From patchwork Tue May 22 17:42:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136594 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929542lji; Tue, 22 May 2018 10:45:48 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqjTJXrxOCMXlAU5I3JYK2H/5FXGnJ8mhYkL7/YcL7XW/RH61Jw1wZ4f1ksukS6v5OLFYZ8 X-Received: by 2002:a6b:9bcc:: with SMTP id d195-v6mr26667140ioe.15.1527011148638; Tue, 22 May 2018 10:45:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011148; cv=none; d=google.com; s=arc-20160816; b=AQptMJfW+eNas8g4Q6r4aZAiWW4k0TgnA+xKK3LfYXs72p9XuciZbCeOu8+VTY8FFX i3VmR3dSuY2GwgfAz9CSyhpG7UWIMbg3aq1e1b0Hl2XBho+JDFqHOLzBoe96L6KwJAkU TS2eFtPbKTszA9TITkGQU6M/xcGt7Jld6/3yyialvM+JkjlAcbS6cNViMNTDZCQlcrQk GREeCca2fY9Rpo0NZfWpw6DEFlbtxMMOOpeXzoCp58g50aUS7K2GVNQuBXCnrYjYhkoM SxWiaWm7dt9jn/P5VEX0PcqPs/3u1arcjqhFkH1FaRHebHFgs8FiNE9Rxx8kLIEXUWEC 6zWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=xxv8jx/k05rVku5cq8qrSezxD02DU4zZplKtb96fLOs=; b=IuAeJXwXQfi+zJ7JvfqEv/VGrHgcJWk2xMw92cYLkT/2DIiMuSSIWNEoPKgKGB31xY rdCjLHw2O0imwo8FvQxW9r573OU3FVtyCNtccb1xUUSitaX8vB3gki+p5RFIgRmOSvWx IY92HVIn0FRLDvZQ2B3Cuk60LYzpPf9i1pMYZt3tSfZGfV5UL6m+YIMfcb4ZLJw7kLyN LR5nb8QBpiMVH05VgG0EREPND2CgX9LV/Bq+B07oq5lwu+C+sYqzCbRktOXzLvFJ8Rfd du7YpZnAtrc+wfY8IB1k7DEawWqvPRktIerg9bBMangDJAmZ1ID6SGrqW8GK5WYNcYNc V8YQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id p64-v6si13650707iof.217.2018.05.22.10.45.48 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJT-00029Q-Lw; Tue, 22 May 2018 17:43:07 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJS-00029E-JT for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:06 +0000 X-Inumbo-ID: 519d1b21-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 519d1b21-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:12 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0786115AD; Tue, 22 May 2018 10:43:05 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1D3483F589; Tue, 22 May 2018 10:43:03 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:42 +0100 Message-Id: <20180522174254.27551-2-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 01/13] xen/arm: domain: Zeroed the vCPU stack X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" A stack is allocated per vCPU to be used by Xen. The allocation is done with alloc_xenheap_pages that does not zero the memory returned. However the top of the stack is containing information that will be used to store the initial state of the vCPU (see struct cpu_info). Some of the fields may not be initialized and will lead to use/leak bits of previous memory in some cases on the first run of vCPU (AFAICT this only happen on vCPU0 for Dom0). While this is not strictly necessary, this patch zero the full stack to avoid more leakage. This is part of XSA-263. Signed-off-by: Julien Grall --- xen/arch/arm/domain.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index ec0f042bf7..e7b33e92fb 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -540,6 +540,7 @@ void free_vcpu_struct(struct vcpu *v) int vcpu_initialise(struct vcpu *v) { int rc = 0; + unsigned int i; BUILD_BUG_ON( sizeof(struct cpu_info) > STACK_SIZE ); @@ -547,6 +548,9 @@ int vcpu_initialise(struct vcpu *v) if ( v->arch.stack == NULL ) return -ENOMEM; + for ( i = 0; i < (1U << STACK_ORDER); i++ ) + clear_page(v->arch.stack + (PAGE_SIZE * i)); + v->arch.cpu_info = (struct cpu_info *)(v->arch.stack + STACK_SIZE - sizeof(struct cpu_info)); From patchwork Tue May 22 17:42:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136592 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929496lji; Tue, 22 May 2018 10:45:46 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqg+2+xJmWqH6Te1zBZ9tc8jhAoTRaUBcztmAoSAXNXO5I+xreaCb6tg0VLytdx5CcYX3Zl X-Received: by 2002:a6b:c585:: with SMTP id v127-v6mr28033350iof.85.1527011145994; Tue, 22 May 2018 10:45:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011145; cv=none; d=google.com; s=arc-20160816; b=zKJ7MBE4Fcb3nV0jSAKONi/A1Cb2PoiGN0CGBIvVj2QXKpRbPFs7jh9sXbAnpHJL7O ScveATMNVCsTGJO900lYpy8V3dSvoSibH1QLiI7wMG/PnhBwObfYsAQmb0oSm19X7747 VA6yNUFZSxWX7hHQM5Aqq0hO44sVYsFsxGB2lTLNfxEbszGnUKAYYs+0M9NV0LuMw2Bi xjoQnS8R4jjXA9g6x8QL9T2lJ6hFczGGXu5urDASJnVbgV1W0SNOwfy/5yb4NE8pAGqw cLuWF0PNLff6A21v3c2wL56w4RMIh/3AFA80HVGOvwiAZeiQXXe6F21Uog//s8IkvGyM A9TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=kPglRxYHDMHX+ZvRqr/PziPeSz4arrRkTivUItO4f7E=; b=c7VKebPGOtJ3iS9ls11aiMZE2FjGkd/kYppo4sdL0kCcSwZOpSfMDbqg6crohA1r1F KTw+hbOlKcJg5lZyDR0VB8oU/sPAJKfiAi6KJUZSEfZF2s+hK7WDn0B8/USdY4ygTpSl BZfKwOjnkP2TDR6fC2qsXf4A31M6G+UR6OrzZcvbDczjVpWUvpgD/Iib21fDJ6yMc6qY CD4IlwLctIjTDN0OrYq59m+2Ts6e22rCUvwcqmR4TAqoEoXDF/YtrFvvvejaxTmiply5 yXAZOAn5f4D2OEddkTRnmqO2CB2lT/Er3hH2uQ5jTKuMhmD6zaQJ+ZG5IF+bZkuNVsZc aCOQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id z66-v6si15192392ioe.93.2018.05.22.10.45.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJV-00029p-2W; Tue, 22 May 2018 17:43:09 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJT-00029N-Kp for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:07 +0000 X-Inumbo-ID: 154e8215-5de8-11e8-8249-2fda3a446a53 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 154e8215-5de8-11e8-8249-2fda3a446a53; Tue, 22 May 2018 17:46:40 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 2F72B1435; Tue, 22 May 2018 10:43:06 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 453773F589; Tue, 22 May 2018 10:43:05 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:43 +0100 Message-Id: <20180522174254.27551-3-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 02/13] xen/arm64: entry: Use named label in guest_sync X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This will improve readability for future changes. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- xen/arch/arm/arm64/entry.S | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index ffa9a1c492..e2344e565f 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -226,11 +226,11 @@ guest_sync: mrs x1, esr_el2 lsr x1, x1, #HSR_EC_SHIFT /* x1 = ESR_EL2.EC */ cmp x1, #HSR_EC_HVC64 - b.ne 1f /* Not a HVC skip fastpath. */ + b.ne guest_sync_slowpath /* Not a HVC skip fastpath. */ mrs x1, esr_el2 and x1, x1, #0xffff /* Check the immediate [0:16] */ - cbnz x1, 1f /* should be 0 for HVC #0 */ + cbnz x1, guest_sync_slowpath /* should be 0 for HVC #0 */ /* * Fastest path possible for ARM_SMCCC_ARCH_WORKAROUND_1. @@ -241,7 +241,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, 1f + cbnz w0, guest_sync_slowpath /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,7 +250,7 @@ guest_sync: mov x1, xzr eret -1: +guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid * to save them. From patchwork Tue May 22 17:42:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136586 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929420lji; Tue, 22 May 2018 10:45:40 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpgXQstj6rwZSHkkEMBLy6PISO2eyvqwvZUGAoFjF2v/ed+UOyV5ywllp05axFiUqbP/Wrm X-Received: by 2002:a24:6bcb:: with SMTP id v194-v6mr2346701itc.66.1527011140469; Tue, 22 May 2018 10:45:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011140; cv=none; d=google.com; s=arc-20160816; b=1JB1knIkwifaXAPb5fkKjKkQpX/mW7rKX04KfAMpN8U2+29eHn66a//jITPH/bfdsf nsr9u6/lKLrW36iyleDRZMSOeucxDMHeuZI0duJn1hfuwAHedBOrJNi0tW/ZyiLiv207 v/hJk8TaD31srqgRmyaGcBg2/m704dX96UCcs9n3YCFonZxQ7LLZpwiFiONVgmi2INHy 4lDTznMYFr77SlONiUYXMx3AJ2FGEmuhWyrS6+NslGEov9MXugDWKc0jv5iHUT5SbP6R OzOnUBB2Q59JX3G+BLVMQ9EFQQzJB8RjnBXSXe8dhIWFZyiwoeX5P2RzDr2gcZSfxM24 SyjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=5NeMWloKx5jQMcxYTmXFfF7DL+n8eoqenW9I1NCMgnY=; b=KJqGmAYrJlVe6TJu+dT+hicwrw0BVQHRUy9f3CtrW5X+8gRfiOaI4JIM3K46awmzsm 7XHVjg1XzBpji0M+j7qy/xE+9dWMiob+vy06bwmFxSVSQYHfQjnV/JbgYvWrUDlciLlk Q1xtq1+4lM/rO28ZPLSNcFTCRpSVGHVqiUW5usuID2kTlPxvdWLRuV4cYWN/eaDVzl5C KwAFEx2/7GS3K00+bcvWmqDIbf7zcgV8qqDldOE0oiU/ZgSWWXTXjGe6fdqsSKaHan4L ymwlQ3MoOc3WfKHgvFjbKkUvGZ6EEsFPY2+nwDX7+iTCf1JARPmIQym0dAmXtWlbeE7q VvMw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id m193-v6si340271itb.128.2018.05.22.10.45.40 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJW-0002A6-At; Tue, 22 May 2018 17:43:10 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJU-00029a-Q8 for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:08 +0000 X-Inumbo-ID: 160011b5-5de8-11e8-8249-2fda3a446a53 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 160011b5-5de8-11e8-8249-2fda3a446a53; Tue, 22 May 2018 17:46:41 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5764C15AD; Tue, 22 May 2018 10:43:07 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6D1023F589; Tue, 22 May 2018 10:43:06 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:44 +0100 Message-Id: <20180522174254.27551-4-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 03/13] xen/arm: setup: Check errata for boot CPU later on X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Some errata will rely on the SMCCC version which is detected by psci_init(). This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- xen/arch/arm/setup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 1d6f6bf37e..ac93de4786 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -171,8 +171,6 @@ static void __init processor_id(void) } processor_setup(); - - check_local_cpu_errata(); } void dt_unreserved_regions(paddr_t s, paddr_t e, @@ -779,6 +777,12 @@ void __init start_xen(unsigned long boot_phys_offset, printk(XENLOG_INFO "SMP: Allowing %u CPUs\n", cpus); nr_cpu_ids = cpus; + /* + * Some errata relies on SMCCC version which is detected by psci_init() + * (called from smp_init_cpus()). + */ + check_local_cpu_errata(); + init_xen_time(); gic_init(); From patchwork Tue May 22 17:42:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136595 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929549lji; Tue, 22 May 2018 10:45:49 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpeBoxJajVjxuBHP+wIhOIxPY1dhVnGjnLUEEyAW3vghCA3TE85o8qaTvM0lpPqh2vns+bp X-Received: by 2002:a6b:ce15:: with SMTP id p21-v6mr13079208iob.257.1527011149052; Tue, 22 May 2018 10:45:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011149; cv=none; d=google.com; s=arc-20160816; b=ytZAgxEIQEQT7+PhGVwOHjJOvZFu0kk0BChqn+JIgfOAaIERctmXOp9y9WYnuvHnhq fyM0vrfP2fbvuKjsEg9JPlB+FQ4gOyCdaOLpVzfO3YV5IrcRYaFDefMVdnmsW1RlIlzg jz7xhTjIxBVEI4As9nJvbiZHacVTEfyL2ochne0Re/VeB2811rH/3la13lG4AElyg9mo F+R22cXH9RpL9rlgvm98+EEra24o9A28qk7Zq0Be2sOB8REJAtWojGrKsWM9AcyK2Jew FLnFtV5p3MWWKNLIlVFDPrur3VDMTcvgZV9rR1KCfXMpNcTbeSK4tZ59rvGrUZHZ+o47 1uug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=TXvJl0VMMh5D9wESzAkbcrebP7SpbCsnVs4bQAqLGh4=; b=vWpPdXLkqIJaJXD1ailsGlO62GpOCun6l/5rUNabunN9fj/mEtqGBN6A73PiIRDTuJ I1vvbHpxH2S+k5GGTe9MygyNpN5OO560JD8RN35/u7193YOBpzHLL8MMAqk9xoAniqLL ij8IrZC5DzLahNSMaKMLg3s782AQweimR56xLm7FNyiyPREc5Ww2tgCQcTfBkoPnaJPP t/kpcYKtj3WM65r7HMX6iGsPE7YXaPaNxCIqUL3DMwcMaVnfTuAsCTO8eC4tJLIZ2fvq 5c/Eq4Ih0/hRF1jsGZWnkBtk2ToBb5UhnObM8y5GvSjtsfr5QypzTG1FIzoPA89oBQSv 6Usg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id 136-v6si15255652ion.232.2018.05.22.10.45.48 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJX-0002AJ-JI; Tue, 22 May 2018 17:43:11 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJV-00029x-Rp for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:09 +0000 X-Inumbo-ID: 53b1c679-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 53b1c679-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:15 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7F9131435; Tue, 22 May 2018 10:43:08 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 951E23F589; Tue, 22 May 2018 10:43:07 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:45 +0100 Message-Id: <20180522174254.27551-5-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 04/13] xen/arm: Add ARCH_WORKAROUND_2 probing X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" As for Spectre variant-2, we rely on SMCCC 1.1 to provide the discovery mechanism for detecting the SSBD mitigation. A new capability is also allocated for that purpose, and a config option. This is part of XSA-263. Signed-off-by: Julien Grall --- xen/arch/arm/Kconfig | 10 ++++++++++ xen/arch/arm/cpuerrata.c | 39 +++++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/cpuerrata.h | 21 +++++++++++++++++++++ xen/include/asm-arm/cpufeature.h | 3 ++- xen/include/asm-arm/smccc.h | 6 ++++++ 5 files changed, 78 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 8174c0c635..0e2d027060 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -73,6 +73,16 @@ config SBSA_VUART_CONSOLE Allows a guest to use SBSA Generic UART as a console. The SBSA Generic UART implements a subset of ARM PL011 UART. +config ARM_SSBD + bool "Speculative Store Bypass Disable" if EXPERT = "y" + depends on HAS_ALTERNATIVE + default y + help + This enables mitigation of bypassing of previous stores by speculative + loads. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 1baa20654b..bcea2eb6e5 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -235,6 +235,39 @@ static int enable_ic_inv_hardening(void *data) #endif +#ifdef CONFIG_ARM_SSBD + +/* + * Assembly code may use the variable directly, so we need to make sure + * it fits in a register. + */ +DEFINE_PER_CPU_READ_MOSTLY(register_t, ssbd_callback_required); + +static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) +{ + struct arm_smccc_res res; + bool supported = true; + + if ( smccc_ver < SMCCC_VERSION(1, 1) ) + return false; + + /* + * The probe function return value is either negative (unsupported + * or mitigated), positive (unaffected), or zero (requires + * mitigation). We only need to do anything in the last case. + */ + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, + ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); + if ( (int)res.a0 != 0 ) + supported = false; + + if ( supported ) + this_cpu(ssbd_callback_required) = 1; + + return supported; +} +#endif + #define MIDR_RANGE(model, min, max) \ .matches = is_affected_midr_range, \ .midr_model = model, \ @@ -336,6 +369,12 @@ static const struct arm_cpu_capabilities arm_errata[] = { .enable = enable_ic_inv_hardening, }, #endif +#ifdef CONFIG_ARM_SSBD + { + .capability = ARM_SSBD, + .matches = has_ssbd_mitigation, + }, +#endif {}, }; diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index 4e45b237c8..e628d3ff56 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -27,9 +27,30 @@ static inline bool check_workaround_##erratum(void) \ CHECK_WORKAROUND_HELPER(766422, ARM32_WORKAROUND_766422, CONFIG_ARM_32) CHECK_WORKAROUND_HELPER(834220, ARM64_WORKAROUND_834220, CONFIG_ARM_64) +CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +#ifdef CONFIG_ARM_SSBD + +#include + +DECLARE_PER_CPU(register_t, ssbd_callback_required); + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return this_cpu(ssbd_callback_required); +} + +#else + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return false; +} + +#endif + #endif /* __ARM_CPUERRATA_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/cpufeature.h b/xen/include/asm-arm/cpufeature.h index e557a095af..2a5c075d3b 100644 --- a/xen/include/asm-arm/cpufeature.h +++ b/xen/include/asm-arm/cpufeature.h @@ -43,8 +43,9 @@ #define SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT 5 #define SKIP_CTXT_SWITCH_SERROR_SYNC 6 #define ARM_HARDEN_BRANCH_PREDICTOR 7 +#define ARM_SSBD 8 -#define ARM_NCAPS 8 +#define ARM_NCAPS 9 #ifndef __ASSEMBLY__ diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index 8342cc33fe..650744d28b 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -258,6 +258,12 @@ struct arm_smccc_res { ARM_SMCCC_OWNER_ARCH, \ 0x8000) +#define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x7FFF) + /* SMCCC error codes */ #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) #define ARM_SMCCC_NOT_SUPPORTED (-1) From patchwork Tue May 22 17:42:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136598 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929684lji; Tue, 22 May 2018 10:45:56 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpTHmwcpllo59O85hTFWrwuA8ScxJvm4EdqUI57lgtXDbABAg4/fW7nBUJ31fZg3AEtbCOJ X-Received: by 2002:a24:1609:: with SMTP id a9-v6mr2126644ita.48.1527011156188; Tue, 22 May 2018 10:45:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011156; cv=none; d=google.com; s=arc-20160816; b=jQIje0st8Zi3N8qf7y2J3SB/I6amHi4BGcYpNpQsYLghpAo+LFtTxWq3HVQESUcEo2 G7t7bWuDDXmjQryA1rMUZOCWsf6NyVG7u9+w/YwG6Yiuvd8ecf1g6LPe4nTHz1R8y05L s2CHpFiE5zURAvISkxokjMxDdt7lxdc4MxVPlEDB8t6eqnN07lp77ZHiPHQC2RbSmlsJ Jij2Dt+X6e/sLdfSToCCA6or7WTeGCfP9w7po0nW/uP9SytClmbnaZB2Xdro7TI5ZcMj MVidQSI4IBMGnyYg+Lp24FiK6XF5+RzsFuW5MKEyiRX+hH2LhaKKpHtkKrtTLEyxb0Wj /m+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=icXac8IfYlnqFSWoH1I8I64RrgbcgZ/orh9wCHUSRkY=; b=QMb5k+hSsLqTbH9lp0X7BaEtQfUeE6/x4E43XkvGFbMJ42yBQQA3/soOgO/65rsAOe Uk/C4K5sJj5jQjRzUWTQF0TvxyqfN+JUwrzJcMtZoKIvE1zxilpZwYivudqze4aCG4Oq 8LsdX3tUFTOK/emvXQKEp0bLrWjOzydZhFq0KLq08sdetqfiSEPOzprCzVQaKdSfE970 rccbxLj0EZiq7K04ya+jLB2SsFr4zawvCC2l/wGLafuFKTMvWZEzZnljBahU/IevGbzV 2ZCESIkSu1vXYge+ZnkPZ1FnRGtNSksmlpI5cWZiqxw+PHWe262DCk45VfQ/XXhkI1nl pmCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id l185-v6si14940314ioe.246.2018.05.22.10.45.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJX-0002AR-SJ; Tue, 22 May 2018 17:43:11 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJX-0002AE-2p for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:11 +0000 X-Inumbo-ID: 54790879-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 54790879-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:17 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id CAB911435; Tue, 22 May 2018 10:43:09 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BD57F3F589; Tue, 22 May 2018 10:43:08 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:46 +0100 Message-Id: <20180522174254.27551-6-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 05/13] xen/arm: Add command line option to control SSBD mitigation X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" On a system where the firmware implements ARCH_WORKAROUND_2, it may be useful to either permanently enable or disable the workaround for cases where the user decides that they'd rather not get a trap overhead, and keep the mitigation permanently on or off instead of switching it on exception entry/exit. In any case, default to mitigation being enabled. At the same time provide a accessor to know the state of the mitigation. SIgned-off-by: Julien Grall --- docs/misc/xen-command-line.markdown | 18 ++++++ xen/arch/arm/cpuerrata.c | 115 ++++++++++++++++++++++++++++++++---- xen/include/asm-arm/cpuerrata.h | 21 +++++++ xen/include/asm-arm/smccc.h | 1 + 4 files changed, 144 insertions(+), 11 deletions(-) diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown index 8712a833a2..962028b6ed 100644 --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -1756,6 +1756,24 @@ enforces the maximum theoretically necessary timeout of 670ms. Any number is being interpreted as a custom timeout in milliseconds. Zero or boolean false disable the quirk workaround, which is also the default. +### spec-ctrl (Arm) +> `= List of [ ssbd=force-disable|runtime|force-enable ]` + +Controls for speculative execution sidechannel mitigations. + +The option `ssbd=` is used to control the state of Speculative Store +Bypass Disable (SSBD) mitigation. + +* `ssbd=force-disable` will keep the mitigation permanently off. The guest +will not be able to control the state of the mitigation. +* `ssbd=runtime` will always turn on the mitigation when running in the +hypervisor context. The guest will be to turn on/off the mitigation for +itself by using the firmware interface ARCH\_WORKAROUND\_2. +* `ssbd=force-enable` will keep the mitigation permanently on. The guest will +not be able to control the state of the mitigation. + +By default SSBD will be mitigated at runtime (i.e `ssbd=runtime`). + ### spec-ctrl (x86) > `= List of [ , xen=, {pv,hvm,msr-sc,rsb}=, > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd}= ]` diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index bcea2eb6e5..f921721a66 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -237,6 +237,41 @@ static int enable_ic_inv_hardening(void *data) #ifdef CONFIG_ARM_SSBD +enum ssbd_state ssbd_state = ARM_SSBD_RUNTIME; + +static int __init parse_spec_ctrl(const char *s) +{ + const char *ss; + int rc = 0; + + do { + ss = strchr(s, ','); + if ( !ss ) + ss = strchr(s, '\0'); + + if ( !strncmp(s, "ssbd=", 5) ) + { + s += 5; + + if ( !strncmp(s, "force-disable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_DISABLE; + else if ( !strncmp(s, "runtime", ss - s) ) + ssbd_state = ARM_SSBD_RUNTIME; + else if ( !strncmp(s, "force-enable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_ENABLE; + else + rc = -EINVAL; + } + else + rc = -EINVAL; + + s = ss + 1; + } while ( *ss ); + + return rc; +} +custom_param("spec-ctrl", parse_spec_ctrl); + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. @@ -246,25 +281,82 @@ DEFINE_PER_CPU_READ_MOSTLY(register_t, ssbd_callback_required); static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) { struct arm_smccc_res res; - bool supported = true; + bool required = true; if ( smccc_ver < SMCCC_VERSION(1, 1) ) return false; - /* - * The probe function return value is either negative (unsupported - * or mitigated), positive (unaffected), or zero (requires - * mitigation). We only need to do anything in the last case. - */ arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); - if ( (int)res.a0 != 0 ) - supported = false; - if ( supported ) - this_cpu(ssbd_callback_required) = 1; + switch ( (int)res.a0 ) + { + case ARM_SMCCC_NOT_SUPPORTED: + ssbd_state = ARM_SSBD_UNKNOWN; + return false; + + case ARM_SMCCC_NOT_REQUIRED: + ssbd_state = ARM_SSBD_MITIGATED; + return false; + + case ARM_SMCCC_SUCCESS: + required = true; + break; + + case 1: /* Mitigation not required on this CPU. */ + required = false; + break; + + default: + ASSERT_UNREACHABLE(); + return false; + } + + switch ( ssbd_state ) + { + case ARM_SSBD_FORCE_DISABLE: + { + static bool once = true; + + if ( once ) + printk("%s disabled from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + required = false; + + break; + } + + case ARM_SSBD_RUNTIME: + if ( required ) + { + this_cpu(ssbd_callback_required) = 1; + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + } + + break; + + case ARM_SSBD_FORCE_ENABLE: + { + static bool once = true; + + if ( once ) + printk("%s forced from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + required = true; + + break; + } + + default: + ASSERT_UNREACHABLE(); + return false; + } - return supported; + return required; } #endif @@ -371,6 +463,7 @@ static const struct arm_cpu_capabilities arm_errata[] = { #endif #ifdef CONFIG_ARM_SSBD { + .desc = "Speculative Store Bypass Disabled", .capability = ARM_SSBD, .matches = has_ssbd_mitigation, }, diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index e628d3ff56..7fbb3dc0be 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -31,10 +31,26 @@ CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +enum ssbd_state +{ + ARM_SSBD_UNKNOWN, + ARM_SSBD_FORCE_DISABLE, + ARM_SSBD_RUNTIME, + ARM_SSBD_FORCE_ENABLE, + ARM_SSBD_MITIGATED, +}; + #ifdef CONFIG_ARM_SSBD #include +extern enum ssbd_state ssbd_state; + +static inline enum ssbd_state get_ssbd_state(void) +{ + return ssbd_state; +} + DECLARE_PER_CPU(register_t, ssbd_callback_required); static inline bool cpu_require_ssbd_mitigation(void) @@ -49,6 +65,11 @@ static inline bool cpu_require_ssbd_mitigation(void) return false; } +static inline enum ssbd_state get_sbdd_state(void) +{ + return ARM_SSBD_UNKNOWN; +} + #endif #endif /* __ARM_CPUERRATA_H__ */ diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index 650744d28b..a6804cec99 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -265,6 +265,7 @@ struct arm_smccc_res { 0x7FFF) /* SMCCC error codes */ +#define ARM_SMCCC_NOT_REQUIRED (-2) #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) #define ARM_SMCCC_NOT_SUPPORTED (-1) #define ARM_SMCCC_SUCCESS (0) From patchwork Tue May 22 17:42:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136591 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929473lji; Tue, 22 May 2018 10:45:44 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoY1g5rNdDqR015vmh+OBfJXcLi9eJCgevKZjYeGL8ZYk7mWI3pSa/rd7714jN0TaOxlKhU X-Received: by 2002:a6b:244f:: with SMTP id k76-v6mr25838530iok.211.1527011144442; Tue, 22 May 2018 10:45:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011144; cv=none; d=google.com; s=arc-20160816; b=KhufWGq9mKUyyYHDSfHYKH4xaJi/bmH3Nxbmm4S8z9CRQ781znsNQY0cz6LXaqlN/l zJwDi+FKRgQwqCZM6MO105etS+qfjJC3+dl23fOwl/mmM3uj5a5M3l+vrjXbuteUIPdK PX5mmcyHwArzITe1XylTVly1oHKaO0haVC9jY2sPwKkdr+jdvOmcvGNsKvj5ZO6G8dVj bNMsCpkKfQV+BBISZ8C7xKi4IdMBuiOJWdQbHI0UjTftBgbo9plongfAYhbNzClDdlqL vBcuA89vBIVJZHq+PLqNvgk5E76pTGTpHpUcB7anDIFL764pxb7onE5svoVK1Ln584/3 277Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=0umyrtGKfHwtDlH9Pt5iB3G28j5NdZWY+aRhD/b+C+s=; b=YKV20Dl6UoWx1EMlnXNKQEsheBdRBW9PwQtV4t2r9MuZcwrOv8rceGHPT3d1Jy4zdh b+epJGc8wzK63xw5Ts4DzxwJoFotokAhY6x4gfT+VcwSu9PZhbEJhJiUcsl5A9ORo8WN 9rUvNCuW1W1rakq2rVBWGSX8+0UuRuhPNemv4QimRpcGd2OXa/9W3PwH++YNHjGcwDkG TFTEcULMIzFKMGfMTB6x1Zb+TL41tmaH7a84Q4mJsBtgz013Wh6pCrw+pPcA6Nx6E/Hi kPxM9zUCHk1iqIcSuid4ASzG/wrpKT4k6FVSr3ey+tj5iDBxY4MxY2ct2qTh6gxjUc01 deCQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id x65-v6si349165itd.21.2018.05.22.10.45.44 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJa-0002Am-5y; Tue, 22 May 2018 17:43:14 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJZ-0002AX-0r for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:13 +0000 X-Inumbo-ID: 182b07dd-5de8-11e8-8249-2fda3a446a53 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 182b07dd-5de8-11e8-8249-2fda3a446a53; Tue, 22 May 2018 17:46:45 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id F2F5815AD; Tue, 22 May 2018 10:43:10 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 147263F589; Tue, 22 May 2018 10:43:09 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:47 +0100 Message-Id: <20180522174254.27551-7-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 06/13] xen/arm: Add ARCH_WORKAROUND_2 support for guests X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In order to offer ARCH_WORKAROUND_2 support to guests, we need to track the state of the workaround per-vCPU. The field 'pad' in cpu_info is now repurposed to store flags easily accessible in assembly. As the hypervisor will always run with the workaround enabled, we may need to enable (on guest exit) or disable (on guest entry) the workaround. A follow-up patch will add fastpath for the workaround for arm64 guests. This is part of XSA-263. Signed-off-by: Julien Grall --- xen/arch/arm/domain.c | 8 ++++++++ xen/arch/arm/traps.c | 20 ++++++++++++++++++++ xen/arch/arm/vsmc.c | 37 +++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/current.h | 6 +++++- 4 files changed, 70 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index e7b33e92fb..9168195a9c 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include @@ -575,6 +576,13 @@ int vcpu_initialise(struct vcpu *v) if ( (rc = vcpu_vtimer_init(v)) != 0 ) goto fail; + /* + * The workaround 2 (i.e SSBD mitigation) is enabled by default if + * supported. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + v->arch.cpu_info->flags |= CPUINFO_WORKAROUND_2_FLAG; + return rc; fail: diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 5c18e918b0..020b0b8eef 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2011,10 +2011,23 @@ inject_abt: inject_iabt_exception(regs, gva, hsr.len); } +static inline bool needs_ssbd_flip(struct vcpu *v) +{ + if ( !check_workaround_ssbd() ) + return false; + + return !((v->arch.cpu_info->flags & CPUINFO_WORKAROUND_2_FLAG) && + cpu_require_ssbd_mitigation()); +} + static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + /* If the guest has disabled the workaround, bring it back on. */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + /* * If we pended a virtual abort, preserve it until it gets cleared. * See ARM ARM DDI 0487A.j D1.14.3 (Virtual Interrupts) for details, @@ -2260,6 +2273,13 @@ void leave_hypervisor_tail(void) */ SYNCHRONIZE_SERROR(SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT); + /* + * The hypervisor runs with the workaround always present. + * If the guest wants it disabled, so be it... + */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + return; } local_irq_enable(); diff --git a/xen/arch/arm/vsmc.c b/xen/arch/arm/vsmc.c index 40a80d5760..c4ccae6030 100644 --- a/xen/arch/arm/vsmc.c +++ b/xen/arch/arm/vsmc.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -104,6 +105,23 @@ static bool handle_arch(struct cpu_user_regs *regs) if ( cpus_have_cap(ARM_HARDEN_BRANCH_PREDICTOR) ) ret = 0; break; + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + switch ( get_ssbd_state() ) + { + case ARM_SSBD_UNKNOWN: + case ARM_SSBD_FORCE_DISABLE: + break; + + case ARM_SSBD_RUNTIME: + ret = ARM_SMCCC_SUCCESS; + break; + + case ARM_SSBD_FORCE_ENABLE: + case ARM_SSBD_MITIGATED: + ret = ARM_SMCCC_NOT_REQUIRED; + break; + } + break; } set_user_reg(regs, 0, ret); @@ -114,6 +132,25 @@ static bool handle_arch(struct cpu_user_regs *regs) case ARM_SMCCC_ARCH_WORKAROUND_1_FID: /* No return value */ return true; + + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + { + bool enable = (uint32_t)get_user_reg(regs, 1); + + /* + * ARM_WORKAROUND_2_FID should only be called when mitigation + * state can be changed at runtime. + */ + if ( unlikely(get_ssbd_state() != ARM_SSBD_RUNTIME) ) + return true; + + if ( enable ) + get_cpu_info()->flags |= CPUINFO_WORKAROUND_2_FLAG; + else + get_cpu_info()->flags &= ~CPUINFO_WORKAROUND_2_FLAG; + + return true; + } } return false; diff --git a/xen/include/asm-arm/current.h b/xen/include/asm-arm/current.h index 7a0971fdea..f9819b34fc 100644 --- a/xen/include/asm-arm/current.h +++ b/xen/include/asm-arm/current.h @@ -7,6 +7,10 @@ #include #include +/* Tell whether the guest vCPU enabled Workaround 2 (i.e variant 4) */ +#define CPUINFO_WORKAROUND_2_FLAG_SHIFT 0 +#define CPUINFO_WORKAROUND_2_FLAG (_AC(1, U) << CPUINFO_WORKAROUND_2_FLAG_SHIFT) + #ifndef __ASSEMBLY__ struct vcpu; @@ -21,7 +25,7 @@ DECLARE_PER_CPU(struct vcpu *, curr_vcpu); struct cpu_info { struct cpu_user_regs guest_cpu_user_regs; unsigned long elr; - unsigned int pad; + uint32_t flags; }; static inline struct cpu_info *get_cpu_info(void) From patchwork Tue May 22 17:42:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136589 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929458lji; Tue, 22 May 2018 10:45:43 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqo7X05rD69Y1F5KUzP+TXkGv7QUXQu0ZIYpQ/GcaBKGkTk+DrX07Fsg8nMmflwSbqXk9lg X-Received: by 2002:a6b:9403:: with SMTP id w3-v6mr25113257iod.189.1527011143183; Tue, 22 May 2018 10:45:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011143; cv=none; d=google.com; s=arc-20160816; b=V+vTQg/c1xatFKv4Da2F5/z0rW0aqWNIaRtsdWi84QmGyTej7sRSg6Mm4z5yBoCajO fj0Ze8OhAoEHwSongmsORZMM9aIwskXslFyGK6zcGLDKEjsqMQcpsHWqUw5w1N5PfNkQ C1IIx7YKZnU6Dagyufq9Y0FQ9nlWig59Naa8n/QhLwS18ht0coaMh7PCYa3y4JuU1Epk exoOCuHg9gWpwFpea2Dl6tp43Mz7CbeRrTowUIBW+wOu4HOBSrtl4gZjfF6duTBX9fML 1envfdMHYKrFp437/vqw0sJZU0wbc2MgQh8g2zzjZkkr/GMtFughQHYTY4+Ic2T01c4d IBqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=PNv0UWfxrwheAwVaHNga40EUV0Hd8oROgm7ICHF4Upg=; b=SLnHRIMQxQaCOxaxt+w5XyoFzfUTb7tjjwlCNaaGX7vJbjKj0dSSZumIrY5VBw/JsX XG9sweJ2k78HKEJ5wX/ikP0guWDe3CgFGUXj2ad6TSrnxCN7xkMFrbywJ/VPdlaEPiok c8AEhunfVSLLPEQ1gXh6dOrX/IoIYC992YYEucylmHrFkUFglLrJAbLaVwajhngVqAHF N3YNBK9TzyC3suaYQ9DnsW0wIlh0ndZdHso7CcH4/GUFoqJ8mzXfLHacyogCjqKuD3QV QXH+/E6Ye3W18j9YRb0gZf+qf+Sb6Qe9b3tSZ9OCw2ncNXJk5OZQoH2Dfd2Ps5PRvrx3 dJ0w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id m188-v6si348144ite.70.2018.05.22.10.45.42 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJa-0002As-FI; Tue, 22 May 2018 17:43:14 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJZ-0002Ab-60 for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:13 +0000 X-Inumbo-ID: 18e2a356-5de8-11e8-8249-2fda3a446a53 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 18e2a356-5de8-11e8-8249-2fda3a446a53; Tue, 22 May 2018 17:46:46 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 269AB1435; Tue, 22 May 2018 10:43:12 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3C8443F589; Tue, 22 May 2018 10:43:11 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:48 +0100 Message-Id: <20180522174254.27551-8-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 07/13] xen/arm: Simplify alternative patching X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This is part of XSA-263. Signed-off-by: Julien Grall --- I am aware of the missing commit message here. I wanted to send the series on the ML to get some feedback first. --- xen/arch/arm/alternative.c | 35 +++++++++++++---------------------- 1 file changed, 13 insertions(+), 22 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index 9ffdc475d6..bd62183def 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -97,12 +97,16 @@ static u32 get_alt_insn(const struct alt_instr *alt, /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. + * + * @update_offset: Offset between the region patched and the writable + * region for the update. 0 if the patched region is writable. */ -static int __apply_alternatives(const struct alt_region *region) +static int __apply_alternatives(const struct alt_region *region, + paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr; - u32 *origptr; + const u32 *replptr, *origptr; + u32 *updptr; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); @@ -118,6 +122,7 @@ static int __apply_alternatives(const struct alt_region *region) BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); + updptr = (void *)origptr + update_offset; replptr = ALT_REPL_PTR(alt); nr_inst = alt->alt_len / sizeof(insn); @@ -125,7 +130,7 @@ static int __apply_alternatives(const struct alt_region *region) for ( i = 0; i < nr_inst; i++ ) { insn = get_alt_insn(alt, origptr + i, replptr + i); - *(origptr + i) = cpu_to_le32(insn); + *(updptr + i) = cpu_to_le32(insn); } /* Ensure the new instructions reached the memory and nuke */ @@ -162,9 +167,6 @@ static int __apply_alternatives_multi_stop(void *unused) paddr_t xen_size = _end - _start; unsigned int xen_order = get_order_from_bytes(xen_size); void *xenmap; - struct virtual_region patch_region = { - .list = LIST_HEAD_INIT(patch_region.list), - }; BUG_ON(patched); @@ -178,30 +180,19 @@ static int __apply_alternatives_multi_stop(void *unused) BUG_ON(!xenmap); /* - * If we generate a new branch instruction, the target will be - * calculated in this re-mapped Xen region. So we have to register - * this re-mapped Xen region as a virtual region temporarily. - */ - patch_region.start = xenmap; - patch_region.end = xenmap + xen_size; - register_virtual_region(&patch_region); - - /* * Find the virtual address of the alternative region in the new * mapping. * alt_instr contains relative offset, so the function * __apply_alternatives will patch in the re-mapped version of * Xen. */ - region.begin = (void *)__alt_instructions - (void *)_start + xenmap; - region.end = (void *)__alt_instructions_end - (void *)_start + xenmap; + region.begin = __alt_instructions; + region.end = __alt_instructions_end; - ret = __apply_alternatives(®ion); + ret = __apply_alternatives(®ion, xenmap - (void *)_start); /* The patching is not expected to fail during boot. */ BUG_ON(ret != 0); - unregister_virtual_region(&patch_region); - vunmap(xenmap); /* Barriers provided by the cache flushing */ @@ -235,7 +226,7 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .end = end, }; - return __apply_alternatives(®ion); + return __apply_alternatives(®ion, 0); } /* From patchwork Tue May 22 17:42:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136596 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929571lji; Tue, 22 May 2018 10:45:50 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqFazbjNokaPaQfkSmZbRiFL0BAoL9pbNadtXbmsNtnYb0wV3vmCshwc7vNTDKnOy0ffasF X-Received: by 2002:a6b:d0d:: with SMTP id 13-v6mr26067884ion.35.1527011150565; Tue, 22 May 2018 10:45:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011150; cv=none; d=google.com; s=arc-20160816; b=OtRLiF6f4IguxscixpBe9nxGM/SgmAVTD0292yPHdZjzo3T8dvivtImeQKDTw5SsWd GjlWLwke+KlqvHCGLvzePPLDjDZ9tjlL9r/8iQtjb4VGNF+SpkZr8lDJi0V/IeWBItMc wLDIZnKfTXu447+Uf+fje0rIV8Y5Kws66KD4R51ldx34VmW5X6wcXRoqioG7w+kdSFVW xKNOU2+mhIlGRCtJGsZH0SKhTT1ibiAU3HYz2xeaEt70TIpvlJgNWOmk9ecGFyW8ouAe QmCifOpWeIxSn7ZS28ogOALnWfQ3IwIAhDebWJSVgJSjEhrF5wBvs6G0THRqCacX/iUi czOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=5r7C4jA7nO2cMOTUlOStSgsmecBGSIpW9UQmxoZyCbE=; b=E+kZvzIjfX2GxtzUn0AOVNiiGWM9LNuS8ISe9ITagz4fXlq0xzbiEqQ1B5PM7jVE53 u80WT3qDi4Y66vnk/msm47y7r27Je8YqnPpfyyGvk02bb3gsezD/Tbbt8EVRWf8NQR5L cAnfnjoXVFd4OQRKQRzgjY2Neap6/1lDM03v2IaK/lGpM9eD1soM+FkV4wcRNdKtpbPI e1MWL0DOuV3kkaq1DvKbz4+TSW3Oz80InhGBHO/SaIxAilo7j0ZM2CbznCYyLhfBgvQt vyVra0R5Z+IjjVnCg4uzUrEktQNmR6QQCLoAtduPdxArsxLQQvCIR9KzgxJOeNh4/63q w+6A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id t13-v6si15202911iof.45.2018.05.22.10.45.50 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJb-0002Bc-Sk; Tue, 22 May 2018 17:43:15 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJb-0002BO-9E for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:15 +0000 X-Inumbo-ID: 56a41aea-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 56a41aea-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:20 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4EBB115AD; Tue, 22 May 2018 10:43:13 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 647A43F589; Tue, 22 May 2018 10:43:12 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:49 +0100 Message-Id: <20180522174254.27551-9-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 08/13] xen/arm: alternatives: Add dynamic patching feature X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This is based on the Linux commit dea5e2a4c5bc "arm64: alternatives: Add dynamic patching feature" written by Marc Zyngier: We've so far relied on a patching infrastructure that only gave us a single alternative, without any way to provide a range of potential replacement instructions. For a single feature, this is an all or nothing thing. It would be interesting to have a more flexible grained way of patching the kernel though, where we could dynamically tune the code that gets injected. In order to achive this, let's introduce a new form of dynamic patching, assiciating a callback to a patching site. This callback gets source and target locations of the patching request, as well as the number of instructions to be patched. Dynamic patching is declared with the new ALTERNATIVE_CB and alternative_cb directives: asm volatile(ALTERNATIVE_CB("mov %0, #0\n", callback) : "r" (v)); or alternative_cb callback mov x0, #0 alternative_cb_end where callback is the C function computing the alternative. Reviewed-by: Christoffer Dall Reviewed-by: Catalin Marinas Signed-off-by: Marc Zyngier This is patch of XSA-263. Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- xen/arch/arm/alternative.c | 48 +++++++++++++++++++++++++++++---------- xen/include/asm-arm/alternative.h | 44 +++++++++++++++++++++++++++++++---- 2 files changed, 75 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index bd62183def..673150d1c0 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -30,6 +30,8 @@ #include #include #include +/* XXX: Move ARCH_PATCH_INSN_SIZE out of livepatch.h */ +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -94,6 +96,23 @@ static u32 get_alt_insn(const struct alt_instr *alt, return insn; } +static void patch_alternative(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + const uint32_t *replptr; + unsigned int i; + + replptr = ALT_REPL_PTR(alt); + for ( i = 0; i < nr_inst; i++ ) + { + uint32_t insn; + + insn = get_alt_insn(alt, origptr + i, replptr + i); + updptr[i] = cpu_to_le32(insn); + } +} + /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. @@ -105,33 +124,38 @@ static int __apply_alternatives(const struct alt_region *region, paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr, *origptr; + const u32 *origptr; u32 *updptr; + alternative_cb_t alt_cb; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); for ( alt = region->begin; alt < region->end; alt++ ) { - u32 insn; - int i, nr_inst; + int nr_inst; - if ( !cpus_have_cap(alt->cpufeature) ) + /* Use ARM_CB_PATCH as an unconditional patch */ + if ( alt->cpufeature < ARM_CB_PATCH && + !cpus_have_cap(alt->cpufeature) ) continue; - BUG_ON(alt->alt_len != alt->orig_len); + if ( alt->cpufeature == ARM_CB_PATCH ) + BUG_ON(alt->alt_len != 0); + else + BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); updptr = (void *)origptr + update_offset; - replptr = ALT_REPL_PTR(alt); - nr_inst = alt->alt_len / sizeof(insn); + nr_inst = alt->orig_len / ARCH_PATCH_INSN_SIZE; - for ( i = 0; i < nr_inst; i++ ) - { - insn = get_alt_insn(alt, origptr + i, replptr + i); - *(updptr + i) = cpu_to_le32(insn); - } + if ( alt->cpufeature < ARM_CB_PATCH ) + alt_cb = patch_alternative; + else + alt_cb = ALT_REPL_PTR(alt); + + alt_cb(alt, origptr, updptr, nr_inst); /* Ensure the new instructions reached the memory and nuke */ clean_and_invalidate_dcache_va_range(origptr, diff --git a/xen/include/asm-arm/alternative.h b/xen/include/asm-arm/alternative.h index 4e33d1cdf7..9b4b02811b 100644 --- a/xen/include/asm-arm/alternative.h +++ b/xen/include/asm-arm/alternative.h @@ -3,6 +3,8 @@ #include +#define ARM_CB_PATCH ARM_NCAPS + #ifndef __ASSEMBLY__ #include @@ -18,16 +20,24 @@ struct alt_instr { }; /* Xen: helpers used by common code. */ -#define __ALT_PTR(a,f) ((u32 *)((void *)&(a)->f + (a)->f)) +#define __ALT_PTR(a,f) ((void *)&(a)->f + (a)->f) #define ALT_ORIG_PTR(a) __ALT_PTR(a, orig_offset) #define ALT_REPL_PTR(a) __ALT_PTR(a, alt_offset) +typedef void (*alternative_cb_t)(const struct alt_instr *alt, + const uint32_t *origptr, uint32_t *updptr, + int nr_inst); + void __init apply_alternatives_all(void); int apply_alternatives(const struct alt_instr *start, const struct alt_instr *end); -#define ALTINSTR_ENTRY(feature) \ +#define ALTINSTR_ENTRY(feature, cb) \ " .word 661b - .\n" /* label */ \ + " .if " __stringify(cb) " == 0\n" \ " .word 663f - .\n" /* new instruction */ \ + " .else\n" \ + " .word " __stringify(cb) "- .\n" /* callback */ \ + " .endif\n" \ " .hword " __stringify(feature) "\n" /* feature bit */ \ " .byte 662b-661b\n" /* source len */ \ " .byte 664f-663f\n" /* replacement len */ @@ -45,15 +55,18 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en * but most assemblers die if insn1 or insn2 have a .inst. This should * be fixed in a binutils release posterior to 2.25.51.0.2 (anything * containing commit 4e4d08cf7399b606 or c1baaddf8861). + * + * Alternatives with callbacks do not generate replacement instructions. */ -#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled) \ +#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled, cb) \ ".if "__stringify(cfg_enabled)" == 1\n" \ "661:\n\t" \ oldinstr "\n" \ "662:\n" \ ".pushsection .altinstructions,\"a\"\n" \ - ALTINSTR_ENTRY(feature) \ + ALTINSTR_ENTRY(feature,cb) \ ".popsection\n" \ + " .if " __stringify(cb) " == 0\n" \ ".pushsection .altinstr_replacement, \"a\"\n" \ "663:\n\t" \ newinstr "\n" \ @@ -61,11 +74,17 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en ".popsection\n\t" \ ".org . - (664b-663b) + (662b-661b)\n\t" \ ".org . - (662b-661b) + (664b-663b)\n" \ + ".else\n\t" \ + "663:\n\t" \ + "664:\n\t" \ + ".endif\n" \ ".endif\n" #define _ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg, ...) \ - __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg)) + __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg), 0) +#define ALTERNATIVE_CB(oldinstr, cb) \ + __ALTERNATIVE_CFG(oldinstr, "NOT_AN_INSTRUCTION", ARM_CB_PATCH, 1, cb) #else #include @@ -126,6 +145,14 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en 663: .endm +.macro alternative_cb cb + .set .Lasm_alt_mode, 0 + .pushsection .altinstructions, "a" + altinstruction_entry 661f, \cb, ARM_CB_PATCH, 662f-661f, 0 + .popsection +661: +.endm + /* * Complete an alternative code sequence. */ @@ -135,6 +162,13 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .org . - (662b-661b) + (664b-663b) .endm +/* + * Callback-based alternative epilogue + */ +.macro alternative_cb_end +662: +.endm + #define _ALTERNATIVE_CFG(insn1, insn2, cap, cfg, ...) \ alternative_insn insn1, insn2, cap, IS_ENABLED(cfg) From patchwork Tue May 22 17:42:50 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136590 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929463lji; Tue, 22 May 2018 10:45:43 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoYWpI4EFKul6EQqLYnE26Dun3LjigOnoa5BLfpjbZ36I+UQmJO19jphikLmTh0ss2ws/ez X-Received: by 2002:a6b:9704:: with SMTP id z4-v6mr27290160iod.120.1527011143496; Tue, 22 May 2018 10:45:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011143; cv=none; d=google.com; s=arc-20160816; b=Yr1s6Mprt5aueMOx3ySVELKDcjSZilgtb3gsDgfWxCWskmelyoYk3iFOY7EM3TMaWm a4cvT2+jUGIerv6pNXZbrU8yIXrDXeqLmpqVWqvOoMBPhtWQDnAWqNHAM/wOYhntqzi9 aA41u7L/3BHuGZiA52ojKIZIHLue+njhZZqwfAXAuwL8By08zBD1j9brC8GxNgG/6/Ph dx1NbXWsg2gzNeLIbQxoAz9UGuw4xx4mFfeXWzEWYFXdfltNA2MM6X47cmMRbhtOzn2g hCvePUuzylkVhR1kOgN45yBqN6WNr+xjLECgN94Ry39Gunxn1ANrxHuvDgtR7ATGvOsC m1hA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=2QN0tBT3m1fwJ9xafkxXkZrIgo7SDJkxuh1ZvCONItc=; b=nqd9dkhfb2YLDe/2f0s+yEFJmZ8bBy5zSh6prKnPG0Aa41T/+esNIxpE3S7jcxxF9T IRtwRue8MFmexs8ekSxtZJ8C9kRjnuUgAiomIQA5XG8mVN/R4oxWKSXp+PseSc4zD845 l/j5u2QZzCJZ+WnIAUdWVeLuXD5FnveZRnoJaYgIDIWQiUmqs/qQ9Ut/wFCSym7uPXBq cb3om9uOVBIqZVO8vAjo6qxZsv/0y+FHlVPT0qgu0hfYrco/5Zdyc2kujKu3qCRhPVoF xja7cRsCG4MyrrpEyMo000q9nRGIvH9jjr1s3GHTb6gE5rlzyHnA6+H8Xf9sCmOsVKW8 a8rg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id m69-v6si338046ith.132.2018.05.22.10.45.43 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJc-0002Bj-54; Tue, 22 May 2018 17:43:16 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJb-0002BV-Gf for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:15 +0000 X-Inumbo-ID: 1a3f8c99-5de8-11e8-8249-2fda3a446a53 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 1a3f8c99-5de8-11e8-8249-2fda3a446a53; Tue, 22 May 2018 17:46:49 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 767C51435; Tue, 22 May 2018 10:43:14 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 8C39C3F589; Tue, 22 May 2018 10:43:13 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:50 +0100 Message-Id: <20180522174254.27551-10-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 09/13] xen/arm64: Add generic assembly macros X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Add assembly macros to simplify assembly code: - adr_cpu_info: Get the address to the current cpu_info structure - ldr_this_cpu: Load a per-cpu value This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- xen/include/asm-arm/arm64/macros.h | 25 +++++++++++++++++++++++++ xen/include/asm-arm/macros.h | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 xen/include/asm-arm/arm64/macros.h diff --git a/xen/include/asm-arm/arm64/macros.h b/xen/include/asm-arm/arm64/macros.h new file mode 100644 index 0000000000..9c5e676b37 --- /dev/null +++ b/xen/include/asm-arm/arm64/macros.h @@ -0,0 +1,25 @@ +#ifndef __ASM_ARM_ARM64_MACROS_H +#define __ASM_ARM_ARM64_MACROS_H + + /* + * @dst: Result of get_cpu_info() + */ + .macro adr_cpu_info, dst + add \dst, sp, #STACK_SIZE + and \dst, \dst, #~(STACK_SIZE - 1) + sub \dst, \dst, #CPUINFO_sizeof + .endm + + /* + * @dst: Result of READ_ONCE(per_cpu(sym, smp_processor_id())) + * @sym: The name of the per-cpu variable + * @tmp: scratch register + */ + .macro ldr_this_cpu, dst, sym, tmp + ldr \dst, =per_cpu__\sym + mrs \tmp, tpidr_el2 + ldr \dst, [\dst, \tmp] + .endm + +#endif /* __ASM_ARM_ARM64_MACROS_H */ + diff --git a/xen/include/asm-arm/macros.h b/xen/include/asm-arm/macros.h index 5d837cb38b..1d4bb41d15 100644 --- a/xen/include/asm-arm/macros.h +++ b/xen/include/asm-arm/macros.h @@ -8,7 +8,7 @@ #if defined (CONFIG_ARM_32) # include #elif defined(CONFIG_ARM_64) -/* No specific ARM64 macros for now */ +# include #else # error "unknown ARM variant" #endif From patchwork Tue May 22 17:42:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136588 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929444lji; Tue, 22 May 2018 10:45:42 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrmB0o616aH8ByAiQrv3mCGhUoLemryufIRUZ2td5DoDHujivVHzhgWzXPkUcjPhwNa5x/t X-Received: by 2002:a24:3c4c:: with SMTP id m73-v6mr2172671ita.138.1527011142076; Tue, 22 May 2018 10:45:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011142; cv=none; d=google.com; s=arc-20160816; b=ILKJknM6NUxeXJwJP37dou7b6jL+pUzore2xLg1m8Uk10AcOwx1a8a8amMXGojafHp 9ClbVzXwme1kFzAcDyh/LKwRHlgjuftGK6l5WoFsNFdCIoBv6CHm59VvPllfWZ241Vp/ JcSfx9rQy9KLQ9NrYE1Ig6hm4VBqy3aHOECSbkdewH079ky42jo0AgOcBYQaWq6IqZ2E RfBzb3we99AF97Jy79/0FjC9nPMkOgt8YwWzVqxcqaJKz/l5Dhllj8cTdPxtTjcanxQO MehBDhcCfbiwBqcq4abo8QcODGrDVRSiJgAMiYI3FsBanl+Qiqu6NGGRxIH/fGfTDu9j 1YMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=QimA8Lokti/xEuOG6CbOvXNbuhAx/888Ukf3GEobbo4=; b=ZlFJAE+rG1TY/tUXIroSnXp4K4zoL9iOT86iZ5CuLLkxmwdXnZWcCPAVsQntrnDp9v rM6cHHjyj0jabIObBt8UR8RS4YGSdFXctVK8IRjd2Ukk9Se1VOuYhe/N+6zv9wHOZvb3 30WS690Yzr7aiZWNDWwBzIo5i1uPC4hZ2hs9iVv99oLFNJ1PJZZFFl+tQgRxLq9Zp3oN S9yG8lnOhRIS7ERHVR63deioMf6S3teuzH6F/8kSr6J4+cLwDwrxayS++IQVcsf+R+/7 x4O+tg6O/7gD8w2LsvHj6+2SQZ1LQVJPN8+E3NOlCBluSYDtqnQ246JoC6C5QRfnZBzw H2/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id a6-v6si380166ite.8.2018.05.22.10.45.41 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJe-0002Cn-Fd; Tue, 22 May 2018 17:43:18 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJd-0002By-Gt for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:17 +0000 X-Inumbo-ID: 58084b3c-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 58084b3c-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:23 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9E89515AD; Tue, 22 May 2018 10:43:15 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B44863F589; Tue, 22 May 2018 10:43:14 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:51 +0100 Message-Id: <20180522174254.27551-11-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 10/13] xen/arm64: Implement a fast path for handling SMCCC_ARCH_WORKAROUND_2 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The function ARM_SMCCC_ARCH_WORKAROUND_2 will be called by the guest for enabling/disabling the ssbd mitigation. So we want the handling to be as fast as possible. The new sequence will forward guest's ARCH_WORKAROUND_2 call to EL3 and also track the state of the workaround per-vCPU. Note that since we need to execute branches, this always executes after the spectre-v2 mitigation. This code is based on KVM counterpart "arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests" written by Marc Zyngier. This is part of XSA-263. Signed-off-by: Julien Grall --- xen/arch/arm/arm64/asm-offsets.c | 2 ++ xen/arch/arm/arm64/entry.S | 43 +++++++++++++++++++++++++++++++++++++++- xen/arch/arm/cpuerrata.c | 18 +++++++++++++++++ 3 files changed, 62 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/arm64/asm-offsets.c b/xen/arch/arm/arm64/asm-offsets.c index ce24e44473..f5c696d092 100644 --- a/xen/arch/arm/arm64/asm-offsets.c +++ b/xen/arch/arm/arm64/asm-offsets.c @@ -22,6 +22,7 @@ void __dummy__(void) { OFFSET(UREGS_X0, struct cpu_user_regs, x0); + OFFSET(UREGS_X1, struct cpu_user_regs, x1); OFFSET(UREGS_LR, struct cpu_user_regs, lr); OFFSET(UREGS_SP, struct cpu_user_regs, sp); @@ -45,6 +46,7 @@ void __dummy__(void) BLANK(); DEFINE(CPUINFO_sizeof, sizeof(struct cpu_info)); + OFFSET(CPUINFO_flags, struct cpu_info, flags); OFFSET(VCPU_arch_saved_context, struct vcpu, arch.saved_context); diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index e2344e565f..8e25ff3997 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -1,4 +1,6 @@ #include +#include +#include #include #include #include @@ -241,7 +243,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, guest_sync_slowpath + cbnz w0, check_wa2 /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,6 +252,45 @@ guest_sync: mov x1, xzr eret +check_wa2: + /* ARM_SMCCC_ARCH_WORKAROUND_2 handling */ + eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID + eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_2_FID + cbnz w0, guest_sync_slowpath +#ifdef CONFIG_ARM_SSBD +alternative_cb arm_enable_wa2_handling + b wa2_end +alternative_cb_end + /* Sanitize the argument */ + mov x0, #-(UREGS_kernel_sizeof - UREGS_X1) /* x0 := offset of guest's x1 on the stack */ + ldr x1, [sp, x0] /* Load guest's x1 */ + cmp w1, wzr + cset x1, ne + + /* + * Update the guest flag. At this stage sp point after the field + * guest_cpu_user_regs in cpu_info. + */ + adr_cpu_info x2 + ldr x0, [x2, #CPUINFO_flags] + bfi x0, x1, #CPUINFO_WORKAROUND_2_FLAG_SHIFT, #1 + str x0, [x2, #CPUINFO_flags] + + /* Check that we actually need to perform the call */ + ldr_this_cpu x0, ssbd_callback_required, x2 + cbz x0, wa2_end + + mov w0, #ARM_SMCCC_ARCH_WORKAROUND_2_FID + smc #0 + +wa2_end: + /* Don't leak data from the SMC call */ + mov x1, xzr + mov x2, xzr + mov x3, xzr +#endif /* !CONFIG_ARM_SSBD */ + mov x0, xzr + eret guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index f921721a66..54df4ff445 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -7,6 +7,7 @@ #include #include #include +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -272,6 +273,23 @@ static int __init parse_spec_ctrl(const char *s) } custom_param("spec-ctrl", parse_spec_ctrl); +/* Arm64 only for now as for Arm32 the workaround is currently handled in C. */ +#ifdef CONFIG_ARM_64 +void __init arm_enable_wa2_handling(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + BUG_ON(nr_inst != 1); + + /* + * Only allow mitigation on guest ARCH_WORKAROUND_2 if the SSBD + * state allow it to be flipped. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + *updptr = aarch64_insn_gen_nop(); +} +#endif + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. From patchwork Tue May 22 17:42:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136597 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929621lji; Tue, 22 May 2018 10:45:53 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpnmaIP/+f1hooOjsY46u98zgfWnCqlkNzQAO8yq4bhZSUt/cDL8TMfpFm9Mp+Zt/lopCRU X-Received: by 2002:a24:4e8e:: with SMTP id r136-v6mr2154012ita.83.1527011153429; Tue, 22 May 2018 10:45:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011153; cv=none; d=google.com; s=arc-20160816; b=e+g/uVMXh6adNZ+b6ThNhvsFU0eqHK0YRa6wyRLZzji20eqoYvNxVV7eF6E2IC7bBX x/72Bpyze1tvPjvnAlaATBPYX3GodNqMEfPR+4fHp1kHUPlLErXpgBZlwWFIJbZ4ORS2 wGhwY9l896BCYUt5vXP5UlKH/zBul7WD8EYFA6mbF4SQP/WyAvBX51O6zMqxmKc4gopJ +l3r3rwcvPmi7McZ9f7adQQzx9aoMJiF1PbxvzjnlmNx69AzYMTOUw2Wf2MpjXsqxjo6 JvD0uhrvcOluZlegOGUndt6B56rl8G9pTcFDS6KpuJ5/oboLWUpDPyTtn//02+VRpk4c p+ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=LDMezScCHLoje14VA80EWCMANAUnArGqYfKhTi3qKdg=; b=aIbtrQdhqhgFBmfGPmiEcPZWs0E+4kjnoINVOrbAqxo/ALRd8bKCXL51LXobNgf2mh PU1FraoANxCPk3TRMZBV83/yoDiPEHRBoXWBhBjlTcSj6Ez4HjdckOUCX/R3MnNjYTql hR+PJsB6gcqtuhweiUH8k7n/yD5rYtnbvRQnEPSDg9SNMGKApMLKsQEuw7LmC+bUZP2k VwbivPpuAUPMYqljkvK03K6xQ7cW3I9e3HVC5zzvI1C2yONtWnnmknKt0wB2NMIQqgZK qn6TsOKklTktSwuCYl4SCO+LFBGr1SXNStnz2uSWv7ltDEmB90FO4zQ60mplucRQ1x+L C4yA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id o71-v6si338145ite.106.2018.05.22.10.45.53 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJf-0002FQ-PE; Tue, 22 May 2018 17:43:19 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJd-0002CJ-Pw for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:17 +0000 X-Inumbo-ID: 58a1a88a-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 58a1a88a-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:24 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C69B11435; Tue, 22 May 2018 10:43:16 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id DC4953F589; Tue, 22 May 2018 10:43:15 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:52 +0100 Message-Id: <20180522174254.27551-12-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 11/13] xen/arm: Kconfig: Move HARDEN_BRANCH_PREDICTOR under "Architecture features" X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" At the moment, HARDEN_BRANCH_PREDICTOR is not in any section making impossible for the user to unselect it. Also, it looks like we require to use 'expert = "y"' for showing the option in expert mode. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- xen/arch/arm/Kconfig | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 0e2d027060..4212c58171 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -83,6 +83,23 @@ config ARM_SSBD If unsure, say Y. +config HARDEN_BRANCH_PREDICTOR + bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y" + default y + help + Speculation attacks against some high-performance processors rely on + being able to manipulate the branch predictor for a victim context by + executing aliasing branches in the attacker context. Such attacks + can be partially mitigated against by clearing internal branch + predictor state and limiting the prediction logic in some situations. + + This config option will take CPU-specific actions to harden the + branch predictor against aliasing attacks and may rely on specific + instruction sequences or control bits being set by the system + firmware. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" @@ -197,23 +214,6 @@ config ARM64_ERRATUM_834220 endmenu -config HARDEN_BRANCH_PREDICTOR - bool "Harden the branch predictor against aliasing attacks" if EXPERT - default y - help - Speculation attacks against some high-performance processors rely on - being able to manipulate the branch predictor for a victim context by - executing aliasing branches in the attacker context. Such attacks - can be partially mitigated against by clearing internal branch - predictor state and limiting the prediction logic in some situations. - - This config option will take CPU-specific actions to harden the - branch predictor against aliasing attacks and may rely on specific - instruction sequences or control bits being set by the system - firmware. - - If unsure, say Y. - config ARM64_HARDEN_BRANCH_PREDICTOR def_bool y if ARM_64 && HARDEN_BRANCH_PREDICTOR From patchwork Tue May 22 17:42:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136587 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929439lji; Tue, 22 May 2018 10:45:41 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrIUPNAmkYu7snkelRZruaMXCqCawNi3VgXHqfCPbNwSBU4dcw/8Mf2OjTgMSzdoPEeensu X-Received: by 2002:a6b:7402:: with SMTP id s2-v6mr12914466iog.87.1527011141861; Tue, 22 May 2018 10:45:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011141; cv=none; d=google.com; s=arc-20160816; b=KN1B+Ev3jJ9Ubji1RjGEoAfZpaILMwHTgiSOPSPAlHvWryz4ThSUajNyFDMiDBkQIQ qyOfY5nqJCoc1wqz7mqLkl8RkAmanNoZAjs7AoKQ9jYigAqGHc7jr8yJH8zHTD9D8sA9 iE0HUH08cT8gaTu7XG5ltlR1ZUthmkstpmxZOpJCwYp0zFc6/dA3RWYjt0nFreenLbgD lnzNZ3Pzm0GYsP9HfzPTsU5FL4F4k9qd+64uwXboCipja+kHBqMwVt3hELWVIoP5tbPX DdmyW35b5bR6IsqY4Qv10ddZ2YNiEPZwFwVSj1G3vm2ZptEBNQ1YAK53tlqN0t60FehG fFbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=hh27X1z7Cv9scYKBxfFflSkdAOCgLVzcl2wXOoKOIS8=; b=BX31FBilXTXKPv2pIFUHS/oFeyR38QXoZ/O7i4jTbp2fdiUmBLtMGPfGVTkAE3wdW3 8AKl6wskc2pBd/oaFD7gX+4jiCidjU7aZ2FuPIQVLTpw9XF01l4Z2UjJ33V3D4oy6Zjv q8CjkRlKwanK8+nDzhJKXAEWeXZIy6rokHP/t6f3mL+yGZxGjMtdIsGSPpj8o3s9YKkN UKnQn2M2MC+YGG1kUgzUPp0eVRvDHI/eD4fuqLWhrTez+w2uoKoc9LfcbjoK4bsGtjCo BdWTmbaiBRp2AGS2ykYYt9FqOu+1Lf9QxDtQ4MHqMgQMXvpymy91RLnTdbhWrYPmjz7q aayg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id e31-v6si15896813ioi.41.2018.05.22.10.45.41 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJg-0002Fu-5I; Tue, 22 May 2018 17:43:20 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJf-0002F0-Je for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:19 +0000 X-Inumbo-ID: 595461a4-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 595461a4-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:25 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id EEA0F15AD; Tue, 22 May 2018 10:43:17 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 103983F589; Tue, 22 May 2018 10:43:16 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:53 +0100 Message-Id: <20180522174254.27551-13-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 12/13] xen/arm: smccc: Fix indentation in ARM_SMCCC_ARCH_WORKAROUND_1_FID X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- xen/include/asm-arm/smccc.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index a6804cec99..74c13f8419 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -254,9 +254,9 @@ struct arm_smccc_res { #define ARM_SMCCC_ARCH_WORKAROUND_1_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ - ARM_SMCCC_CONV_32, \ - ARM_SMCCC_OWNER_ARCH, \ - 0x8000) + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x8000) #define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ From patchwork Tue May 22 17:42:54 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 136593 Delivered-To: patch@linaro.org Received: by 2002:a2e:9706:0:0:0:0:0 with SMTP id r6-v6csp1929523lji; Tue, 22 May 2018 10:45:47 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrqwV6ERzmtJv4chSzCcWgCvHd7jbpKm053fA1sRUbc+PqQ3I7mBF+vvARyWq0Ho9fVSx3z X-Received: by 2002:a6b:8f09:: with SMTP id r9-v6mr805478iod.233.1527011147133; Tue, 22 May 2018 10:45:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527011147; cv=none; d=google.com; s=arc-20160816; b=VKRDD4Mi5Y33nf2VLQzI7ennN7L2nSPiljRb064Ku2bJLoY5YqUbeH/NggoFmixKno vBLqLeS7ZXg5tw4AOonI94fQc4uGpxpyZIoFWmPTgS0R5XZ9eUI9KOQ249ANcF1d4DW/ h1fUOvrMns218wO5S23Z7gtyuSPpORJUsBLt8T0nm9gq9Jh/uLzcj3h13Wd60uBStcoX eOOAY3AlpW3lSlMuxPMYbSNAxadzHRAfFpQ917DT4XCKvhGNcjjAuOd1KHPHvFkEIbuY bFjRp49h2k92ducupPMG5R5IPTubKtlqAlE8euVnqkf276bPhIr4zYQgsAUlFh17jhnT a/Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=XZAYCZWnRZ9Zb91oVybHRCN5/Ar+8bwA84Gf0smOKLA=; b=tx6NnBuKugTQeyUEJYuYyBSYwc7KlW76ocX8lBsvXeHwzanJ1C7VqjESE0Twtp8g9J LPwne/JEw6mVnR2NTT19qC2Eht62YbniQTLumu5XCLDpzDz1+gShWGuVccbUAchBj6Hm IeQrfil88/qRIzrzxhS2r2ZX7TxQxEktnQInn/5mkaFXy2JbHDBQ/5XwHdrE84Xh+11T 4cJPWiKNOM1bGaSDAuOG1Q9AFAlRVArqedJyseD3JzpX2gqVRsWoVr0JC4kCzqHEL2Go 5QpLJbBYqCVVqT/348nJ7QrT5hSuIUbweHmXp/SIIYVOA9mr5u4yLAhdyL8n+Z4PHw77 rFUQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id a130-v6si359864ita.84.2018.05.22.10.45.46 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 May 2018 10:45:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJh-0002Hc-H3; Tue, 22 May 2018 17:43:21 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fLBJf-0002FP-SP for xen-devel@lists.xenproject.org; Tue, 22 May 2018 17:43:19 +0000 X-Inumbo-ID: 5a04e1b7-5de7-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 5a04e1b7-5de7-11e8-9728-bc764e045a96; Tue, 22 May 2018 19:41:26 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 227E21435; Tue, 22 May 2018 10:43:19 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 384563F589; Tue, 22 May 2018 10:43:18 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 22 May 2018 18:42:54 +0100 Message-Id: <20180522174254.27551-14-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180522174254.27551-1-julien.grall@arm.com> References: <20180522174254.27551-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH 13/13] xen/arm: Avoid to use current everywhere in enter_hypervisor_head X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Using current is fairly expensive, so save up into a variable. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- xen/arch/arm/traps.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 020b0b8eef..b1546f6907 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2024,8 +2024,10 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + struct vcpu *v = current; + /* If the guest has disabled the workaround, bring it back on. */ - if ( needs_ssbd_flip(current) ) + if ( needs_ssbd_flip(v) ) arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); /* @@ -2034,8 +2036,8 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * but the crucial bit is "On taking a vSError interrupt, HCR_EL2.VSE * (alias of HCR.VA) is cleared to 0." */ - if ( current->arch.hcr_el2 & HCR_VA ) - current->arch.hcr_el2 = READ_SYSREG(HCR_EL2); + if ( v->arch.hcr_el2 & HCR_VA ) + v->arch.hcr_el2 = READ_SYSREG(HCR_EL2); #ifdef CONFIG_NEW_VGIC /* @@ -2045,11 +2047,11 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * TODO: Investigate whether this is necessary to do on every * trap and how it can be optimised. */ - vtimer_update_irqs(current); - vcpu_update_evtchn_irq(current); + vtimer_update_irqs(v); + vcpu_update_evtchn_irq(v); #endif - vgic_sync_from_lrs(current); + vgic_sync_from_lrs(v); } }