[4.4,32/75] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support

Message ID 20191108174741.407382517@linuxfoundation.org
State New
Headers show
  • Untitled series #24826
Related show

Commit Message

Greg Kroah-Hartman Nov. 8, 2019, 6:49 p.m.
From: Marc Zyngier <marc.zyngier@arm.com>

commit 6167ec5c9145cdf493722dfd80a5d48bafc4a18a upstream.

A new feature of SMCCC 1.1 is that it offers firmware-based CPU
workarounds. In particular, SMCCC_ARCH_WORKAROUND_1 provides
BP hardening for CVE-2017-5715.

If the host has some mitigation for this issue, report that
we deal with it using SMCCC_ARCH_WORKAROUND_1, as we apply the
host workaround on every guest exit.

Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>

Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>

Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>

[v4.9: account for files moved to virt/ upstream]
Signed-off-by: Mark Rutland <mark.rutland@arm.com> [v4.9 backport]

Tested-by: Greg Hackmann <ghackmann@google.com>

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

[ardb: restrict to include/linux/arm-smccc.h]
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 include/linux/arm-smccc.h |    5 +++++
 1 file changed, 5 insertions(+)


--- a/include/linux/arm-smccc.h
+++ b/include/linux/arm-smccc.h
@@ -70,6 +70,11 @@ 
 			   ARM_SMCCC_SMC_32,				\
 			   0, 1)
+			   ARM_SMCCC_SMC_32,				\
+			   0, 0x8000)
 #ifndef __ASSEMBLY__
 #include <linux/linkage.h>