From patchwork Thu Mar 21 23:05:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160834 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140463jan; Thu, 21 Mar 2019 16:06:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqxfr4e0brYNt3P6ymjgGdWOaof4uUTgldO8xP/HKlEjy8PJzMRnjpLUyh2GRboPsqDynzbK X-Received: by 2002:a62:1b03:: with SMTP id b3mr2294544pfb.150.1553209614196; Thu, 21 Mar 2019 16:06:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209614; cv=none; d=google.com; s=arc-20160816; b=kuAoyHlEgr8s36sc6n5fh6DcwMOkqCMJZkQVMUXPZZcqDfKPcPq+xCmV8N2NtcEWvp Mi5u7uu2eApC5nuCa2UPkQCApeUo4JmM5qADJz2Y1WKHUWB9rAjAj+1vqqizZ5pLTdiM MBDymidP3KgDMMFanb0DM/Y2G2rs22Xe3vj31Tm03xTienu/y8b2zO4Z3zyeFXAQG9Ww Gn6MZ3OPBzsfWzuE+ZnPervxl/D4a17KM6CGMPNcrHvm6oPF9JbtYbkScm2neGAqIvlx hzHCVKjw7byXaA8UhJcJR5Xy8kT5QjCgUWbN5Is3GJ7WFHZ0LWC6ulYvQHItpdzz0UzD E7tA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=bIwZNWC78obdfFbQUneozc2o98IM2AfaqrHK55MfyW8=; b=MXCRq6UZW+o/n2FSDJXI5cZ+qffDcUw49eemhL8QP1NdhPOuJFRt3bfgLzAj4coZWH EcyVUdleWsMsZZsOUs2/8gp6oXePzTsYLtG2IzfYd+uNRsDi9vhi0PFIUr4bqlTnypYb lP+smPkwBicXSEBgfvX5GEhZsHSvvm4uNrJ60lMbnhgtHqlpJnYNBIDy0aHxmyEVe021 ERowJ87W64je9EH8f7PGH5ai1cw23SQiOBG+alQ/heM12KdLXHS72w3H7J4wvV2WFBOh lgj03gsChrpkOaob0+dmTCAzchZEXFkiB6FPug+DpIHl49Jso6UfwX8Z9F++Y8bhiqs3 lKhg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i8si4898013pgs.568.2019.03.21.16.06.53; Thu, 21 Mar 2019 16:06:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727385AbfCUXGK (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:10 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:35702 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726695AbfCUXGI (ORCPT ); Thu, 21 Mar 2019 19:06:08 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 337F3EBD; Thu, 21 Mar 2019 16:06:08 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 7115E3F614; Thu, 21 Mar 2019 16:06:07 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren , Jonathan Corbet , linux-doc@vger.kernel.org Subject: [PATCH v6 01/10] arm64: Provide a command line to disable spectre_v2 mitigation Date: Thu, 21 Mar 2019 18:05:48 -0500 Message-Id: <20190321230557.45107-2-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org There are various reasons, including bencmarking, to disable spectrev2 mitigation on a machine. Provide a command-line to do so. Signed-off-by: Jeremy Linton Reviewed-by: Suzuki K Poulose Reviewed-by: Andre Przywara Tested-by: Stefan Wahren Cc: Jonathan Corbet Cc: linux-doc@vger.kernel.org --- Documentation/admin-guide/kernel-parameters.txt | 8 ++++---- arch/arm64/kernel/cpu_errata.c | 13 +++++++++++++ 2 files changed, 17 insertions(+), 4 deletions(-) -- 2.20.1 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 2b8ee90bb644..d153bb15c8c7 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2873,10 +2873,10 @@ check bypass). With this option data leaks are possible in the system. - nospectre_v2 [X86,PPC_FSL_BOOK3E] Disable all mitigations for the Spectre variant 2 - (indirect branch prediction) vulnerability. System may - allow data leaks with this option, which is equivalent - to spectre_v2=off. + nospectre_v2 [X86,PPC_FSL_BOOK3E,ARM64] Disable all mitigations for + the Spectre variant 2 (indirect branch prediction) + vulnerability. System may allow data leaks with this + option. nospec_store_bypass_disable [HW] Disable all mitigations for the Speculative Store Bypass vulnerability diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 9950bb0cbd52..d2b2c69d31bb 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -220,6 +220,14 @@ static void qcom_link_stack_sanitization(void) : "=&r" (tmp)); } +static bool __nospectre_v2; +static int __init parse_nospectre_v2(char *str) +{ + __nospectre_v2 = true; + return 0; +} +early_param("nospectre_v2", parse_nospectre_v2); + static void enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) { @@ -231,6 +239,11 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) if (!entry->matches(entry, SCOPE_LOCAL_CPU)) return; + if (__nospectre_v2) { + pr_info_once("spectrev2 mitigation disabled by command line option\n"); + return; + } + if (psci_ops.smccc_version == SMCCC_VERSION_1_0) return; From patchwork Thu Mar 21 23:05:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160825 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp139866jan; Thu, 21 Mar 2019 16:06:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqzC7/g9frA+9coDlewN9vZGkFOW43HiMh4r+MVL/8lK+8bz6PoBtD1irAIiGfvvpUaMvx2u X-Received: by 2002:a62:b618:: with SMTP id j24mr5848019pff.120.1553209572484; Thu, 21 Mar 2019 16:06:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209572; cv=none; d=google.com; s=arc-20160816; b=lgFGjGUHgLDleiqFHnh3vLQVN1FAMax1AJiOsEel1wH1FdviJraE5IUtv+/1SRYbEq 1ieM1QcGIOU45J0LyL80AKM+ZRIO5MU4tbPXtBfiEfLEY3tKAc9Wzd5R7qGDApqhTa6u W0np02rzXUx7dO4DgZr+GUEA2p9SnboBL+kdd0k++HjoTxVDlV5JpE2/+j2mtetvXGWA lGnuFe2msyaMdfCgIklWX1oiehPB/I0C5TBcLpjAfRE/Sc8IPuTcjQAT2yWpLhIKOyei zcybDqZEzLHmvwu5NfdUoyYmF0cjcY/nHWNHp9Who2ZuZqDpOjagTkJNOKb6Gexrx+/E bATA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=M1+2PZWP020NLdUI4pdhyEbWgrY/FWYDixe8V5BhP9M=; b=ky5gBFAhNA4fi/QVAUP3dUc/0143zGB5qqGJxqGo/FVM/wBECzLVHO2w+u7nngw1zg i2xDsxxCiAIWsUsr7WTcA14lP318Iah8VEQpLXvrMPeihpjwV+ZBZrbpH2CBaf9G/4jl PKTBgCEnvTzYHuvpOeFlOiI/g1sdigmWZByneYMwFpte9iHsTih5YHMaHMKhiVOv7OuO kgfNMshTwhQozMK8XqxxOVKzNUTEwc3sSxm4ifux3xSbWUPyrbHHe+iyVGQ0a5YPzefO VXq0nYoAiv3zUQQaYW42iAjd53DwF155n+LzaluYTmcnMgHuDYHeFZXGMYxB88m06t2V eW9w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h35si5833716plb.180.2019.03.21.16.06.12; Thu, 21 Mar 2019 16:06:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727404AbfCUXGL (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:11 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:35718 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727373AbfCUXGK (ORCPT ); Thu, 21 Mar 2019 19:06:10 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0F02315BE; Thu, 21 Mar 2019 16:06:10 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4C7BA3F614; Thu, 21 Mar 2019 16:06:09 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Mian Yousaf Kaukab , Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 02/10] arm64: add sysfs vulnerability show for spectre v1 Date: Thu, 21 Mar 2019 18:05:49 -0500 Message-Id: <20190321230557.45107-3-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mian Yousaf Kaukab spectre v1, has been mitigated, and the mitigation is always active. Signed-off-by: Mian Yousaf Kaukab Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren Acked-by: Suzuki K Poulose --- arch/arm64/kernel/cpu_errata.c | 6 ++++++ 1 file changed, 6 insertions(+) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index d2b2c69d31bb..cf623657cf3c 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -755,3 +755,9 @@ const struct arm64_cpu_capabilities arm64_errata[] = { { } }; + +ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, + char *buf) +{ + return sprintf(buf, "Mitigation: __user pointer sanitization\n"); +} From patchwork Thu Mar 21 23:05:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160826 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp139931jan; Thu, 21 Mar 2019 16:06:16 -0700 (PDT) X-Google-Smtp-Source: APXvYqzaOA8Z1yZDcGBQ32QuMy6OKIFzTMNNjPiDFMAdV73n7GMd1Q1f31yG8YUmKaAwjyV3seFj X-Received: by 2002:a62:1c87:: with SMTP id c129mr5908506pfc.94.1553209575972; Thu, 21 Mar 2019 16:06:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209575; cv=none; d=google.com; s=arc-20160816; b=mm1lXkzx3iYiK/y4hC6ptiP1C5d4AK5rhGoRtisNA8htiSz+GH/Q0P70oy7+gy/5NE T+ZfCNVio1gVs8ZbMNzDKVoIZSpqZWc5FzqjhBAmO2QoPwMwfYbiaZXzE7GCgLD7A1hh dwauno5SKc277A8eINoQ4c2ipuP8CnO6gXNXs+t6kePA0B08hP1MrAKAyGItmFUcRRH3 19DCcLzoHboXrDc+fUKrhXs8xbs4E11yCZXsO/dzIPdLIMvdpVfZkpY4LGxcVH45ZkVW SIQfBiJmn93EKT6hII6TYn4vhRvvDFidao6mAjqQrYfxnuqk80bW8lLkGEwTGo2aFD8J ajUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=5YB6ORa9NaD5kY/wV65cvncLauib/wDOth2DS0X7S78=; b=d3DBvxFI6y6zRdBJbWT6wPSWixLi1KoHNeHOOalu4g8XP05Gv8JZ5Qmd1yxxU+n4WM 4EnXXziV2oC3r5Dffa8W7dvO9qBLGhgshxWTNPXVScIbJYKgan1OEWWeS+gSER1hpgLn egHXpQf4Rzi9qXnp+JRQ3UxL9dp8ZVD+F3hHPVxTqghG8VD2q5cuHK0iyHd52gyFQZqT nq38YM2TA1dOjSMJQIJRJugGOap7jghGGaTl1NJiYW02j5msXMWYvv2ZX13lNoYOq4Yd e6Q+gryoqUXncB+SvcJI2d65cgtp4a/e9MsR+ykj8Tl7ikZa9e5DUSWBCfliCc8xRAVn hw/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h35si5833716plb.180.2019.03.21.16.06.15; Thu, 21 Mar 2019 16:06:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727429AbfCUXGO (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:14 -0400 Received: from foss.arm.com ([217.140.101.70]:35736 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727373AbfCUXGM (ORCPT ); Thu, 21 Mar 2019 19:06:12 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 98F22165C; Thu, 21 Mar 2019 16:06:11 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id F18123F614; Thu, 21 Mar 2019 16:06:10 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Stefan Wahren Subject: [PATCH v6 03/10] arm64: add sysfs vulnerability show for meltdown Date: Thu, 21 Mar 2019 18:05:50 -0500 Message-Id: <20190321230557.45107-4-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Display the system vulnerability status. This means that while its possible to have the mitigation enabled, the sysfs entry won't indicate that status. This is because the core ABI doesn't express the concept of mitigation when the system isn't vulnerable. Signed-off-by: Jeremy Linton Reviewed-by: Suzuki K Poulose Tested-by: Stefan Wahren --- arch/arm64/kernel/cpufeature.c | 58 ++++++++++++++++++++++++++-------- 1 file changed, 44 insertions(+), 14 deletions(-) -- 2.20.1 Reviewed-by: Andre Przywara diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 4061de10cea6..6b7e1556460a 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -947,7 +947,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope) return has_cpuid_feature(entry, scope); } -#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +static bool __meltdown_safe = true; static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, @@ -967,6 +967,16 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, { /* sentinel */ } }; char const *str = "command line option"; + bool meltdown_safe; + + meltdown_safe = is_midr_in_range_list(read_cpuid_id(), kpti_safe_list); + + /* Defer to CPU feature registers */ + if (has_cpuid_feature(entry, scope)) + meltdown_safe = true; + + if (!meltdown_safe) + __meltdown_safe = false; /* * For reasons that aren't entirely clear, enabling KPTI on Cavium @@ -978,6 +988,19 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, __kpti_forced = -1; } + /* Useful for KASLR robustness */ + if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_offset() > 0) { + if (!__kpti_forced) { + str = "KASLR"; + __kpti_forced = 1; + } + } + + if (!IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) { + pr_info_once("kernel page table isolation disabled by CONFIG\n"); + return false; + } + /* Forced? */ if (__kpti_forced) { pr_info_once("kernel page table isolation forced %s by %s\n", @@ -985,18 +1008,10 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, return __kpti_forced > 0; } - /* Useful for KASLR robustness */ - if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) - return kaslr_offset() > 0; - - /* Don't force KPTI for CPUs that are not vulnerable */ - if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) - return false; - - /* Defer to CPU feature registers */ - return !has_cpuid_feature(entry, scope); + return !meltdown_safe; } +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 static void kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) { @@ -1026,6 +1041,12 @@ kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) return; } +#else +static void +kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) +{ +} +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ static int __init parse_kpti(char *str) { @@ -1039,7 +1060,6 @@ static int __init parse_kpti(char *str) return 0; } early_param("kpti", parse_kpti); -#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ #ifdef CONFIG_ARM64_HW_AFDBM static inline void __cpu_enable_hw_dbm(void) @@ -1306,7 +1326,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { .field_pos = ID_AA64PFR0_EL0_SHIFT, .min_field_value = ID_AA64PFR0_EL0_32BIT_64BIT, }, -#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 { .desc = "Kernel page table isolation (KPTI)", .capability = ARM64_UNMAP_KERNEL_AT_EL0, @@ -1322,7 +1341,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { .matches = unmap_kernel_at_el0, .cpu_enable = kpti_install_ng_mappings, }, -#endif { /* FP/SIMD is not implemented */ .capability = ARM64_HAS_NO_FPSIMD, @@ -2101,3 +2119,15 @@ static int __init enable_mrs_emulation(void) } core_initcall(enable_mrs_emulation); + +ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, + char *buf) +{ + if (__meltdown_safe) + return sprintf(buf, "Not affected\n"); + + if (arm64_kernel_unmapped_at_el0()) + return sprintf(buf, "Mitigation: KPTI\n"); + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Thu Mar 21 23:05:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160833 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140405jan; Thu, 21 Mar 2019 16:06:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqzgOzIUZAAaRqK9eUcgFTONpz8I46meci6by75/wckk+euPUs+FiXXi6k4F5dzUqwxlrB6m X-Received: by 2002:a17:902:9a02:: with SMTP id v2mr6209382plp.201.1553209608275; Thu, 21 Mar 2019 16:06:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209608; cv=none; d=google.com; s=arc-20160816; b=ilVjfpJYuAgDE0yqvpGLm4uCUy4UbypxW9f6DzQdxwUSS5kxMoPzMtuVU8u278d3kS PWWIXk+kj/RmjEitrJM6nZsNy90mvun7P+zBsn6DIknhGmJk0tPtJUR6JC5mP5JViKDI C9J85y+TSxssxeUFaFoRwmEldgS36zEZv0WCzq+7P0nLfvoyHpC1zC7G90IP/6DvUq1F 39PAHzK3yPITQuAzfAH1pCNCMVzert8GqIFxCnHbpMo8/Lc3/nMMq178tCcFQ/vxYkrc 2pNAECX0x1WkAEp7SFYSURqGRPybx7KNpZtgj2G7VRSSvMwOTSohAuVBvA2StxySM3fH oatg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=syvVDg8CsEuxoIEtPydsvyQnTjmu357FNLQ8rCnmIok=; b=LX2OOJBUBLboZF+7t035xHcVJiuKO7QcKOJkYWWsA73J7w+RO5A7O9F6RfuSb/Qtax A82h8ffpgPpRNHXZooRlqF6Lzr4lSISyNeaRLbxmteZH/GdsjpsUoKG5B3JGu/YQqRc+ 4ENS+W2y7CkFC6wIxJfIUXXbJ+Nfgpg9b6mWwIPI69y/4EGZ8CZ45jR2m44bDd+YFXBd bx/Ilhov08Uy0Wl+YEY/oVNlDNRhE0mgK4XmfNHnUMWLsaJ1EC8sniw2rwu8tTCguvxU J61ScqhdUbxoSWxwH3yUl30aVz4fbpNOekN1XRLJe2JoXBVEk3BrGluo+81C5YFma9uX gg1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i10si5155660pfj.186.2019.03.21.16.06.47; Thu, 21 Mar 2019 16:06:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727555AbfCUXGq (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:46 -0400 Received: from foss.arm.com ([217.140.101.70]:35748 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727405AbfCUXGN (ORCPT ); Thu, 21 Mar 2019 19:06:13 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3DC03168F; Thu, 21 Mar 2019 16:06:13 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 8D7353F614; Thu, 21 Mar 2019 16:06:12 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 04/10] arm64: Advertise mitigation of Spectre-v2, or lack thereof Date: Thu, 21 Mar 2019 18:05:51 -0500 Message-Id: <20190321230557.45107-5-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Marc Zyngier We currently have a list of CPUs affected by Spectre-v2, for which we check that the firmware implements ARCH_WORKAROUND_1. It turns out that not all firmwares do implement the required mitigation, and that we fail to let the user know about it. Instead, let's slightly revamp our checks, and rely on a whitelist of cores that are known to be non-vulnerable, and let the user know the status of the mitigation in the kernel log. Signed-off-by: Marc Zyngier [This makes more sense in front of the sysfs patch] [Pick pieces of that patch into this and move it earlier] Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 107 +++++++++++++++++---------------- 1 file changed, 55 insertions(+), 52 deletions(-) -- 2.20.1 Reviewed-by: Suzuki K Poulose diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index cf623657cf3c..2b6e6d8e105b 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -131,9 +131,9 @@ static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start, __flush_icache_range((uintptr_t)dst, (uintptr_t)dst + SZ_2K); } -static void __install_bp_hardening_cb(bp_hardening_cb_t fn, - const char *hyp_vecs_start, - const char *hyp_vecs_end) +static void install_bp_hardening_cb(bp_hardening_cb_t fn, + const char *hyp_vecs_start, + const char *hyp_vecs_end) { static DEFINE_RAW_SPINLOCK(bp_lock); int cpu, slot = -1; @@ -177,23 +177,6 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn, } #endif /* CONFIG_KVM_INDIRECT_VECTORS */ -static void install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry, - bp_hardening_cb_t fn, - const char *hyp_vecs_start, - const char *hyp_vecs_end) -{ - u64 pfr0; - - if (!entry->matches(entry, SCOPE_LOCAL_CPU)) - return; - - pfr0 = read_cpuid(ID_AA64PFR0_EL1); - if (cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_CSV2_SHIFT)) - return; - - __install_bp_hardening_cb(fn, hyp_vecs_start, hyp_vecs_end); -} - #include #include #include @@ -228,31 +211,27 @@ static int __init parse_nospectre_v2(char *str) } early_param("nospectre_v2", parse_nospectre_v2); -static void -enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) +/* + * -1: No workaround + * 0: No workaround required + * 1: Workaround installed + */ +static int detect_harden_bp_fw(void) { bp_hardening_cb_t cb; void *smccc_start, *smccc_end; struct arm_smccc_res res; u32 midr = read_cpuid_id(); - if (!entry->matches(entry, SCOPE_LOCAL_CPU)) - return; - - if (__nospectre_v2) { - pr_info_once("spectrev2 mitigation disabled by command line option\n"); - return; - } - if (psci_ops.smccc_version == SMCCC_VERSION_1_0) - return; + return -1; switch (psci_ops.conduit) { case PSCI_CONDUIT_HVC: arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); if ((int)res.a0 < 0) - return; + return -1; cb = call_hvc_arch_workaround_1; /* This is a guest, no need to patch KVM vectors */ smccc_start = NULL; @@ -263,23 +242,23 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); if ((int)res.a0 < 0) - return; + return -1; cb = call_smc_arch_workaround_1; smccc_start = __smccc_workaround_1_smc_start; smccc_end = __smccc_workaround_1_smc_end; break; default: - return; + return -1; } if (((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR) || ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) cb = qcom_link_stack_sanitization; - install_bp_hardening_cb(entry, cb, smccc_start, smccc_end); + install_bp_hardening_cb(cb, smccc_start, smccc_end); - return; + return 1; } #endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ @@ -521,24 +500,48 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) CAP_MIDR_RANGE_LIST(midr_list) #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR - /* - * List of CPUs where we need to issue a psci call to - * harden the branch predictor. + * List of CPUs that do not need any Spectre-v2 mitigation at all. */ -static const struct midr_range arm64_bp_harden_smccc_cpus[] = { - MIDR_ALL_VERSIONS(MIDR_CORTEX_A57), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A72), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), - MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), - MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2), - MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR_V1), - MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR), - MIDR_ALL_VERSIONS(MIDR_NVIDIA_DENVER), - {}, +static const struct midr_range spectre_v2_safe_list[] = { + MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A53), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A55), + { /* sentinel */ } }; +static bool __maybe_unused +check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) +{ + int need_wa; + + WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); + + /* If the CPU has CSV2 set, we're safe */ + if (cpuid_feature_extract_unsigned_field(read_cpuid(ID_AA64PFR0_EL1), + ID_AA64PFR0_CSV2_SHIFT)) + return false; + + /* Alternatively, we have a list of unaffected CPUs */ + if (is_midr_in_range_list(read_cpuid_id(), spectre_v2_safe_list)) + return false; + + /* Fallback to firmware detection */ + need_wa = detect_harden_bp_fw(); + if (!need_wa) + return false; + + /* forced off */ + if (__nospectre_v2) { + pr_info_once("spectrev2 mitigation disabled by command line option\n"); + return false; + } + + if (need_wa < 0) + pr_warn_once("ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware\n"); + + return (need_wa > 0); +} #endif #ifdef CONFIG_HARDEN_EL2_VECTORS @@ -717,8 +720,8 @@ const struct arm64_cpu_capabilities arm64_errata[] = { #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR { .capability = ARM64_HARDEN_BRANCH_PREDICTOR, - .cpu_enable = enable_smccc_arch_workaround_1, - ERRATA_MIDR_RANGE_LIST(arm64_bp_harden_smccc_cpus), + .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, + .matches = check_branch_predictor, }, #endif #ifdef CONFIG_HARDEN_EL2_VECTORS From patchwork Thu Mar 21 23:05:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160827 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp139963jan; Thu, 21 Mar 2019 16:06:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqwdOwG8AUcq0HaZAy0nSLd8FayNlHydQd023Y2CHJiqoT8YdoWUO8z1GJHH8TKrmzahHyU5 X-Received: by 2002:a65:6546:: with SMTP id a6mr5806480pgw.296.1553209578589; Thu, 21 Mar 2019 16:06:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209578; cv=none; d=google.com; s=arc-20160816; b=xAXyZSUAJBaVtXs1epVP7+5EV5WB3Cr8PYAsbHXhNScuO3K3xY4YslcqDNQASxQ9xe Gwej6TeXLMVAZ2CXUQDg80hmTJcHpwjtCUclFHXXvxEe78xI5fY3Qt7lXXgHJwOqO6Rj qceP06Gav1Ji6ODZ+fSe3O3KdzHbzxmd5QwPGMsuB/NevCWLhTX8j4P3eNhg7UPalP1D Obp5FtxU0WsAZRuJCGxoCzz/AT9qQjRfcXVlPVTO0d7nPAqoihVPavk58YdjPrmwXPdb wvy0Oy3lXpuOQGc8YcyQvjRKR7yc5Cmo04CYVL276ZJTgaOVreXK9Bl8f26CK+6hrUNL Ag4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Qeygu4zdPzQMjSCgTQtTy21JQpcsIhU2+1YtX+7whHc=; b=PdpAsk/OrdTd3GDdZAQB/rpQvAZkM9Yb1LGVcTg8E6Hbu03MTYz9SM5N5+t2qdjcSE ckaUfifNh2C92TSYgMSMRs1PHJ+S29G3RMxwfKls3Ny9D3/whJxlPmqaNKbdXp+m2OmE 8XntimawjljuND/eMFm/DL6Q49tIq0Vwr5e1sPLxauxMh8vWqjx4QxZ9jzAHY2TT/J+J 03uXV7hc+RAmzJPZJg31Qsian2xuLw7a2IqBqTZ4lCcO3qzZfasXB+qx0RCXnd8UVHEy zFHv1LWnJAAc/1S9zmVDkQSIIq41c80WmwO7J7CtKVIVCIOxvVlfmktTgHWe4zK6R4Yj V0lQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h35si5833716plb.180.2019.03.21.16.06.18; Thu, 21 Mar 2019 16:06:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727453AbfCUXGR (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:17 -0400 Received: from foss.arm.com ([217.140.101.70]:35762 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727430AbfCUXGO (ORCPT ); Thu, 21 Mar 2019 19:06:14 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7367516A3; Thu, 21 Mar 2019 16:06:14 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C2F543F614; Thu, 21 Mar 2019 16:06:13 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 05/10] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Date: Thu, 21 Mar 2019 18:05:52 -0500 Message-Id: <20190321230557.45107-6-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Marc Zyngier The SMCCC ARCH_WORKAROUND_1 service can indicate that although the firmware knows about the Spectre-v2 mitigation, this particular CPU is not vulnerable, and it is thus not necessary to call the firmware on this CPU. Let's use this information to our benefit. Signed-off-by: Marc Zyngier Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 2b6e6d8e105b..e5c4c5d84a4e 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -230,22 +230,36 @@ static int detect_harden_bp_fw(void) case PSCI_CONDUIT_HVC: arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); - if ((int)res.a0 < 0) + switch ((int)res.a0) { + case 1: + /* Firmware says we're just fine */ + return 0; + case 0: + cb = call_hvc_arch_workaround_1; + /* This is a guest, no need to patch KVM vectors */ + smccc_start = NULL; + smccc_end = NULL; + break; + default: return -1; - cb = call_hvc_arch_workaround_1; - /* This is a guest, no need to patch KVM vectors */ - smccc_start = NULL; - smccc_end = NULL; + } break; case PSCI_CONDUIT_SMC: arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); - if ((int)res.a0 < 0) + switch ((int)res.a0) { + case 1: + /* Firmware says we're just fine */ + return 0; + case 0: + cb = call_smc_arch_workaround_1; + smccc_start = __smccc_workaround_1_smc_start; + smccc_end = __smccc_workaround_1_smc_end; + break; + default: return -1; - cb = call_smc_arch_workaround_1; - smccc_start = __smccc_workaround_1_smc_start; - smccc_end = __smccc_workaround_1_smc_end; + } break; default: From patchwork Thu Mar 21 23:05:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160828 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140021jan; Thu, 21 Mar 2019 16:06:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqzUP+fT9LfUybknLsMK+Zai6w8+MaV10U2FWp5/IvVogsnpnbmOgInXldfZI+7gh0dZFvjJ X-Received: by 2002:a17:902:681:: with SMTP id 1mr6293096plh.31.1553209582168; Thu, 21 Mar 2019 16:06:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209582; cv=none; d=google.com; s=arc-20160816; b=az9C6unWtVM/fmMQ9VUSpC7W0yp7sJF+qQC1lX6WWgkVgOaPmZde4UuLFljc4JgFtJ Tj1Zwncjf/8W4KOOAvXERBGSJsjkkBmvTakMcqbTgxrJbv0tVVg9kpJcdB5Eq9/dgCWv vh78Gh9suxde7oTXL/m1vado8SsgSZvtN8cjnUfQHGgrS6uoIMaG0thPHNX6rcOexI0c Usf2ylwh2l9RaoExs+HX0/f1MQLkUrlJwMB/SzwXj5iy2KxjLwUqxTbzykWRq8pKSt/4 MzWkKkpYJW27moutyJP4kmedsGRBpTEWBwS6ObwNPw20L6qS1HTM1KlUzxd8V+myjecZ Kgcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ax91oskZDxgzgy/61js674czDJzRzYkVE4BK6F5sxM4=; b=IYdmClnIDsxS2dE6zGgHEksVMcXI/HuGPYl5G3IdTLtxc5beUquhr0yhRTh4Gk4+Fw IO4MEm6wIKqGWg3/M9ROWzKC4DSszXcJS3eMCwkj30PdPE4hnRivrVWN1cYqz0tc312n BBdtgJILarSLjD148MuH6jAc/po42GvSIxmdZID2FSVQST6Ty8KvoBLaYmN/hsmbSIsy dbIlYy2zUvuGYVlrU3U/Yf+Fvmlf0ALB9O3t4rFmJcneYxQ+sCyPxdORCR4GRy+H8npv 2VD8C10FX7CCODTMhWYJr8a5sLPhqKFob+GkAWMylQ+ZX5IODc6m4loM6BPow4qaO+9r 9TuA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f6si5491856plr.411.2019.03.21.16.06.21; Thu, 21 Mar 2019 16:06:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727476AbfCUXGU (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:20 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:35772 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727434AbfCUXGQ (ORCPT ); Thu, 21 Mar 2019 19:06:16 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8C70E1713; Thu, 21 Mar 2019 16:06:15 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id DC56E3F614; Thu, 21 Mar 2019 16:06:14 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 06/10] arm64: Always enable spectrev2 vulnerability detection Date: Thu, 21 Mar 2019 18:05:53 -0500 Message-Id: <20190321230557.45107-7-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The sysfs patches need to display machine vulnerability status regardless of kernel config. Prepare for that by breaking out the vulnerability/mitigation detection code from the logic which implements the mitigation. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index e5c4c5d84a4e..74c4a66500c4 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -109,7 +109,6 @@ cpu_enable_trap_ctr_access(const struct arm64_cpu_capabilities *__unused) atomic_t arm64_el2_vector_last_slot = ATOMIC_INIT(-1); -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR #include #include @@ -270,11 +269,11 @@ static int detect_harden_bp_fw(void) ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) cb = qcom_link_stack_sanitization; - install_bp_hardening_cb(cb, smccc_start, smccc_end); + if (IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) + install_bp_hardening_cb(cb, smccc_start, smccc_end); return 1; } -#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ #ifdef CONFIG_ARM64_SSBD DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); @@ -513,7 +512,6 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, \ CAP_MIDR_RANGE_LIST(midr_list) -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR /* * List of CPUs that do not need any Spectre-v2 mitigation at all. */ @@ -545,6 +543,11 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) if (!need_wa) return false; + if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { + pr_warn_once("spectrev2 mitigation disabled by configuration\n"); + return false; + } + /* forced off */ if (__nospectre_v2) { pr_info_once("spectrev2 mitigation disabled by command line option\n"); @@ -556,7 +559,6 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) return (need_wa > 0); } -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS @@ -731,13 +733,11 @@ const struct arm64_cpu_capabilities arm64_errata[] = { ERRATA_MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), }, #endif -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR { .capability = ARM64_HARDEN_BRANCH_PREDICTOR, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = check_branch_predictor, }, -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS { .desc = "EL2 vector hardening", From patchwork Thu Mar 21 23:05:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160832 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140296jan; Thu, 21 Mar 2019 16:06:40 -0700 (PDT) X-Google-Smtp-Source: APXvYqwDAxZr9SJBm5iGsmPkvnZ8u+zTxD+tqIWpR0fPX64YiZxBZlgwU4aPU91actlMHhlWo10q X-Received: by 2002:a63:e554:: with SMTP id z20mr5427435pgj.234.1553209600547; Thu, 21 Mar 2019 16:06:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209600; cv=none; d=google.com; s=arc-20160816; b=eEHFgNVzh78qbEptQ8fCrn7giu5KYkRT6vUP62fFjq+z/f6+bw6kjy4zPgbqZ9sH7T Cw+3hW/OqCOSONoScCf3o1BevZbfaiYOicnhWkOgdjfJnJNxsKIiDpYuZOyrJV+wxZNC gckkRqNWbiwkS2aKCR+WMOIHN3vfcBWB9ZmA/hTKxxta/AQUHytCoD+l1QSE0PHZB9Qz e92+ShGeLQvPpWNPpRvkCv6TmjpkhGWz9jawS2EeYWthsTj7Mpjv584uzQ6IGFadMNZ5 c5Bcu/EvL9l8eRpBOtXwhoNMBYBV022+t6o1Pk8OIezrSrqzm/6kwQ555cBYfAjk4HmO Vz6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=BoNCxGNa0bE2cwg0fFN7vKySJ0m/+Slx5HuxQW7WPxo=; b=VLhHXpUDO4AY4dtpNoqP2DKC/FfwwaQKEZv9RGnlePsdWl7rjTZ2hMHKQA7GKC+DtW AEgrwyi/WhzU+ZGcsP4WWvWGnu+ClED2djJYOK+y2V2I+bN5t7s/FbuvPbOV5wLAZkIZ 16hvwVebKM5v53UzK6NPfcA42dMTrcOX5iOqcUDFajGaGOmB4Cs+FGSBG2OxZolQxI1h V/dCE63LFfGAZmISXmekNDZB1Wl/luVAsP/wXgC1R0/3I/5Rtbkrmfxuvei/Z3iHfFg4 NGj5rvHHqVOS0XwbH4iTgWiZaLRtilG6Oz+NH5DJWH+5cQf7f8lJUbthxdWeM4xO/02S nHgA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i10si5155660pfj.186.2019.03.21.16.06.40; Thu, 21 Mar 2019 16:06:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727501AbfCUXGY (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:24 -0400 Received: from foss.arm.com ([217.140.101.70]:35794 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727474AbfCUXGU (ORCPT ); Thu, 21 Mar 2019 19:06:20 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 412AE374; Thu, 21 Mar 2019 16:06:20 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 90FF83F614; Thu, 21 Mar 2019 16:06:19 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 07/10] arm64: add sysfs vulnerability show for spectre v2 Date: Thu, 21 Mar 2019 18:05:54 -0500 Message-Id: <20190321230557.45107-8-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add code to track whether all the cores in the machine are vulnerable, and whether all the vulnerable cores have been mitigated. Once we have that information we can add the sysfs stub and provide an accurate view of what is known about the machine. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 74c4a66500c4..fb8eb6c6088f 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -512,6 +512,10 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, \ CAP_MIDR_RANGE_LIST(midr_list) +/* Track overall mitigation state. We are only mitigated if all cores are ok */ +static bool __hardenbp_enab = true; +static bool __spectrev2_safe = true; + /* * List of CPUs that do not need any Spectre-v2 mitigation at all. */ @@ -522,6 +526,10 @@ static const struct midr_range spectre_v2_safe_list[] = { { /* sentinel */ } }; +/* + * Track overall bp hardening for all heterogeneous cores in the machine. + * We are only considered "safe" if all booted cores are known safe. + */ static bool __maybe_unused check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) { @@ -543,19 +551,25 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) if (!need_wa) return false; + __spectrev2_safe = false; + if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { pr_warn_once("spectrev2 mitigation disabled by configuration\n"); + __hardenbp_enab = false; return false; } /* forced off */ if (__nospectre_v2) { pr_info_once("spectrev2 mitigation disabled by command line option\n"); + __hardenbp_enab = false; return false; } - if (need_wa < 0) + if (need_wa < 0) { pr_warn_once("ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware\n"); + __hardenbp_enab = false; + } return (need_wa > 0); } @@ -778,3 +792,15 @@ ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, { return sprintf(buf, "Mitigation: __user pointer sanitization\n"); } + +ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, + char *buf) +{ + if (__spectrev2_safe) + return sprintf(buf, "Not affected\n"); + + if (__hardenbp_enab) + return sprintf(buf, "Mitigation: Branch predictor hardening\n"); + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Thu Mar 21 23:05:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160830 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140195jan; Thu, 21 Mar 2019 16:06:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqwR88ePm5ZvDtzGg8gzEey+nb9TiqPANxVJMVilEm9/q9KjrzliK61q0LcQhpwVIwRj+WWM X-Received: by 2002:a65:620e:: with SMTP id d14mr5848725pgv.28.1553209593384; Thu, 21 Mar 2019 16:06:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209593; cv=none; d=google.com; s=arc-20160816; b=vAI6z99TIPImL5L8lO+svGQiC+sv3tHFkys1IijFAcn4mTOiCbPnSUP9sYOXhrpk19 ZGa96wFr7gdv+9jIji0OfTH3kMpEXHGLyKuAU8e/el0hQIyaqsTzzCqBHgS46xLxS2Z7 bm4HDb58Mo2sodB2ePwvrIxOMSaayQy8KLLptW9nZP/yr7L6E5S/PhwoJO9ZSsT299TH HxrT0HA8qTBmVT/mDZG5Guih4f3L2o9ufQ0ZJul320656fXh3ciQILVSJRDWb4xlMNAO pHNK3cMCeUdd+HnfvyefLbvyVCUotw9xY1/ssZawkrP6OmynSg0Pu7M60aDpLPgdTeC2 TDEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=eyLtrQWZPhW5bnKOLUtSwNBCjbJQXj1banrSKvaIE2o=; b=taR8QK+gMeZDGAxmhBAoSYaArxHnJFT+4L11LAE4HWKpMcf45xtCxz/H+M/Vcd9I3o pgWsnaMl8TOlWsTFFQ2/OBB4QG+J7xIaond1UkxYLeTCA06cPLuFk4zBK3bRhOoeeN2e 7uI3V+pubvkVZtKvoawwOsKD3y1VFiaCx6vXtooJO6oteLhXgsfjCcBj8QYFnt0DWG5Q IYY1QcXlKYpxe9U3RufSprAcuYdc8GcldpjPb0vnNebCEvZ8uQITDvMwLxPegamUN0Oy KPhNSyegrteqmkN/1OiBuXBSiO90lJLHd0DQYloEb2GBET2/4jW5qjJikNWps4qr7ztw B4sQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id cw2si5953154plb.283.2019.03.21.16.06.32; Thu, 21 Mar 2019 16:06:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727516AbfCUXG0 (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:26 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:35814 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727481AbfCUXGW (ORCPT ); Thu, 21 Mar 2019 19:06:22 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 94173EBD; Thu, 21 Mar 2019 16:06:21 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E29563F614; Thu, 21 Mar 2019 16:06:20 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 08/10] arm64: Always enable ssb vulnerability detection Date: Thu, 21 Mar 2019 18:05:55 -0500 Message-Id: <20190321230557.45107-9-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The ssb detection logic is necessary regardless of whether the vulnerability mitigation code is built into the kernel. Break it out so that the CONFIG option only controls the mitigation logic and not the vulnerability detection. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/include/asm/cpufeature.h | 4 ---- arch/arm64/kernel/cpu_errata.c | 11 +++++++---- 2 files changed, 7 insertions(+), 8 deletions(-) -- 2.20.1 diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h index e505e1fbd2b9..6ccdc97e5d6a 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -638,11 +638,7 @@ static inline int arm64_get_ssbd_state(void) #endif } -#ifdef CONFIG_ARM64_SSBD void arm64_set_ssbd_mitigation(bool state); -#else -static inline void arm64_set_ssbd_mitigation(bool state) {} -#endif extern int do_emulate_mrs(struct pt_regs *regs, u32 sys_reg, u32 rt); diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index fb8eb6c6088f..6958dcdabf7d 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -275,7 +275,6 @@ static int detect_harden_bp_fw(void) return 1; } -#ifdef CONFIG_ARM64_SSBD DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); int ssbd_state __read_mostly = ARM64_SSBD_KERNEL; @@ -346,6 +345,7 @@ void __init arm64_enable_wa2_handling(struct alt_instr *alt, *updptr = cpu_to_le32(aarch64_insn_gen_nop()); } +#ifdef CONFIG_ARM64_SSBD void arm64_set_ssbd_mitigation(bool state) { if (this_cpu_has_cap(ARM64_SSBS)) { @@ -370,6 +370,12 @@ void arm64_set_ssbd_mitigation(bool state) break; } } +#else +void arm64_set_ssbd_mitigation(bool state) +{ + pr_info_once("SSBD disabled by kernel configuration\n"); +} +#endif /* CONFIG_ARM64_SSBD */ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, int scope) @@ -467,7 +473,6 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, return required; } -#endif /* CONFIG_ARM64_SSBD */ static void __maybe_unused cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) @@ -759,14 +764,12 @@ const struct arm64_cpu_capabilities arm64_errata[] = { ERRATA_MIDR_RANGE_LIST(arm64_harden_el2_vectors), }, #endif -#ifdef CONFIG_ARM64_SSBD { .desc = "Speculative Store Bypass Disable", .capability = ARM64_SSBD, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = has_ssbd_mitigation, }, -#endif #ifdef CONFIG_ARM64_ERRATUM_1188873 { /* Cortex-A76 r0p0 to r2p0 */ From patchwork Thu Mar 21 23:05:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160829 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140140jan; Thu, 21 Mar 2019 16:06:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqxQEG0wjXEkH09IVvoJyD1apl7gYNUdty9oyexP4OSxGbikab5KcqZYQ1oKLWVRqlsp1H4D X-Received: by 2002:a17:902:142:: with SMTP id 60mr6144170plb.191.1553209590589; Thu, 21 Mar 2019 16:06:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209590; cv=none; d=google.com; s=arc-20160816; b=a7yb19RyJFArATx1ojl6C2UxG0CoPnmEuzdlcs00LZQnlZHys0WDryQUJxIrbL89w6 9Vpy14QLemQOS4+lPio3buzCV2jsOaHNFnpsapzjxDbE/XmOx8e0DZCXsXoqH/X+G2Ig jxQClJHF+GuE9nQ0SKCPRieY8R1/d2pHv27fjsLA7se2I2/sllhkWz79C1hJybC/Z7o1 +ep2/WEYYKQxn1zV5MQyfFpv3NHNgBx3ODDIpkwkpudYJUu/XK3UMq9hRYp3UMh1z4SO YvHphmsumQAqqjMewrUJIaq+L0ke6nMY4TbPqwswpClnBAFBfk+g3iHoVGWICUZios+3 GyeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=fYAjJRzg85f5sfKIQ/o/jlK9Tre7G8lj8UdY1P3XXCU=; b=tF0qjh2aZ9VyBgC+Q8D3PGB5fqzYeBGGih8cdB4b+CdsuDGPYh76wYCG+BjR+pmVTe PVhGcLsgLJmsdKXZvDaqANLbb3CWB0JmngMfDvmfhuJsoOLbR7mi24wfDOycCpDUtbz/ 6kgwocik194dI29RR8tpzAEGzGDyVjaU/XXR8guO1Z1IYMjcVtNsJlUc8voIrDEHhlsQ vuzJBH1fPQuoC26rcw60VucM//fhnt/F1n1IqRC+6iHKmakmxlhtfc6kbDEsKo4StSVg r2zBr3gZL4GPpZUJjFOoGUWLgYbIi6YvDGzdZZcqq4n1/5gr2h+TasuYm7nZqb1OGKnB LASg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f6si5491856plr.411.2019.03.21.16.06.30; Thu, 21 Mar 2019 16:06:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727532AbfCUXG2 (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:28 -0400 Received: from foss.arm.com ([217.140.101.70]:35832 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727488AbfCUXGX (ORCPT ); Thu, 21 Mar 2019 19:06:23 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4CC0E15BE; Thu, 21 Mar 2019 16:06:23 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 9C4393F614; Thu, 21 Mar 2019 16:06:22 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 09/10] arm64: add sysfs vulnerability show for speculative store bypass Date: Thu, 21 Mar 2019 18:05:56 -0500 Message-Id: <20190321230557.45107-10-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return status based on ssbd_state and the arm64 SSBS feature. If the mitigation is disabled, or the firmware isn't responding then return the expected machine state based on a new blacklist of known vulnerable cores. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 44 ++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 6958dcdabf7d..172ffbabd597 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -278,6 +278,7 @@ static int detect_harden_bp_fw(void) DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); int ssbd_state __read_mostly = ARM64_SSBD_KERNEL; +static bool __ssb_safe = true; static const struct ssbd_options { const char *str; @@ -386,6 +387,9 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); + if (is_midr_in_range_list(read_cpuid_id(), entry->midr_range_list)) + __ssb_safe = false; + if (this_cpu_has_cap(ARM64_SSBS)) { required = false; goto out_printmsg; @@ -419,12 +423,14 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, ssbd_state = ARM64_SSBD_UNKNOWN; return false; + /* machines with mixed mitigation requirements must not return this */ case SMCCC_RET_NOT_REQUIRED: pr_info_once("%s mitigation not required\n", entry->desc); ssbd_state = ARM64_SSBD_MITIGATED; return false; case SMCCC_RET_SUCCESS: + __ssb_safe = false; required = true; break; @@ -474,6 +480,16 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, return required; } +/* known vulnerable cores */ +static const struct midr_range arm64_ssb_cpus[] = { + MIDR_ALL_VERSIONS(MIDR_CORTEX_A57), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A72), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A76), + {}, +}; + static void __maybe_unused cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) { @@ -769,6 +785,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = { .capability = ARM64_SSBD, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = has_ssbd_mitigation, + .midr_range_list = arm64_ssb_cpus, }, #ifdef CONFIG_ARM64_ERRATUM_1188873 { @@ -807,3 +824,30 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, return sprintf(buf, "Vulnerable\n"); } + +ssize_t cpu_show_spec_store_bypass(struct device *dev, + struct device_attribute *attr, char *buf) +{ + /* + * Two assumptions: First, ssbd_state reflects the worse case + * for heterogeneous machines, and that if SSBS is supported its + * supported by all cores. + */ + switch (ssbd_state) { + case ARM64_SSBD_MITIGATED: + return sprintf(buf, "Not affected\n"); + + case ARM64_SSBD_KERNEL: + case ARM64_SSBD_FORCE_ENABLE: + if (cpus_have_cap(ARM64_SSBS)) + return sprintf(buf, "Not affected\n"); + if (IS_ENABLED(CONFIG_ARM64_SSBD)) + return sprintf(buf, + "Mitigation: Speculative Store Bypass disabled\n"); + } + + if (__ssb_safe) + return sprintf(buf, "Not affected\n"); + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Thu Mar 21 23:05:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 160831 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp140241jan; Thu, 21 Mar 2019 16:06:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqy+zFzkGqIR9o61Kz4frTOW28eo7NWIgIDld+A6GlMt+UYRan5ZZX9cL3HA3Zm6WU/SlXjd X-Received: by 2002:a17:902:8f81:: with SMTP id z1mr6317537plo.265.1553209596473; Thu, 21 Mar 2019 16:06:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553209596; cv=none; d=google.com; s=arc-20160816; b=KrfGcT9JBq0l0ObD/21wVsvNcIj11+QrShA3zcD27KkjerJZt9go3gosqvQ3YR9QxQ 9DAx/Sd5vL+LQRyzSx90sx1lt3laEsbUjV/56KcrwUNsVOLcyLbNrnX3Srp/GFYZcU2n uq7fk6p6gzK40n9naU9NsQwOdIMouztJM/5w446px+0NDmdr0VGSAFA9vOYC28BvOJVg GvjSu3kDJidY9wv/9nwEkdZ/ez7HfbGhtUIh++rxX7ifFVt9P5sTEFq1hmVFBggEC20d XkE0hHcYnniIa8Lr4Aes5TsiZaZy5KkdDH5Tm2KoMxZHU4n8R2NeDmIsxpyRBCPH+dTj j9nw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=q1nPMC1AXd5rdaAePAWaMQU85P1MpyY8+nHQQAzJ7TM=; b=Z3lb5v02eXpz91VBELc3VM598Hsl6AgnE/2KMsajCrceiScfVaDlG1Z+2cn4czvi73 1eHAYwcKnBZ4OFRKeHa3N4E9x6Ip4zdo4xWYj8K1Y8bmQMb6jfhWLoKyPu5RLMoVXyzp n94E05VFzSM9guvgjunmxpbhJLUEnbH3OcgcV1NL0G9BOT44Ie8HHVJan68T0Qx2WTyR NgyUiYrx7bhdeFiAGvN1juhjhcQb/c/clEizp8j7IS87kmGaZKKbMX/KqUaNq/lxS6nO UZjb+U+kFrSOv2WWfjBDUo/nChHLF45kIuzzv57FGYafu/RzZXnnhuBt1s17qHDh+NPO ewog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id cw2si5953154plb.283.2019.03.21.16.06.35; Thu, 21 Mar 2019 16:06:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727546AbfCUXGe (ORCPT + 31 others); Thu, 21 Mar 2019 19:06:34 -0400 Received: from foss.arm.com ([217.140.101.70]:35866 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727488AbfCUXGb (ORCPT ); Thu, 21 Mar 2019 19:06:31 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 2D1DB374; Thu, 21 Mar 2019 16:06:31 -0700 (PDT) Received: from beelzebub.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 6B0F93F614; Thu, 21 Mar 2019 16:06:30 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Mian Yousaf Kaukab , Jeremy Linton , Andre Przywara , Stefan Wahren Subject: [PATCH v6 10/10] arm64: enable generic CPU vulnerabilites support Date: Thu, 21 Mar 2019 18:05:57 -0500 Message-Id: <20190321230557.45107-11-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190321230557.45107-1-jeremy.linton@arm.com> References: <20190321230557.45107-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mian Yousaf Kaukab Enable CPU vulnerabilty show functions for spectre_v1, spectre_v2, meltdown and store-bypass. Signed-off-by: Mian Yousaf Kaukab Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Tested-by: Stefan Wahren --- arch/arm64/Kconfig | 1 + 1 file changed, 1 insertion(+) -- 2.20.1 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 7e34b9eba5de..6a7b7d4e0e90 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -90,6 +90,7 @@ config ARM64 select GENERIC_CLOCKEVENTS select GENERIC_CLOCKEVENTS_BROADCAST select GENERIC_CPU_AUTOPROBE + select GENERIC_CPU_VULNERABILITIES select GENERIC_EARLY_IOREMAP select GENERIC_IDLE_POLL_SETUP select GENERIC_IRQ_MULTI_HANDLER