From patchwork Fri Jan 25 18:07:10 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Linton <jeremy.linton@arm.com>
X-Patchwork-Id: 156624
Delivered-To: patch@linaro.org
Received: by 2002:a02:48:0:0:0:0:0 with SMTP id 69csp652465jaa;
 Fri, 25 Jan 2019 10:07:38 -0800 (PST)
X-Google-Smtp-Source: ALg8bN6rhI7fmXlj+TAt/V7fxFYimqqd7F0QTG757atGq78GarC+bsuqQB+BZk0ofBL1jYjBbP/L
X-Received: by 2002:a17:902:d83:: with SMTP id
 3mr11713784plv.43.1548439658142; 
 Fri, 25 Jan 2019 10:07:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1548439658; cv=none;
 d=google.com; s=arc-20160816;
 b=aPxEt7ZHUMpVGqb36KlI1XA603/eDkWLs458OB1NuSRvo38gzvtdRyMzTYUs560VZL
 flpUt2DzIMKU3iWmKZ+iKcOM9VWg1E2990BhNPLrWWpy7UyPZxiiRy23viCR+icH4xZy
 JRc1RIplLX0iYcLfYAqe+9RGWMx2s1X6Sj7arrXTFlXzDAw9kbRHF5cDOR+rNlFsCNZu
 CqVIFtDmBfGKMBvBUBUgEcnPF6BWWPbHfLLY3afnlgG/sS/cHahkaAXTmNVAJnJNBlZe
 VR1KJNrumtJ+paUPuVRZjVfR/hxA53zUVVCHMrWQ8saO7BUq3uoRhCq2PGD6E9Frm5um
 nk0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:sender:references:in-reply-to:message-id:date
 :subject:cc:to:from;
 bh=a5oNyZGTQ2F2LFggFWd+lraHCqPAxS6UAPz8kYq9P3E=;
 b=QndU1v+J0PN/FNkQOVQwoMYywg9Nt6JnIyA8/f0TjeuMnIILJkDTq3UyT+PNQQ1nOK
 bD3mE5zEylYj9UBG2ft5cq2YEBQrdORLvgXl6bMvC8gVMjEHvm+b4jOQTwmbzmp3UxHp
 D1ElHuL/fNV/2YURvZ2e1adO2TI4a0umdKw+wd5WH8m+GDvdRV2CbqDYHqLNV5SnxINy
 h9paI8JEKAt0HPCiw2VJ0ReQ10XamdoHQGPVBnA+8v9Wspayf+y8tVjQjKwyhYWf6HMw
 iYL9A1nODve9li5lI+1dgLPArh11e6DmlduwYZW1C3J4tBUmSvbTrsjW0tgXguGnzMJs
 JtIQ==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 b3si26104567pld.282.2019.01.25.10.07.37; 
 Fri, 25 Jan 2019 10:07:38 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1729399AbfAYSHg (ORCPT <rfc822;igor.opaniuk@linaro.org>
 + 31 others); Fri, 25 Jan 2019 13:07:36 -0500
Received: from foss.arm.com ([217.140.101.70]:51888 "EHLO foss.arm.com"
 rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
 id S1729364AbfAYSHd (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
 Fri, 25 Jan 2019 13:07:33 -0500
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5E219EBD;
 Fri, 25 Jan 2019 10:07:33 -0800 (PST)
Received: from beelzebub.austin.arm.com (beelzebub.austin.arm.com
 [10.118.12.119])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id
 B65B33F5AF; Fri, 25 Jan 2019 10:07:32 -0800 (PST)
From: Jeremy Linton <jeremy.linton@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com,
 suzuki.poulose@arm.com, dave.martin@arm.com,
 shankerd@codeaurora.org, linux-kernel@vger.kernel.org,
 ykaukab@suse.de, julien.thierry@arm.com, mlangsdo@redhat.com,
 steven.price@arm.com, stefan.wahren@i2se.com,
 Jeremy Linton <jeremy.linton@arm.com>
Subject: [PATCH v4 11/12] arm64: add sysfs vulnerability show for
 speculative store bypass
Date: Fri, 25 Jan 2019 12:07:10 -0600
Message-Id: <20190125180711.1970973-12-jeremy.linton@arm.com>
X-Mailer: git-send-email 2.17.2
In-Reply-To: <20190125180711.1970973-1-jeremy.linton@arm.com>
References: <20190125180711.1970973-1-jeremy.linton@arm.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Return status based on ssbd_state and the arm64 SSBS feature. If
the mitigation is disabled, or the firmware isn't responding then
return the expected machine state based on a new blacklist of known
vulnerable cores.

Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
---
 arch/arm64/kernel/cpu_errata.c | 45 ++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

-- 
2.17.2

diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index caedf268c972..e9ae8e5fd7e1 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -265,6 +265,7 @@ static int detect_harden_bp_fw(void)
 DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required);
 
 int ssbd_state __read_mostly = ARM64_SSBD_KERNEL;
+static bool __ssb_safe = true;
 
 static const struct ssbd_options {
 	const char	*str;
@@ -362,10 +363,16 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 {
 	struct arm_smccc_res res;
 	bool required = true;
+	bool is_vul;
 	s32 val;
 
 	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
 
+	is_vul = is_midr_in_range_list(read_cpuid_id(), entry->midr_range_list);
+
+	if (is_vul)
+		__ssb_safe = false;
+
 	if (this_cpu_has_cap(ARM64_SSBS)) {
 		required = false;
 		goto out_printmsg;
@@ -399,6 +406,7 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 		ssbd_state = ARM64_SSBD_UNKNOWN;
 		return false;
 
+	/* machines with mixed mitigation requirements must not return this */
 	case SMCCC_RET_NOT_REQUIRED:
 		pr_info_once("%s mitigation not required\n", entry->desc);
 		ssbd_state = ARM64_SSBD_MITIGATED;
@@ -454,6 +462,16 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 	return required;
 }
 
+/* known vulnerable cores */
+static const struct midr_range arm64_ssb_cpus[] = {
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A76),
+	{},
+};
+
 static void __maybe_unused
 cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused)
 {
@@ -743,6 +761,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
 		.capability = ARM64_SSBD,
 		.type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
 		.matches = has_ssbd_mitigation,
+		.midr_range_list = arm64_ssb_cpus,
 	},
 #ifdef CONFIG_ARM64_ERRATUM_1188873
 	{
@@ -784,4 +803,30 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
 	return sprintf(buf, "Vulnerable\n");
 }
 
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+		struct device_attribute *attr, char *buf)
+{
+	/*
+	 *  Two assumptions: First, get_ssbd_state() reflects the worse case
+	 *  for hetrogenous machines, and that if SSBS is supported its
+	 *  supported by all cores.
+	 */
+	switch (arm64_get_ssbd_state()) {
+	case ARM64_SSBD_MITIGATED:
+		return sprintf(buf, "Not affected\n");
+
+	case ARM64_SSBD_KERNEL:
+	case ARM64_SSBD_FORCE_ENABLE:
+		if (cpus_have_cap(ARM64_SSBS))
+			return sprintf(buf, "Not affected\n");
+		return sprintf(buf,
+			"Mitigation: Speculative Store Bypass disabled\n");
+	}
+
+	if (__ssb_safe)
+		return sprintf(buf, "Not affected\n");
+
+	return sprintf(buf, "Vulnerable\n");
+}
+
 #endif