From patchwork Wed Jan 31 16:53:27 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Julien Grall <julien.grall@linaro.org>
X-Patchwork-Id: 126372
Delivered-To: patch@linaro.org
Received: by 10.46.124.24 with SMTP id x24csp906110ljc;
 Wed, 31 Jan 2018 08:56:05 -0800 (PST)
X-Google-Smtp-Source: AH8x225C82a/vEzHGat9QFXa8MowZb3xSX49K86OO8nk481LJDAzKmJQqYvyBVo3kRj9GhEJnAgK
X-Received: by 10.36.87.14 with SMTP id u14mr36696316ita.7.1517417764935;
 Wed, 31 Jan 2018 08:56:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517417764; cv=none;
 d=google.com; s=arc-20160816;
 b=09UleqqBjl0H1CYyx056GdceuillIIEUhVsctrCZPx+u0OGrN32yfzU5BXvxVRN/3O
 gO0ncKbzQzEEsgk3Ue8k8HuT6lEyk2kCURsyFdF1gzJCn6IbdCf0yUB04TnoUxwWuJuS
 filXdnv8mzQO3JSAenKrsW7I8U1ZwZXXzDOatxSZ8SSNJFPHamioybQIXD55wUU02cA9
 yjNh9Cf8nBP+ZN90zDD7d7N1ALkJy3vjbhGpvDmz3nIObvWAGQRvdaw9PxbetlKa7C3s
 1xCtOpkHMNz7F/ggcEgbKG+ko021+YDzpBBfsuEXOXNLROhrpblSq4LnlGkMiNVxshMe
 Frmg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:mime-version
 :list-subscribe:list-help:list-post:list-unsubscribe:list-id
 :precedence:subject:cc:message-id:date:to:from:dkim-signature
 :arc-authentication-results;
 bh=WI3/LHheBubAcdMINV4RNfhnvYOqRKbLUFPDigsEtig=;
 b=j18zRPfw8ZLagRgsSVJ8LjmBJf7upuiqDNm4t2/z5uxw0MUhS5/JFG+EhoouVZloqy
 23LbZr6rQQqpt/cIqJF2YWVmxtmSQigZXgfZvOV/c+yQA/8oD2AWwa/iT5ia6C8U0F49
 fHqosFcKQcO1qPeC14iqqDr1F6Kl6AARe9lXs77Pdj0gEHKN72qR2D9heNCtfAW4svjR
 X2yPHFITvBFXe0wMCMJBMrUxjKQzt1MZJm4C7vQcojj40DyI4AWif8xYLIrZ+SEsoeDe
 iOqK01uD+5DQeot2D9hN17Gbq/2iJeonVOllG645hmgfZa92Ag9ZMX9VSdTQTf2OwUqz
 Md/w==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=O1syqsWy; 
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120])
 by mx.google.com with ESMTPS id
 e201si101999itc.102.2018.01.31.08.56.04
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 31 Jan 2018 08:56:04 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120; 
Authentication-Results: mx.google.com;
 dkim=neutral (body hash did not verify) header.i=@linaro.org
 header.s=google header.b=O1syqsWy; 
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <xen-devel-bounces@lists.xenproject.org>)
 id 1egvdn-00040z-53; Wed, 31 Jan 2018 16:53:43 +0000
Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6])
 by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from
 <srs0=7zm5=e2=linaro.org=julien.grall@srs-us1.protection.inumbo.net>)
 id 1egvdm-00040l-4f
 for xen-devel@lists.xen.org; Wed, 31 Jan 2018 16:53:42 +0000
X-Inumbo-ID: 4117a870-06a7-11e8-ba59-bc764e045a96
Received: from mail-wr0-x242.google.com (unknown [2a00:1450:400c:c0c::242])
 by us1-rack-dfw2.inumbo.com (Halon) with ESMTPS
 id 4117a870-06a7-11e8-ba59-bc764e045a96;
 Wed, 31 Jan 2018 17:53:26 +0100 (CET)
Received: by mail-wr0-x242.google.com with SMTP id v15so15755736wrb.8
 for <xen-devel@lists.xen.org>; Wed, 31 Jan 2018 08:53:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=xvBGid/P6bTEX9mCNOUxX68IMm2bSv+9vmn9THHVgx0=;
 b=O1syqsWya5sePN31evsixbGwEcbXDlYgEtX0ppO7o5CayzHu3bf00mvBD4T9y6aP6l
 E+39qkEg3xbcpHggpquCEqMAbQ0HUQxfYsuxgzGeTTN1FNZezGmU5UGNL21NU4alPrEm
 B7XxlOU8TLjl0QRjLxbIV4zbsUaqfiYoK52S4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=xvBGid/P6bTEX9mCNOUxX68IMm2bSv+9vmn9THHVgx0=;
 b=LqHCSiNFzu57eTTN1nMYVc9FsCzZp/GOqD1qkKnEWWFWeFNZDg2tsHjlIrvAdHMQ5m
 xOw/xJKfEB3/ZDUTD5/EdmMG6V8W6jawmj9IcxY110n2eWOMYHp0k9LGdG34tR9lbdV/
 JePg2OmFfh23D/NCbPkMOhABRnhzr+jHHtMZJX/xh2jvuWMGvW+qE2dipnTngJy+WXeT
 SxKFNUsD5eSKvNt+so1/0SOf3M9Iv5H482PIocJdGNbElh4zqapC5LKnmqy9W+rtbVrE
 0KyXfK0qgcFmNJ7ta76RXiHwtxdLP27LS9XVDsQQWSgmdpyoxakjg7aIaAsvOI1s/kHS
 L6JQ==
X-Gm-Message-State: AKwxytecLq25dO+6GN/t5ovQj4mk2fcS6twXOsnM7hhWl56AZK4ccgKR
 c8t1XoaKKjQE7tNPs1rx1uNJSyk2qks=
X-Received: by 10.223.128.169 with SMTP id 38mr26039675wrl.104.1517417619243; 
 Wed, 31 Jan 2018 08:53:39 -0800 (PST)
Received: from e108454-lin.cambridge.arm.com ([2001:41d0:1:6c23::1])
 by smtp.gmail.com with ESMTPSA id
 h194sm223745wma.8.2018.01.31.08.53.38
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 31 Jan 2018 08:53:38 -0800 (PST)
From: Julien Grall <julien.grall@linaro.org>
X-Google-Original-From: Julien Grall <julien.grall@arm.com>
To: xen-devel@lists.xen.org
Date: Wed, 31 Jan 2018 16:53:27 +0000
Message-Id: <20180131165334.23175-1-julien.grall@arm.com>
X-Mailer: git-send-email 2.11.0
Cc: Julien Grall <julien.grall@arm.com>, sstabellini@kernel.org,
 andre.przywara@linaro.org
Subject: [Xen-devel] [PATCH v2 0/7] xen/arm32: Branch predictor hardening
 (XSA-254 variant 2)
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>, 
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

Hi all,

This series provides a skeleton for mitigating branch predictor hardening for
arm32 on exception entry.

It also implements mitigation for Cortex-A12, A15 and A17. SoC vendors with
affected CPUs are strongly encouraged to update.

For more information about the impact of this issue and the software mitigations
for Arm processors, please see http://www.arm.com/security-update.

Cheers,

Julien Grall (7):
  xen/arm32: entry: Consolidate DEFINE_TRAP_ENTRY_* macros
  xen/arm32: Add missing MIDR values for Cortex-A17 and A12
  xen/arm32: entry: Add missing trap_reset entry
  xen/arm32: Add skeleton to harden branch predictor aliasing attacks
  xen/arm32: Invalidate BTB on guest exit for Cortex A17 and 12
  xen/arm32: Invalidate icache on guest exist for Cortex-A15
  xen/arm32: entry: Document the purpose of r11 in the traps handler

 xen/arch/arm/Kconfig            |   3 +
 xen/arch/arm/arm32/entry.S      | 164 ++++++++++++++++++++++++++++++++++------
 xen/arch/arm/arm32/traps.c      |   5 ++
 xen/arch/arm/cpuerrata.c        |  62 +++++++++++++++
 xen/include/asm-arm/processor.h |   4 +
 5 files changed, 213 insertions(+), 25 deletions(-)