From patchwork Tue Jun 12 20:24:09 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Nishanth Menon <nm@ti.com>
X-Patchwork-Id: 138379
Delivered-To: patch@linaro.org
Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5814819lji;
 Tue, 12 Jun 2018 13:26:23 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKKdqUieHAicctKmQr5A5yLvberAW9pkljL4JczRyLB9wwa4OYcTgioEJ10sMvjDVMOAAsit
X-Received: by 2002:a1c:8bc3:: with SMTP id
 n186-v6mr1461497wmd.34.1528835183285; 
 Tue, 12 Jun 2018 13:26:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528835183; cv=none;
 d=google.com; s=arc-20160816;
 b=s9T5OSb/Gnj97eakTICquoQ39paJOi4IdnYEItxldtaFOv4s3NmQYIFxRVVF+nYUOF
 dpyfBgfAHjzAvd06UZJuC+HvtjZbHPYAi4jM2fTAeA/SmHRCL0iWiJaYeOAqL7LrkhBo
 zcZRFBTeBiD9UR2D8glFqi2PuVcqe/hxpXgskDoHD8PNDhGzWf83gYyJIZpWY6WB1bm1
 rvL03ZghHBcxuJfBU3ad3DRrlSB4KhNNUqP+MdE5kGKfXzHIY33IfjvTxk4ROMJvS3cx
 4aGcROWC1lRRIEtEo4m4FEBNnJ1fHT5WRQmIjpC+kF737hAbaahg9ViOgi4tTtWS1P4m
 pdkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help
 :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
 :cc:mime-version:references:in-reply-to:message-id:date:to:from
 :dkim-signature:arc-authentication-results;
 bh=bAc/lLbRGUpHCj6j+kiEtl91Zw0rROMqBRAtntDaCrI=;
 b=nXHGdAhHPQn2VhZCzzvjYTZsSSNusjBe6Q8XyGQXIaMbFnWa34Ueog4bDft9tRTpDt
 K5gMJ4q3WT8YS4W+Y04lCOnKmbtZQKf26TpgB1b+sMAPZGSWusxk7d5CxZGOBoguOgi3
 ikQscuU6PNHrBq6pEOckTonHn3vKVpv6BGwfiumwDZfK8npodiOLa5DkKvbwmQAdhic6
 HXhVEz04B6I+A6IW+o/SRViJp3s5KrftH5ZbTXQICcmHUetjTDCm/UJkGuaX2RCZT60L
 lQrrTFKQjR6pem84u5QEOEDu4B3dQlB9D6POwkj9xff+sXzVd5GckfbkiRVJUSHmr8Pn
 97Jg==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@ti.com
 header.s=ti-com-17Q1 header.b=BWQ8LTOl; 
 spf=pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from lists.denx.de (dione.denx.de. [81.169.180.215])
 by mx.google.com with ESMTP id
 t49-v6si1046079edb.202.2018.06.12.13.26.22; 
 Tue, 12 Jun 2018 13:26:23 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) client-ip=81.169.180.215; 
Authentication-Results: mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@ti.com
 header.s=ti-com-17Q1 header.b=BWQ8LTOl; 
 spf=pass (google.com: best guess record for domain of
 u-boot-bounces@lists.denx.de designates 81.169.180.215 as
 permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com
Received: by lists.denx.de (Postfix, from userid 105)
 id BF522C21DD9; Tue, 12 Jun 2018 20:25:17 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=KHOP_BIG_TO_CC, T_DKIM_INVALID
 autolearn=unavailable autolearn_force=no version=3.4.0
Received: from lists.denx.de (localhost [IPv6:::1])
 by lists.denx.de (Postfix) with ESMTP id CA0FFC21DA6;
 Tue, 12 Jun 2018 20:24:40 +0000 (UTC)
Received: by lists.denx.de (Postfix, from userid 105)
 id CA912C21BE5; Tue, 12 Jun 2018 20:24:37 +0000 (UTC)
Received: from fllnx209.ext.ti.com (fllnx209.ext.ti.com [198.47.19.16])
 by lists.denx.de (Postfix) with ESMTPS id 5528CC21C93
 for <u-boot@lists.denx.de>; Tue, 12 Jun 2018 20:24:36 +0000 (UTC)
Received: from dlelxv90.itg.ti.com ([172.17.2.17])
 by fllnx209.ext.ti.com (8.15.1/8.15.1) with ESMTP id w5CKODtR026495; 
 Tue, 12 Jun 2018 15:24:13 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com;
 s=ti-com-17Q1; t=1528835053;
 bh=Hk7m5+Z627gixASbCc3MsAavxfRTsbXt4VKV2ncGlDY=;
 h=From:To:CC:Subject:Date:In-Reply-To:References;
 b=BWQ8LTOlc5Aazx5pdgZ+RHHYbW1g5sFFk0hri/P5Oigwu63FY2qhVjRajM1O6A6Fo
 vXoLJsEi6JdukEpIllQzQdQrRQFr0drFtBewsxXF720s0lg39FfAAHl/70WnNYfc76
 xMkYtaNMcmKqHO7J9MeFrxTqMCAerenC3f8c7f3M=
Received: from DLEE100.ent.ti.com (dlee100.ent.ti.com [157.170.170.30])
 by dlelxv90.itg.ti.com (8.14.3/8.13.8) with ESMTP id w5CKODZQ011477; 
 Tue, 12 Jun 2018 15:24:13 -0500
Received: from DLEE101.ent.ti.com (157.170.170.31) by DLEE100.ent.ti.com
 (157.170.170.30) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3;
 Tue, 12 Jun 2018 15:24:13 -0500
Received: from dflp33.itg.ti.com (10.64.6.16) by DLEE101.ent.ti.com
 (157.170.170.31) with Microsoft SMTP Server (version=TLS1_0,
 cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1466.3 via Frontend
 Transport; Tue, 12 Jun 2018 15:24:13 -0500
Received: from localhost (ileax41-snat.itg.ti.com [10.172.224.153])
 by dflp33.itg.ti.com (8.14.3/8.13.8) with ESMTP id w5CKODOL003454;
 Tue, 12 Jun 2018 15:24:13 -0500
From: Nishanth Menon <nm@ti.com>
To: Tom Rini <trini@konsulko.com>, Russell King <linux@arm.linux.org.uk>,
 Marc Zyngier <marc.zyngier@arm.com>,
 Catalin Marinas <catalin.marinas@arm.com>, 
 Will Deacon <will.deacon@arm.com>, Tony Lindgren <tony@atomide.com>
Date: Tue, 12 Jun 2018 15:24:09 -0500
Message-ID: <20180612202411.29798-3-nm@ti.com>
X-Mailer: git-send-email 2.15.1
In-Reply-To: <20180612202411.29798-1-nm@ti.com>
References: <20180612202411.29798-1-nm@ti.com>
MIME-Version: 1.0
X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Andre Przywara <Andre.Przywara@arm.com>,
 U-Boot-Denx <u-boot@lists.denx.de>, 
 Christoffer Dall <christoffer.dall@linaro.org>,
 Robin Murphy <robin.murphy@arm.com>, linux-arm-kernel@lists.infradead.org
Subject: [U-Boot] [PATCH 2/4] ARM: Introduce ability to enable invalidate of
 BTB with ICIALLU on Cortex-A15 for CVE-2017-5715
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

As recommended by Arm in [1], ACTLR[0] (Enable invalidates of BTB)
needs to be set[2] for BTB to be invalidated on ICIALLU. This needs to
be done unconditionally for Cortex-A15 processors. Provide a config
option for platforms to enable this option based on impact analysis
for products.

NOTE: This patch in itself is NOT the final solution, this requires:
a) Implementation of v7_arch_cp15_set_acr on SoCs which may not
   provide direct access to ACR register.
b) Operating Systems such as Linux to provide adequate workaround in the
   right locations.
c) This workaround applies to only the boot processor. It is important
   to apply workaround as necessary (context-save-restore) around low
   power context loss OR additional processors as necessary in either
   firmware support OR elsewhere in OS.

[1] https://developer.arm.com/support/security-update
[2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0438c/BABGHIBG.html

Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Andre Przywara <Andre.Przywara@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Michael Nazzareno Trimarchi <michael@amarulasolutions.com>

Signed-off-by: Nishanth Menon <nm@ti.com>
Tested-by: Fabio Estevam <fabio.estevam@nxp.com>
---
 arch/arm/Kconfig           | 4 ++++
 arch/arm/cpu/armv7/start.S | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 9e32d5b43cb0..98f58fd27696 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -109,6 +109,7 @@ config SYS_ARM_MPU
 # CONFIG_ARM_ERRATA_798870
 # CONFIG_ARM_ERRATA_801819
 # CONFIG_ARM_CORTEX_A8_CVE_2017_5715
+# CONFIG_ARM_CORTEX_A15_CVE_2017_5715
 
 config ARM_ERRATA_430973
 	bool
@@ -182,6 +183,9 @@ config ARM_ERRATA_855873
 config ARM_CORTEX_A8_CVE_2017_5715
 	bool
 
+config ARM_CORTEX_A15_CVE_2017_5715
+	bool
+
 config CPU_ARM720T
 	bool
 	select SYS_CACHE_SHIFT_5
diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S
index 3beaf5a93d81..81edec01bf32 100644
--- a/arch/arm/cpu/armv7/start.S
+++ b/arch/arm/cpu/armv7/start.S
@@ -241,6 +241,14 @@ skip_errata_798870:
 skip_errata_801819:
 #endif
 
+#ifdef CONFIG_ARM_CORTEX_A15_CVE_2017_5715
+	mrc	p15, 0, r0, c1, c0, 1	@ read auxilary control register
+	orr	r0, r0, #1 << 0		@ Enable invalidates of BTB
+	push	{r1-r5}			@ Save the cpu info registers
+	bl	v7_arch_cp15_set_acr
+	pop	{r1-r5}			@ Restore the cpu info - fall through
+#endif
+
 #ifdef CONFIG_ARM_ERRATA_454179
 	mrc	p15, 0, r0, c1, c0, 1	@ Read ACR