjTvY4JWbYkt3OofFSZBT7DcLl1p0oLZA/XA3XROcV1Lc1ku29GJD7nQ1webI5+k 2R/zB6qd++jhUix9B8sqInLjMFscXxGAM8QGY/6d/ghmr3v4tovtYs5QUsVZPKAuxUXV 2haZRK/bi836W6Qw5tVk2rvBMaVc2oidtzLQOu2uE3cHfTwqAy9zhpoYYNWaS5QymGj0 MyZg== X-Gm-Message-State: AKwxyteZ2plEqtCqq1F2WqfIjRi/sSu1zZe5HXW0FRkRdhjoS2OM13hS ylSOXiMsbJzPWUSQaQtEQ7oMKrtyAbc= X-Received: by 10.28.120.15 with SMTP id t15mr10548693wmc.34.1516112621228; Tue, 16 Jan 2018 06:23:41 -0800 (PST) Received: from e108454-lin.cambridge.arm.com ([2001:41d0:1:6c23::1]) by smtp.gmail.com with ESMTPSA id m201sm1686886wma.13.2018.01.16.06.23.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Jan 2018 06:23:40 -0800 (PST) From: Julien Grall To: xen-devel@lists.xen.org Date: Tue, 16 Jan 2018 14:23:32 +0000 Message-Id: <20180116142337.24942-1-julien.grall@linaro.org> X-Mailer: git-send-email 2.11.0 Cc: sstabellini@kernel.org, Julien Grall , andre.przywara@linaro.org Subject: [Xen-devel] [PATCH 0/5] xen/arm64: Branch predictor hardening (XSA-254 variant 2) X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Hi all, This series provides a framework for mitigating branch predictor hardening on Arm64 on exception entry. It also implements a dummy PSCI "VERSION" call as the hook for affected Cortex-A CPUs. This will invalidate the predictor state with the latest Arm Trusted Firmware patches which will appear at [1] and SoC vendors with affected CPUs are strongly encouraged to update. We plan to switch to a more efficient, special-purpose call when it is available and the PSCI spec has been updated accordingly. For more information about the impact of this issue and the software mitigations for Arm processors, please see http://www.arm.com/security-update. [1] https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6 Julien Grall (5): xen/arm: Introduce enable callback to enable a capabilities on each online CPU xen/arm64: Add missing MIDR values for Cortex-A72, A73 and A75 xen/arm: cpuerrata: Add MIDR_ALL_VERSIONS xen/arm64: Add skeleton to harden the branch predictor aliasing attacks xen/arm64: Implement branch predictor hardening for affected Cortex-A CPUs xen/arch/arm/Kconfig | 20 ++++ xen/arch/arm/arm64/Makefile | 1 + xen/arch/arm/arm64/bpi.S | 89 +++++++++++++++++ xen/arch/arm/cpuerrata.c | 203 +++++++++++++++++++++++++++++++++++++++ xen/arch/arm/cpufeature.c | 29 ++++++ xen/arch/arm/setup.c | 1 + xen/arch/arm/traps.c | 5 +- xen/include/asm-arm/cpuerrata.h | 2 + xen/include/asm-arm/cpufeature.h | 6 +- xen/include/asm-arm/processor.h | 11 ++- 10 files changed, 363 insertions(+), 4 deletions(-) create mode 100644 xen/arch/arm/arm64/bpi.S