From patchwork Fri Feb 23 18:57:15 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Julien Grall <julien.grall@arm.com>
X-Patchwork-Id: 129486
Delivered-To: patch@linaro.org
Received: by 10.80.172.228 with SMTP id x91csp984761edc;
 Fri, 23 Feb 2018 10:59:55 -0800 (PST)
X-Google-Smtp-Source: AH8x2250dj2Mxlj+0hKG8TuYDy1j8msGwKvcmnTPZe3i5N5iY2F3nXy0SiaB0i6zNVVdV/6hrLCG
X-Received: by 10.36.221.65 with SMTP id t62mr3502182itf.14.1519412395087;
 Fri, 23 Feb 2018 10:59:55 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519412395; cv=none;
 d=google.com; s=arc-20160816;
 b=e9f20XC3GDkSpvFacItQ90oiZdBqJgicurUmlzbonWn7xJ5VrEL6CawkUpu59OSsFV
 8aOzKnedaPqtkiO1rN1a5D3W6s74zswZhjgAJTLTam7Xk9VsCh0FcgUZpz4zIVB9Lflf
 GWwYOqo8oD0dyPXCVPBUndUf7BDZxJwRwVcKzG5/VMnlfQ0cF/akc0bS3Bjd3H6s0Pjf
 fo7Y9Dq2j6mpBoWja2vuWuu8fxOwxrZgpuSdBWITYyIRSOW1zRUlWzTN8LGTJG6q4TBI
 kbaUzF4p3N6pZd8Q1GZ+EEH6Xhnc+sQZBmVUrurdRrzntknAtuMN3+HecsDN9VM2f7Od
 riYA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:mime-version
 :list-subscribe:list-help:list-post:list-unsubscribe:list-id
 :precedence:subject:cc:references:in-reply-to:message-id:date:to
 :from:arc-authentication-results;
 bh=EGcMWK361zSDhdPwgGeE37gSSqTQA+Oii0sObGVatDA=;
 b=zCT4R1W1u44I6o4iGRTj9P0SiV6pntozTWSq8MNaSbKKnxCEdgFrc/1i+HBCAg6tdT
 wOL22KLeJEEdcBsmb07+SwBtLSJ4FjVN5XgU4pet6sTWjPRJMuNJ57oNn+2c7tCOxOJr
 c8lpOa8AonEhbuek226iRPcZLZcjMP2H9ZZUgPdUxm+aJMWKEo6XYb8uuNsVxfIQYd+C
 gbFQPcnl8bzfNG3c0FWBYpjdoWrd5e7xoicg0fvLE90/ZO4i2wlwDmWAjpdCpDJVqbhN
 6KtKfoUIp2wfRQXyMXoKyf4IKqnHkHUvbQe/EUhR6HcaAQfGzJVlolsWKfktuACkfyNY
 Lpeg==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120])
 by mx.google.com with ESMTPS id
 94si2001835iom.270.2018.02.23.10.59.54
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 23 Feb 2018 10:59:55 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <xen-devel-bounces@lists.xenproject.org>)
 id 1epIXW-0002up-7b; Fri, 23 Feb 2018 18:57:50 +0000
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57])
 by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from
 <srs0=gg1g=fr=arm.com=julien.grall@srs-us1.protection.inumbo.net>)
 id 1epIXV-0002qC-2U
 for xen-devel@lists.xen.org; Fri, 23 Feb 2018 18:57:49 +0000
X-Inumbo-ID: aaec30e1-18cb-11e8-b9b1-635ca7ef6cff
Received: from foss.arm.com (unknown [217.140.101.70])
 by us1-amaz-eas1.inumbo.com (Halon) with ESMTP
 id aaec30e1-18cb-11e8-b9b1-635ca7ef6cff;
 Fri, 23 Feb 2018 18:59:26 +0000 (UTC)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8C17315BF;
 Fri, 23 Feb 2018 10:57:42 -0800 (PST)
Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com
 [10.1.206.53])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id
 358B03F25C; Fri, 23 Feb 2018 10:57:41 -0800 (PST)
From: Julien Grall <julien.grall@arm.com>
To: xen-devel@lists.xen.org
Date: Fri, 23 Feb 2018 18:57:15 +0000
Message-Id: <20180223185729.8780-5-julien.grall@arm.com>
X-Mailer: git-send-email 2.11.0
In-Reply-To: <20180223185729.8780-1-julien.grall@arm.com>
References: <20180223185729.8780-1-julien.grall@arm.com>
Cc: sstabellini@kernel.org, Andre Przywara <andre.przywara@arm.com>,
 andre.przywara@linaro.org, Volodymyr Babchuk <volodymyr.babchuk@epam.com>, 
 Julien Grall <julien.grall@arm.com>, volodymyr_babchuk@epam.com
Subject: [Xen-devel] [PATCH v5 04/18] xen/arm: vsmc: Implement
 SMCCC_ARCH_WORKAROUND_1 BP hardening support
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>, 
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

SMCCC 1.1 offers firmware-based CPU workarounds. In particular,
SMCCC_ARCH_WORKAROUND_1 provides BP hardening for variant 2 of XSA-254
(CVE-2017-5715).

If the hypervisor has some mitigation for this issue, report that we
deal with it using SMCCC_ARCH_WORKAROUND_1, as we apply the hypervisor
workaround on every guest exit.

Signed-off-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Volodymyr Babchuk <volodymyr.babchuk@epam.com>
Acked-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
---
    Changes in v4:
        - Add Stefano's acked-by
        - Add Andre's reviewed-by

    Changes in v3:
        - Fix minor conflict during rebase

    Changes in v2:
        - Add Volodymyr's reviewed-by
---
 xen/arch/arm/vsmc.c         | 22 ++++++++++++++++++++--
 xen/include/asm-arm/smccc.h |  6 ++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/xen/arch/arm/vsmc.c b/xen/arch/arm/vsmc.c
index 7ec492741b..40a80d5760 100644
--- a/xen/arch/arm/vsmc.c
+++ b/xen/arch/arm/vsmc.c
@@ -18,6 +18,7 @@
 #include <xen/lib.h>
 #include <xen/types.h>
 #include <public/arch-arm/smccc.h>
+#include <asm/cpufeature.h>
 #include <asm/monitor.h>
 #include <asm/regs.h>
 #include <asm/smccc.h>
@@ -93,8 +94,25 @@ static bool handle_arch(struct cpu_user_regs *regs)
         return true;
 
     case ARM_SMCCC_ARCH_FEATURES_FID:
-        /* Nothing supported yet */
-        set_user_reg(regs, 0, ARM_SMCCC_NOT_SUPPORTED);
+    {
+        uint32_t arch_func_id = get_user_reg(regs, 1);
+        int ret = ARM_SMCCC_NOT_SUPPORTED;
+
+        switch ( arch_func_id )
+        {
+        case ARM_SMCCC_ARCH_WORKAROUND_1_FID:
+            if ( cpus_have_cap(ARM_HARDEN_BRANCH_PREDICTOR) )
+                ret = 0;
+            break;
+        }
+
+        set_user_reg(regs, 0, ret);
+
+        return true;
+    }
+
+    case ARM_SMCCC_ARCH_WORKAROUND_1_FID:
+        /* No return value */
         return true;
     }
 
diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h
index 629cc5150b..2951caa49d 100644
--- a/xen/include/asm-arm/smccc.h
+++ b/xen/include/asm-arm/smccc.h
@@ -115,6 +115,12 @@ static inline uint32_t smccc_get_owner(register_t funcid)
                        ARM_SMCCC_OWNER_ARCH,        \
                        0x1)
 
+#define ARM_SMCCC_ARCH_WORKAROUND_1_FID             \
+    ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,         \
+                      ARM_SMCCC_CONV_32,            \
+                      ARM_SMCCC_OWNER_ARCH,         \
+                      0x8000)
+
 /* SMCCC error codes */
 #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION  (-1)
 #define ARM_SMCCC_NOT_SUPPORTED         (-1)