From patchwork Tue Jun 5 15:22:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137757 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1098861lji; Tue, 5 Jun 2018 08:26:01 -0700 (PDT) X-Google-Smtp-Source: ADUXVKL83DkDpfJkKK49WwqNsUqmwmU3KMoy94/rItNtHm39Lytz1akqfGaGHLWrVCbDoj+7fYRM X-Received: by 2002:a24:90d:: with SMTP id 13-v6mr10497021itm.69.1528212361491; Tue, 05 Jun 2018 08:26:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212361; cv=none; d=google.com; s=arc-20160816; b=mGDs8ZF/L9urnxWryd6n3Uh74yFb65wBztyplfXanplfGa5QaBgxdtZ1geTPJm/L67 IM/F9ds/WCAj2Uon7MG1zrNJGcsf61q/zfb9jDlnpmPT2TP3gVamhsre/uM2qPG9H1HF u7VxjU9nEfR+vsPfyRbVuxmeMqxeNVvivZljPAq1mfMRcZPWpZf54LLbTL3DEFw659HR bf1IDBdREtTILoIkcmSbCBrAlHhCYcLlYPCv0X447F65fgnMEyQ9qmv6q2gYO5OB/3Vv vYIUJmiJu7u5iLtTx3erM6TH5fTNUBMgnvJ3gd4CodX2Hu4fxdBhRPepHhBHcQ9peAR2 dh0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=PzO0feCuxZZfP+U0QbNYW06EU1dL/m4p3TFw+WgR9wc=; b=iB/lQ9gI5YoPNbO7tfULP/05hn70BRaAlwzKY/7XgrFeprvDpN7JN1vG4+uBMIK6dM g7kMk5DWM069msWQuIxR8cpVxwYmgCb6406v3AWBpegcVz3KmJKkKHUEiAOj5gWFkgY/ 2vln0rTzJZ3dx4BhBD60l6cM6p3jYCDpOo26GiSGfEkuTOGnUyN89SwZgtglcGGh3XjB Md7o0d+7W/XFCpZTPaLORfkUKfw2OR98TKtiUQksEbj5ul39A7/bzVI9cxDijvON5aUW atT4ImZ2Dxm33ff53SrzbfeKzTBXwf3R5doCQxV52q30Cseh7pMle+ixVd7r90mbmK2y N/GA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id m185-v6si429878ioa.26.2018.06.05.08.26.01 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnu-0005Ak-Da; Tue, 05 Jun 2018 15:23:22 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnt-0005AR-0Y for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:21 +0000 X-Inumbo-ID: 103aff71-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 103aff71-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:05 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 43A4E15AD; Tue, 5 Jun 2018 08:23:19 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5925E3F557; Tue, 5 Jun 2018 08:23:18 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:51 +0100 Message-Id: <20180605152303.14450-2-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 01/13] xen/arm: domain: Zero the per-vCPU cpu_info X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" A stack is allocated per vCPU to be used by Xen. The allocation is done with alloc_xenheap_pages that does not zero the memory returned. However the top of the stack is containing information that will be used to store the initial state of the vCPU (see struct cpu_info). Some of the fields may not be initialized and will lead to use/leak bits of previous memory in some cases on the first run of vCPU (AFAICT this only happen on vCPU0 for Dom0). This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Zero only cpu_info --- xen/arch/arm/domain.c | 1 + 1 file changed, 1 insertion(+) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index ec0f042bf7..5a2a9a6b83 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -550,6 +550,7 @@ int vcpu_initialise(struct vcpu *v) v->arch.cpu_info = (struct cpu_info *)(v->arch.stack + STACK_SIZE - sizeof(struct cpu_info)); + memset(v->arch.cpu_info, 0, sizeof(*v->arch.cpu_info)); memset(&v->arch.saved_context, 0, sizeof(v->arch.saved_context)); v->arch.saved_context.sp = (register_t)v->arch.cpu_info; From patchwork Tue Jun 5 15:22:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137760 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1098922lji; Tue, 5 Jun 2018 08:26:05 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLcYCPTgUnSJ8HT004E1yoSNOWopNk+MB1SaD1wWgF+o+httIUKAaHuxTzfR1Iu11gorgMI X-Received: by 2002:a6b:1902:: with SMTP id 2-v6mr17894862ioz.304.1528212365140; Tue, 05 Jun 2018 08:26:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212365; cv=none; d=google.com; s=arc-20160816; b=oQBVYME6X1xd4R3MLRupl1gjsxHVWNEK6eS9aw+UqtimyEo/VoxfEcwTYa+PSrwI5/ qYp4Y6YxkUa1rlYjJwqLbxTirpeRQU+4J0ujuz8rqkHpm/WB74QYjrI0Vakh9oF2xlzZ Z7BZfNrjwoVKgbh5t1zOw/ST6OelKnghFtT5m35wLNlsdn8LGxHLNnkOa8K0hlbz7sVA dyX9tbEeGzj8JbQnRFsO9SW0JDUUxjycpPzGfB8CEVgZTNZeUbAddhZEv+V3ffTEbMQo VgtHG+b/wLY8kuDR6lAROunXxfbdXDYPJIIonxEWaCVlTBpYpGcuM1hxa/lzT2H1KXi2 rTyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=Fxa+kXEmk4az94pHPhbvYCdcgdNXelYaOFTEHWMD0lU=; b=vFQYfzQpgTaI/I+HtAczJ/lGgRnmgKPK1/gvoZPz3txyvS8wniVObDS1hzBjy60TB6 J50HMv6vlVJHZO3pVdXs3gCkI0T4yYsxtg+QQsCUY9TRmrSNvACg6FV1WMI2A3dn/Ew4 ABCB2CAimAUisaX9kO7VOl5MRnPD8DLJ0RCAE2wbzJBp2LxIS3XIxGJj9/LCrnJj0MR9 6N3aH+rLxSJtq9+Hi8hn8R3dCPTh3yWXAFcN+qGrh9NXs1mgVXdKUcWB1ydYH14LiJGG i1/e1/6Rbjj2TPCJEAxD/VDNQs5slfz8dRcDYQC6TGx3WoN564YUVEUFfoUolxMswgbc jpcA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id y1-v6si1760813iti.13.2018.06.05.08.26.04 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnu-0005Av-NQ; Tue, 05 Jun 2018 15:23:22 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnt-0005AZ-75 for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:21 +0000 X-Inumbo-ID: 10d7a885-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 10d7a885-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:06 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6C8851596; Tue, 5 Jun 2018 08:23:20 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 81A823F557; Tue, 5 Jun 2018 08:23:19 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:52 +0100 Message-Id: <20180605152303.14450-3-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 02/13] xen/arm64: entry: Use named label in guest_sync X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This will improve readability for future changes. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/arm64/entry.S | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index ffa9a1c492..e2344e565f 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -226,11 +226,11 @@ guest_sync: mrs x1, esr_el2 lsr x1, x1, #HSR_EC_SHIFT /* x1 = ESR_EL2.EC */ cmp x1, #HSR_EC_HVC64 - b.ne 1f /* Not a HVC skip fastpath. */ + b.ne guest_sync_slowpath /* Not a HVC skip fastpath. */ mrs x1, esr_el2 and x1, x1, #0xffff /* Check the immediate [0:16] */ - cbnz x1, 1f /* should be 0 for HVC #0 */ + cbnz x1, guest_sync_slowpath /* should be 0 for HVC #0 */ /* * Fastest path possible for ARM_SMCCC_ARCH_WORKAROUND_1. @@ -241,7 +241,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, 1f + cbnz w0, guest_sync_slowpath /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,7 +250,7 @@ guest_sync: mov x1, xzr eret -1: +guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid * to save them. From patchwork Tue Jun 5 15:22:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137770 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099162lji; Tue, 5 Jun 2018 08:26:17 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLq/2kxglHxiNMUs5BFNq2ADj6akKYVRaJRlrx/9dmy2/YYrQ6oUj1yiIuckea6iCohyviP X-Received: by 2002:a6b:f817:: with SMTP id o23-v6mr3829810ioh.106.1528212377084; Tue, 05 Jun 2018 08:26:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212377; cv=none; d=google.com; s=arc-20160816; b=RSqow9DcwmJxnxndflFWlzPdf/+4FmszcLgk6c6h7DWDh4By4DOn61JgzUG05AFsjE yxoaD8Lcg+DKcMEjexKZL3lq/RqFUPOPIpQnhGlYW8jrwoUHwwrXtSIIDitApV3tThFU gqVNS83DsStjmqWSz7hIC9XDFi0RBuDXiGER0cOlq7MIPfP6DKvVUxGDoLegeWOU9tH6 uqTHuONYKz5UFXjJXmvhEjZlz/Qo3oKtn6p4KK7Qj1RmLwwTFQx3KDDGaK7ZrXgG04bE SaqGfbYsj+cr8w7Q/gin94MPsSkuildeHCC1Fwb0VJaA8oug1JCpfWsAYW97/U0JVWF2 8swQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=6CGRcLPipuVN7XDfc4tEVZTA97BzOLB+ZTDTSpkJOf8=; b=dD8k4mlRTHfPg6VrmhYjAV2Mt7KLIxghS+Gh3zRqBQjfVTvIp9SdU/AeX5Wrtdc/yw 4q6dWfWtTVtDTxqDXq3A5vjGylU8TxZe/0I89zwfU2xYbGgvniH/qGgymGAmmO7X+QQL KuBK1YwukIXHk42U/Y2HekFjsxtEybJj5GPWe5QDPPwYbHqlq7ObQUf7nlqA2zcKi56e MZrwSxNOqReDBvFnNGBsKFBdeO4b92+BybFHFR8nP3CrCXJFjY8xF8vQUxUs1weIN0IY I2ZKbwnauwHNCxxBBMGOU3nJPiu+JJyOng3U7gKkja8p8PvWUx430D33np8qRdKkguUj yewg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id 144-v6si11674871ioc.264.2018.06.05.08.26.16 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnv-0005BA-72; Tue, 05 Jun 2018 15:23:23 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnu-0005An-HI for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:22 +0000 X-Inumbo-ID: 119e3623-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 119e3623-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:07 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 94AFB15AD; Tue, 5 Jun 2018 08:23:21 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id AA3673F557; Tue, 5 Jun 2018 08:23:20 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:53 +0100 Message-Id: <20180605152303.14450-4-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 03/13] xen/arm: setup: Check errata for boot CPU later on X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Some errata will rely on the SMCCC version which is detected by psci_init(). This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/setup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 1d6f6bf37e..ac93de4786 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -171,8 +171,6 @@ static void __init processor_id(void) } processor_setup(); - - check_local_cpu_errata(); } void dt_unreserved_regions(paddr_t s, paddr_t e, @@ -779,6 +777,12 @@ void __init start_xen(unsigned long boot_phys_offset, printk(XENLOG_INFO "SMP: Allowing %u CPUs\n", cpus); nr_cpu_ids = cpus; + /* + * Some errata relies on SMCCC version which is detected by psci_init() + * (called from smp_init_cpus()). + */ + check_local_cpu_errata(); + init_xen_time(); gic_init(); From patchwork Tue Jun 5 15:22:54 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137768 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099124lji; Tue, 5 Jun 2018 08:26:15 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKhTK6Q8yL1ONTFWV5eeSRbRZUpga9lewgTPOlEixx4tvE38CAcYYH/Sraz0e413lCFPBVJ X-Received: by 2002:a24:e10d:: with SMTP id n13-v6mr18897754ith.83.1528212374932; Tue, 05 Jun 2018 08:26:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212374; cv=none; d=google.com; s=arc-20160816; b=SLik+i3vGtGIEQqiJSSqxeKNfOsiGZu1lklwvJrYmZ0hSFRJy7AJQRS3owCMmQ3BOp 9eF+Cs7oqCAYB2a9fvILdADFH1jklIxx0JWUvkLFw53IuBRvFbZigSuWyaW9sHybTr5w gdMJ69+St1ceDF652apfDprtowSFQoRx63A6Tp38ekDUgy49KtL4Kw1rSCISuKXu9Shf JY7PP1TflCBVPAhpsaxyHjVNR+Rfg0RfQafpvk/h9avaqE+w2zYmWHQPhODREdmF7ezq Hvb+n67vc4LiwnntKUTTaTVhEaLc5ZljsRd9YNsO2UW17RMXeDyYfFJOGL0y3PbRuda8 7wsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=graVgVJryAsdu48ckkfd79GmGcmAlMxkHn/k8BTfyPc=; b=gvCW63CLN+5aOvJALmkzmQHZAQdWkXvVJvJMqML7/FivP1+TnA1fH0bxYj4zWAy7TG 55yTBBX/GBaxJUYilurdisSP6rKPmCc6ADyIkTxvuPGJ6++BxMzq9l96B/aGatu/reCD Qx1WOz/At0XN2k0tgxnRppT/dSov8yDMdpOVLq1xeIos2/vZR0Tw5/t/OdiCic2HSXUH bkBtfIrjjJr8nd7G7DDBRbk+YBZmnH6I+VM6V8QV+FzGfTsNLoRZK0mftfsQatXRKoE3 FtVQ2HMLVYgJvN2nv2qCY7u8Mli8nB6+GJEERpQSdJqbM4zWU1d8IRuDTG6obfFuDk6j O/nw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id y188-v6si11902414ioy.134.2018.06.05.08.26.14 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnw-0005BR-Jj; Tue, 05 Jun 2018 15:23:24 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnv-0005BI-Qo for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:23 +0000 X-Inumbo-ID: 12500f72-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 12500f72-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:08 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id BD0EB1596; Tue, 5 Jun 2018 08:23:22 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D281D3F557; Tue, 5 Jun 2018 08:23:21 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:54 +0100 Message-Id: <20180605152303.14450-5-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 04/13] xen/arm: Add ARCH_WORKAROUND_2 probing X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" As for Spectre variant-2, we rely on SMCCC 1.1 to provide the discovery mechanism for detecting the SSBD mitigation. A new capability is also allocated for that purpose, and a config option. This is part of XSA-263. Signed-off-by: Julien Grall --- Changes in v2: - Add the switch in this patch rather than the next one. - s/supported/required/ --- xen/arch/arm/Kconfig | 10 +++++++ xen/arch/arm/cpuerrata.c | 57 ++++++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/cpuerrata.h | 21 +++++++++++++++ xen/include/asm-arm/cpufeature.h | 3 ++- xen/include/asm-arm/smccc.h | 7 +++++ 5 files changed, 97 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 8174c0c635..0e2d027060 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -73,6 +73,16 @@ config SBSA_VUART_CONSOLE Allows a guest to use SBSA Generic UART as a console. The SBSA Generic UART implements a subset of ARM PL011 UART. +config ARM_SSBD + bool "Speculative Store Bypass Disable" if EXPERT = "y" + depends on HAS_ALTERNATIVE + default y + help + This enables mitigation of bypassing of previous stores by speculative + loads. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 1baa20654b..aa86c7c0fe 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -235,6 +235,57 @@ static int enable_ic_inv_hardening(void *data) #endif +#ifdef CONFIG_ARM_SSBD + +/* + * Assembly code may use the variable directly, so we need to make sure + * it fits in a register. + */ +DEFINE_PER_CPU_READ_MOSTLY(register_t, ssbd_callback_required); + +static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) +{ + struct arm_smccc_res res; + bool required; + + if ( smccc_ver < SMCCC_VERSION(1, 1) ) + return false; + + /* + * The probe function return value is either negative (unsupported + * or mitigated), positive (unaffected), or zero (requires + * mitigation). We only need to do anything in the last case. + */ + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, + ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); + switch ( (int)res.a0 ) + { + case ARM_SMCCC_NOT_SUPPORTED: + return false; + + case ARM_SMCCC_NOT_REQUIRED: + return false; + + case ARM_SMCCC_SUCCESS: + required = true; + break; + + case 1: /* Mitigation not required on this CPU. */ + required = true; + break; + + default: + ASSERT_UNREACHABLE(); + return false; + } + + if ( required ) + this_cpu(ssbd_callback_required) = 1; + + return required; +} +#endif + #define MIDR_RANGE(model, min, max) \ .matches = is_affected_midr_range, \ .midr_model = model, \ @@ -336,6 +387,12 @@ static const struct arm_cpu_capabilities arm_errata[] = { .enable = enable_ic_inv_hardening, }, #endif +#ifdef CONFIG_ARM_SSBD + { + .capability = ARM_SSBD, + .matches = has_ssbd_mitigation, + }, +#endif {}, }; diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index 4e45b237c8..e628d3ff56 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -27,9 +27,30 @@ static inline bool check_workaround_##erratum(void) \ CHECK_WORKAROUND_HELPER(766422, ARM32_WORKAROUND_766422, CONFIG_ARM_32) CHECK_WORKAROUND_HELPER(834220, ARM64_WORKAROUND_834220, CONFIG_ARM_64) +CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +#ifdef CONFIG_ARM_SSBD + +#include + +DECLARE_PER_CPU(register_t, ssbd_callback_required); + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return this_cpu(ssbd_callback_required); +} + +#else + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return false; +} + +#endif + #endif /* __ARM_CPUERRATA_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/cpufeature.h b/xen/include/asm-arm/cpufeature.h index e557a095af..2a5c075d3b 100644 --- a/xen/include/asm-arm/cpufeature.h +++ b/xen/include/asm-arm/cpufeature.h @@ -43,8 +43,9 @@ #define SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT 5 #define SKIP_CTXT_SWITCH_SERROR_SYNC 6 #define ARM_HARDEN_BRANCH_PREDICTOR 7 +#define ARM_SSBD 8 -#define ARM_NCAPS 8 +#define ARM_NCAPS 9 #ifndef __ASSEMBLY__ diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index 8342cc33fe..a6804cec99 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -258,7 +258,14 @@ struct arm_smccc_res { ARM_SMCCC_OWNER_ARCH, \ 0x8000) +#define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x7FFF) + /* SMCCC error codes */ +#define ARM_SMCCC_NOT_REQUIRED (-2) #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) #define ARM_SMCCC_NOT_SUPPORTED (-1) #define ARM_SMCCC_SUCCESS (0) From patchwork Tue Jun 5 15:22:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137762 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099023lji; Tue, 5 Jun 2018 08:26:08 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLhVDhCfW5Cd0KkPRzRjGoOCHPc5JXYRl6B0rz8y4B0CARdsEXNgsdNov9dFdFSHSG8uxj0 X-Received: by 2002:a24:70d0:: with SMTP id f199-v6mr19578093itc.2.1528212368866; Tue, 05 Jun 2018 08:26:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212368; cv=none; d=google.com; s=arc-20160816; b=YCdKbEl/xMD5Va/41kFnWtdM6SSLFB2TS/130Yjjicy+Kdi+vVPJqOrQSQOU/1Wfmf fGFSP9NsnapPSBpeIS45LEfvC/3Puh2Ta9MfjzknjPwrK/M97Xyi/+wJLNwMeqY6ptLY KjwzVsnSYKpzUFuoM461t2JcuodJLQPcYzjmDqwjBjrR8m/FXl6h5cU6AdTSgOVXi9/m rsWXzkYIzUFvf4pQ/WSplvX10LVN7/XE5QLBghPHfRbhhWPOK/Qg/ly2OjzGHFfStTJQ iqulz7x3UsL+xTm6UDWu41q1P6//gmYA1Fw9AWLG1iVwIxsP9Cu89ajmEIyja8/pvhGa YdYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=oukoKoYZ/i2VZZbJmxD0QHqXUDNETge/okYDv7A3gqc=; b=dJTr3M/Gs/W8nv109IyphTOT0wlUK5T3DeTDG309bu/1hdl4J97Z/bynuoq7Ui5JpS zCQr8nvu9/RZCUFAcWP33JQ2v2MGw9oQUukgOfLHqa6jLAgdGg6R00SbKNqe5fgH4Etf wgHe1F+SNtnOqvHMru+77bE4Ax3UhcemzclRpq29zAiAsOmbaZNk9q3cxDhcB7dkNgaT +q/qrdWQvuWEpjuf+X1CbaKZs0rk2cPHuHYjkOTcxPv19hKsWuRE0ApZcU4OzK5ZigLw k+mgVPmV0FLJiRNtZd7LxUmUaMEnH/pet03fDAQIqfRnWVMFXHIDw3fZOUHTPjjFoNWw r9hA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id n2-v6si1705757itg.80.2018.06.05.08.26.08 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDny-0005Bm-UD; Tue, 05 Jun 2018 15:23:26 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDnx-0005Ba-Mb for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:25 +0000 X-Inumbo-ID: 13303a12-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 13303a12-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:10 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 148F21596; Tue, 5 Jun 2018 08:23:24 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 06D5D3F557; Tue, 5 Jun 2018 08:23:22 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:55 +0100 Message-Id: <20180605152303.14450-6-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 05/13] xen/arm: Add command line option to control SSBD mitigation X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" On a system where the firmware implements ARCH_WORKAROUND_2, it may be useful to either permanently enable or disable the workaround for cases where the user decides that they'd rather not get a trap overhead, and keep the mitigation permanently on or off instead of switching it on exception entry/exit. In any case, default to mitigation being enabled. The new command line option is implemented as list of one option to follow x86 option and also allow to extend it more easily in the future. Note that for convenience, the full implemention of the workaround is done in the .matches callback. Lastly, a accessor is provided to know the state of the mitigation. After this patch, there are 3 methods complementing each other to find the state of the mitigation: - The capability ARM_SSBD indicates the platform is affected by the vulnerability. This will also return false if the user decide to force disabled the mitigation (spec-ctrl="ssbd=force-disable"). The capability is useful for putting shortcut in place using alternative. - ssbd_state indicates the global state of the mitigation (e.g unknown, force enable...). The global state is required to report the state to a guest. - The per-cpu ssbd_callback_required indicates whether a pCPU requires to call the SMC. This allows to shortcut SMC call and save an entry/exit to EL3. This is part of XSA-263. Signed-off-by: Julien Grall --- Changes in v2: - Move out some code to the previous patch. - Update the commit message with more background --- docs/misc/xen-command-line.markdown | 18 ++++++++ xen/arch/arm/cpuerrata.c | 91 +++++++++++++++++++++++++++++++++---- xen/include/asm-arm/cpuerrata.h | 21 +++++++++ 3 files changed, 122 insertions(+), 8 deletions(-) diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown index 8712a833a2..962028b6ed 100644 --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -1756,6 +1756,24 @@ enforces the maximum theoretically necessary timeout of 670ms. Any number is being interpreted as a custom timeout in milliseconds. Zero or boolean false disable the quirk workaround, which is also the default. +### spec-ctrl (Arm) +> `= List of [ ssbd=force-disable|runtime|force-enable ]` + +Controls for speculative execution sidechannel mitigations. + +The option `ssbd=` is used to control the state of Speculative Store +Bypass Disable (SSBD) mitigation. + +* `ssbd=force-disable` will keep the mitigation permanently off. The guest +will not be able to control the state of the mitigation. +* `ssbd=runtime` will always turn on the mitigation when running in the +hypervisor context. The guest will be to turn on/off the mitigation for +itself by using the firmware interface ARCH\_WORKAROUND\_2. +* `ssbd=force-enable` will keep the mitigation permanently on. The guest will +not be able to control the state of the mitigation. + +By default SSBD will be mitigated at runtime (i.e `ssbd=runtime`). + ### spec-ctrl (x86) > `= List of [ , xen=, {pv,hvm,msr-sc,rsb}=, > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd}= ]` diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index aa86c7c0fe..4292008692 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -237,6 +237,41 @@ static int enable_ic_inv_hardening(void *data) #ifdef CONFIG_ARM_SSBD +enum ssbd_state ssbd_state = ARM_SSBD_RUNTIME; + +static int __init parse_spec_ctrl(const char *s) +{ + const char *ss; + int rc = 0; + + do { + ss = strchr(s, ','); + if ( !ss ) + ss = strchr(s, '\0'); + + if ( !strncmp(s, "ssbd=", 5) ) + { + s += 5; + + if ( !strncmp(s, "force-disable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_DISABLE; + else if ( !strncmp(s, "runtime", ss - s) ) + ssbd_state = ARM_SSBD_RUNTIME; + else if ( !strncmp(s, "force-enable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_ENABLE; + else + rc = -EINVAL; + } + else + rc = -EINVAL; + + s = ss + 1; + } while ( *ss ); + + return rc; +} +custom_param("spec-ctrl", parse_spec_ctrl); + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. @@ -251,19 +286,17 @@ static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) if ( smccc_ver < SMCCC_VERSION(1, 1) ) return false; - /* - * The probe function return value is either negative (unsupported - * or mitigated), positive (unaffected), or zero (requires - * mitigation). We only need to do anything in the last case. - */ arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); + switch ( (int)res.a0 ) { case ARM_SMCCC_NOT_SUPPORTED: + ssbd_state = ARM_SSBD_UNKNOWN; return false; case ARM_SMCCC_NOT_REQUIRED: + ssbd_state = ARM_SSBD_MITIGATED; return false; case ARM_SMCCC_SUCCESS: @@ -271,7 +304,7 @@ static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) break; case 1: /* Mitigation not required on this CPU. */ - required = true; + required = false; break; default: @@ -279,8 +312,49 @@ static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) return false; } - if ( required ) - this_cpu(ssbd_callback_required) = 1; + switch ( ssbd_state ) + { + case ARM_SSBD_FORCE_DISABLE: + { + static bool once = true; + + if ( once ) + printk("%s disabled from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + required = false; + + break; + } + + case ARM_SSBD_RUNTIME: + if ( required ) + { + this_cpu(ssbd_callback_required) = 1; + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + } + + break; + + case ARM_SSBD_FORCE_ENABLE: + { + static bool once = true; + + if ( once ) + printk("%s forced from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + required = true; + + break; + } + + default: + ASSERT_UNREACHABLE(); + return false; + } return required; } @@ -389,6 +463,7 @@ static const struct arm_cpu_capabilities arm_errata[] = { #endif #ifdef CONFIG_ARM_SSBD { + .desc = "Speculative Store Bypass Disabled", .capability = ARM_SSBD, .matches = has_ssbd_mitigation, }, diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index e628d3ff56..7fbb3dc0be 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -31,10 +31,26 @@ CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +enum ssbd_state +{ + ARM_SSBD_UNKNOWN, + ARM_SSBD_FORCE_DISABLE, + ARM_SSBD_RUNTIME, + ARM_SSBD_FORCE_ENABLE, + ARM_SSBD_MITIGATED, +}; + #ifdef CONFIG_ARM_SSBD #include +extern enum ssbd_state ssbd_state; + +static inline enum ssbd_state get_ssbd_state(void) +{ + return ssbd_state; +} + DECLARE_PER_CPU(register_t, ssbd_callback_required); static inline bool cpu_require_ssbd_mitigation(void) @@ -49,6 +65,11 @@ static inline bool cpu_require_ssbd_mitigation(void) return false; } +static inline enum ssbd_state get_sbdd_state(void) +{ + return ARM_SSBD_UNKNOWN; +} + #endif #endif /* __ARM_CPUERRATA_H__ */ From patchwork Tue Jun 5 15:22:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137765 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099076lji; Tue, 5 Jun 2018 08:26:12 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKQ9bmAIFuoJ5swSkAhdTKwsAB+oiwm6EukRni+S2RpsqUj4SP/nR1VdhmNqu0/ljmrBJ9k X-Received: by 2002:a24:4964:: with SMTP id z97-v6mr19646768ita.44.1528212372595; Tue, 05 Jun 2018 08:26:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212372; cv=none; d=google.com; s=arc-20160816; b=criZIMJTj/qhWmi6uM7mNqcYCXPEkF2YCgFCqy1MYJn+tEE5JkTDZXSqexQSqYsjkl IwKsPdDDEFijBZkB/+9Z2iP98bnoVoyZ7DBohy9A98TWmQyqfkepBt2E7SFq73hsRKj3 djvBNav+QySHBBmM28f1bMO8yUH/OwAGCCoSUTAYoywbD8K1TkpX7+awvRMF/oL9Dh6I eudrCHKpJ26TRpMVRnKbkoO89xib089/RqhKsj/zhF1Z1aaxVh2f8GFm4nIBPCiTazPf 4mkuBWLVJ/tUE0+3agEkc6GKk0Ua5oFPQFJQQdWpO/BLz+YWyZo2rO7bk/YKbaB1N6f6 HGbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=oNSdzq47RT2uZmZclj1XrO9iXXCbq4ZtR6h5nF1Csw0=; b=c5A4wlDKQOT8Y3rIIy88MFUlUTh4nL6O9cQhTkyxN0YjQ3mf2b+AOgd4z8OAKEV/d7 Y15ksFZzxQGRiuPrNcssiKRTA80qVX9Clc/U3sC3SuskHc/TWIZ9znaXtXYuJZilydiv xauHAMW22dTqglvqq+dKj79pnDz2DpMTtRVl1PEOBhJEbF4DPiZzGk8cWQWwxWWXy/HW WTMXRs8RfzEn/ByNrCVsJtdkf1E+XfbD/Tmej8Yx4rLYYnRfD1e4VEJoSQ4Wu23em7wS YhaheOdDPrJqZjGO1levdMxD2Xr4LvqFtSkIcWgNNXnOKBotrUmAQSw6fFWdghslHRzr tsQA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id v62-v6si1746091itd.113.2018.06.05.08.26.12 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo0-0005By-9I; Tue, 05 Jun 2018 15:23:28 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDny-0005Bl-TT for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:26 +0000 X-Inumbo-ID: 13b379d1-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 13b379d1-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:10 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3CEB215AD; Tue, 5 Jun 2018 08:23:25 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5268C3F557; Tue, 5 Jun 2018 08:23:24 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:56 +0100 Message-Id: <20180605152303.14450-7-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 06/13] xen/arm: Add ARCH_WORKAROUND_2 support for guests X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In order to offer ARCH_WORKAROUND_2 support to guests, we need to track the state of the workaround per-vCPU. The field 'pad' in cpu_info is now repurposed to store flags easily accessible in assembly. As the hypervisor will always run with the workaround enabled, we may need to enable (on guest exit) or disable (on guest entry) the workaround. A follow-up patch will add fastpath for the workaround for arm64 guests. Note that check_workaround_ssbd() is used instead of ssbd_get_state() because the former is implemented using an alternative. Thefore the code will be shortcut on affected platform. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Fix the condition in need_ssbd_flip() --- xen/arch/arm/domain.c | 8 ++++++++ xen/arch/arm/traps.c | 20 ++++++++++++++++++++ xen/arch/arm/vsmc.c | 37 +++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/current.h | 6 +++++- 4 files changed, 70 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index 5a2a9a6b83..4baecc2447 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include @@ -572,6 +573,13 @@ int vcpu_initialise(struct vcpu *v) if ( (rc = vcpu_vtimer_init(v)) != 0 ) goto fail; + /* + * The workaround 2 (i.e SSBD mitigation) is enabled by default if + * supported. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + v->arch.cpu_info->flags |= CPUINFO_WORKAROUND_2_FLAG; + return rc; fail: diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 5c18e918b0..315fc61f77 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2011,10 +2011,23 @@ inject_abt: inject_iabt_exception(regs, gva, hsr.len); } +static inline bool needs_ssbd_flip(struct vcpu *v) +{ + if ( !check_workaround_ssbd() ) + return false; + + return !(v->arch.cpu_info->flags & CPUINFO_WORKAROUND_2_FLAG) && + cpu_require_ssbd_mitigation(); +} + static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + /* If the guest has disabled the workaround, bring it back on. */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + /* * If we pended a virtual abort, preserve it until it gets cleared. * See ARM ARM DDI 0487A.j D1.14.3 (Virtual Interrupts) for details, @@ -2260,6 +2273,13 @@ void leave_hypervisor_tail(void) */ SYNCHRONIZE_SERROR(SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT); + /* + * The hypervisor runs with the workaround always present. + * If the guest wants it disabled, so be it... + */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + return; } local_irq_enable(); diff --git a/xen/arch/arm/vsmc.c b/xen/arch/arm/vsmc.c index 40a80d5760..c4ccae6030 100644 --- a/xen/arch/arm/vsmc.c +++ b/xen/arch/arm/vsmc.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -104,6 +105,23 @@ static bool handle_arch(struct cpu_user_regs *regs) if ( cpus_have_cap(ARM_HARDEN_BRANCH_PREDICTOR) ) ret = 0; break; + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + switch ( get_ssbd_state() ) + { + case ARM_SSBD_UNKNOWN: + case ARM_SSBD_FORCE_DISABLE: + break; + + case ARM_SSBD_RUNTIME: + ret = ARM_SMCCC_SUCCESS; + break; + + case ARM_SSBD_FORCE_ENABLE: + case ARM_SSBD_MITIGATED: + ret = ARM_SMCCC_NOT_REQUIRED; + break; + } + break; } set_user_reg(regs, 0, ret); @@ -114,6 +132,25 @@ static bool handle_arch(struct cpu_user_regs *regs) case ARM_SMCCC_ARCH_WORKAROUND_1_FID: /* No return value */ return true; + + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + { + bool enable = (uint32_t)get_user_reg(regs, 1); + + /* + * ARM_WORKAROUND_2_FID should only be called when mitigation + * state can be changed at runtime. + */ + if ( unlikely(get_ssbd_state() != ARM_SSBD_RUNTIME) ) + return true; + + if ( enable ) + get_cpu_info()->flags |= CPUINFO_WORKAROUND_2_FLAG; + else + get_cpu_info()->flags &= ~CPUINFO_WORKAROUND_2_FLAG; + + return true; + } } return false; diff --git a/xen/include/asm-arm/current.h b/xen/include/asm-arm/current.h index 7a0971fdea..f9819b34fc 100644 --- a/xen/include/asm-arm/current.h +++ b/xen/include/asm-arm/current.h @@ -7,6 +7,10 @@ #include #include +/* Tell whether the guest vCPU enabled Workaround 2 (i.e variant 4) */ +#define CPUINFO_WORKAROUND_2_FLAG_SHIFT 0 +#define CPUINFO_WORKAROUND_2_FLAG (_AC(1, U) << CPUINFO_WORKAROUND_2_FLAG_SHIFT) + #ifndef __ASSEMBLY__ struct vcpu; @@ -21,7 +25,7 @@ DECLARE_PER_CPU(struct vcpu *, curr_vcpu); struct cpu_info { struct cpu_user_regs guest_cpu_user_regs; unsigned long elr; - unsigned int pad; + uint32_t flags; }; static inline struct cpu_info *get_cpu_info(void) From patchwork Tue Jun 5 15:22:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137766 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099086lji; Tue, 5 Jun 2018 08:26:13 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKfImVUge/EZMhvb/I5huld3nKJsjR/80Zcp4rnIR23tnhADpdXJ/Wg5ysQ49PlySU/8qTt X-Received: by 2002:a6b:82a1:: with SMTP id m33-v6mr27131360ioi.56.1528212373251; Tue, 05 Jun 2018 08:26:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212373; cv=none; d=google.com; s=arc-20160816; b=rM9QCNT+G0M3bvb7pSsE0HkGNJP7jqhseEx+ueByVAw47XB8F9MnljTNuMCAWH+HEj hhQ0A7yragQFLhWGYpI66oQnCIBk258bK+e5qZ7MP3pMdsR2/KOM9fRp+JaJJSlJWV8P 8tZxplntuUocv4mO1nu/7lk6eLT6/r6yVLA/KTCf5A5JX02pX/dVMDmYVvhqFJZqDDOY cX4KloYaFWnbTMrRcARj+9Rjzo4ufoCLiaPRu1yM199H0pTKRzHjou90Na6KvSZpoRZR 6sOx0+e6bOGsAhgamFnRIyiuyh/jvFJp4S1+n60KVLOpeWdkd5zxaZGsXE8tWGohFZzd wvtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=Lv8Ty3NRBlqB8Uja8s0vo4qQ94p/bwg+81G7jGLRD8E=; b=piKR8HRvR4X6zD29hyTPyUyvFTPr0R2g41K1P8CqtKBSpLTStYCb0rOdI3B8fYrgAJ VWoAHAoQln6wyjbLcXcwVQeKjl0Ivh8Ul49n6suZCPq76pRabIvBcVS50ZbWWma89nE/ kPGPyt6ALXA27RJVhug1mFikKD9kc30zg7487beG6Q+HBZAFDAbXwlbIvEgxXeEo04Bd //qrWpuV+zQ+FcHn1iX7S+uoaSUIhgMWvgrPLc6AGNFeih03qB2HVQ6pFJkAG3ty1PNF NT5sRwanPIrv1zQUwGG0fdAnopUE71kbdexhi8YcqE09AMHbrcyLYpA24eQ+dWmCTonQ yhvg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id 125-v6si33733553iow.201.2018.06.05.08.26.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo1-0005CA-LU; Tue, 05 Jun 2018 15:23:29 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo0-0005Bx-80 for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:28 +0000 X-Inumbo-ID: 14a85d44-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 14a85d44-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:12 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 885951596; Tue, 5 Jun 2018 08:23:26 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7AB613F557; Tue, 5 Jun 2018 08:23:25 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:57 +0100 Message-Id: <20180605152303.14450-8-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 07/13] xen/arm: Simplify alternative patching of non-writable region X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" During the MMU setup process, Xen will set SCTLR_EL2.WNX (Write-Non-eXecutable) bit. Because of that, the alternative code need to re-mapped the region in a difference place in order to modify the text section. At the moment, the function patching the code is only aware of the re-mapped region. This requires the caller to mess with Xen internal in order to have function such as is_active_kernel_text() working. All the interaction with Xen internal can be removed by specify the offset between the region patch and the writable region for updating the instruction This simplification will also make easier to integrate dynamic patching a in a follow-up patch. Indeed, the callback address should be in a original region and not re-mapped only which is writeable non-executable. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Cc: Konrad Rzeszutek Wilk Changes in v2: - Add commit message - Remove comment in the code that does not make sense anymore --- xen/arch/arm/alternative.c | 42 +++++++++++++----------------------------- 1 file changed, 13 insertions(+), 29 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index 9ffdc475d6..936cf04956 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -97,12 +97,16 @@ static u32 get_alt_insn(const struct alt_instr *alt, /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. + * + * @update_offset: Offset between the region patched and the writable + * region for the update. 0 if the patched region is writable. */ -static int __apply_alternatives(const struct alt_region *region) +static int __apply_alternatives(const struct alt_region *region, + paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr; - u32 *origptr; + const u32 *replptr, *origptr; + u32 *updptr; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); @@ -118,6 +122,7 @@ static int __apply_alternatives(const struct alt_region *region) BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); + updptr = (void *)origptr + update_offset; replptr = ALT_REPL_PTR(alt); nr_inst = alt->alt_len / sizeof(insn); @@ -125,7 +130,7 @@ static int __apply_alternatives(const struct alt_region *region) for ( i = 0; i < nr_inst; i++ ) { insn = get_alt_insn(alt, origptr + i, replptr + i); - *(origptr + i) = cpu_to_le32(insn); + *(updptr + i) = cpu_to_le32(insn); } /* Ensure the new instructions reached the memory and nuke */ @@ -162,9 +167,6 @@ static int __apply_alternatives_multi_stop(void *unused) paddr_t xen_size = _end - _start; unsigned int xen_order = get_order_from_bytes(xen_size); void *xenmap; - struct virtual_region patch_region = { - .list = LIST_HEAD_INIT(patch_region.list), - }; BUG_ON(patched); @@ -177,31 +179,13 @@ static int __apply_alternatives_multi_stop(void *unused) /* Re-mapping Xen is not expected to fail during boot. */ BUG_ON(!xenmap); - /* - * If we generate a new branch instruction, the target will be - * calculated in this re-mapped Xen region. So we have to register - * this re-mapped Xen region as a virtual region temporarily. - */ - patch_region.start = xenmap; - patch_region.end = xenmap + xen_size; - register_virtual_region(&patch_region); + region.begin = __alt_instructions; + region.end = __alt_instructions_end; - /* - * Find the virtual address of the alternative region in the new - * mapping. - * alt_instr contains relative offset, so the function - * __apply_alternatives will patch in the re-mapped version of - * Xen. - */ - region.begin = (void *)__alt_instructions - (void *)_start + xenmap; - region.end = (void *)__alt_instructions_end - (void *)_start + xenmap; - - ret = __apply_alternatives(®ion); + ret = __apply_alternatives(®ion, xenmap - (void *)_start); /* The patching is not expected to fail during boot. */ BUG_ON(ret != 0); - unregister_virtual_region(&patch_region); - vunmap(xenmap); /* Barriers provided by the cache flushing */ @@ -235,7 +219,7 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .end = end, }; - return __apply_alternatives(®ion); + return __apply_alternatives(®ion, 0); } /* From patchwork Tue Jun 5 15:22:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137759 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1098906lji; Tue, 5 Jun 2018 08:26:04 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJowUArdvj+IFBZ4E9AqkxJvAEdak2XUCAotyhTZr2k1OSUmHtIjsXj7JXNqiksMgKo1++F X-Received: by 2002:a24:243:: with SMTP id 64-v6mr18467181itu.20.1528212364430; Tue, 05 Jun 2018 08:26:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212364; cv=none; d=google.com; s=arc-20160816; b=BkzeunCim0z4idskGhFfClp0RtdYVS5mfEL5YcVRkbJl5zJJY7j2AQrwIJib5qVWY3 yvJ5IP+2qmPx+G7U9X1jKAja2JDvMcZiBQd1eJZpSOX39upwLzArKFY/CgwvBQ0IkkcG oZYuwWqOt00YmpSwjkQQwLPbLgHrYAyLO6OxOFrZu9UQOMLIM7Bgny2sBcsjWvqYkjlV 3QqV4pJg9zGNGhp0wwU9rW5Yr7vRQlKHuKLo750XsIkdziD93ty4aDm5i5Gi3e6ZYyp2 jzz5ZjE2G4fLQ8zHXXBgypwd3XfkdJ8yBEtvSxkL/UODUXtLeE/Dk2und1h4noObUo5H RvIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=TOWGXZUFkWM4cifKOWg8lYWbqud3GPyZRBgJQT0NJ2A=; b=AjNr6mJkeedbtLdgMricvKFyT7QeAni4JwY4khxdSmYQyJpebQrrYQIqlvWUF8RuGA Ewm0ba18+Jm3pWlHFPRoNC5T31COciSgLRE8IvvAaHgMPXQ7k2Xp1VvgH8mXd8BiHjQW dyqd/phYMkGG1JQANOH5q+TQYGYZXfi1j9K73hubs8ET6+akDeaisTdrmo43Fr8aPiKi wF/g7CnqkgQpuZdPg7qcZYizX0EV/VUGKUQflag3FmG1yuHzJ/nX/x2IuVnLqmwg36UL esSAmHwVMQSarAUn2hWE+mKd2T+i5tpKtlXnKxiYTV4B1Kw7ky3Jz/Z6U+5vRuRhEoi/ 89IQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id 187-v6si1781332itm.133.2018.06.05.08.26.04 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo3-0005Ch-6T; Tue, 05 Jun 2018 15:23:31 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo1-0005C8-HS for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:29 +0000 X-Inumbo-ID: 155bf193-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 155bf193-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:13 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B175715B2; Tue, 5 Jun 2018 08:23:27 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C61C23F557; Tue, 5 Jun 2018 08:23:26 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:58 +0100 Message-Id: <20180605152303.14450-9-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 08/13] xen/arm: alternatives: Add dynamic patching feature X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This is based on the Linux commit dea5e2a4c5bc "arm64: alternatives: Add dynamic patching feature" written by Marc Zyngier: We've so far relied on a patching infrastructure that only gave us a single alternative, without any way to provide a range of potential replacement instructions. For a single feature, this is an all or nothing thing. It would be interesting to have a more flexible grained way of patching the kernel though, where we could dynamically tune the code that gets injected. In order to achive this, let's introduce a new form of dynamic patching, assiciating a callback to a patching site. This callback gets source and target locations of the patching request, as well as the number of instructions to be patched. Dynamic patching is declared with the new ALTERNATIVE_CB and alternative_cb directives: asm volatile(ALTERNATIVE_CB("mov %0, #0\n", callback) : "r" (v)); or alternative_cb callback mov x0, #0 alternative_cb_end where callback is the C function computing the alternative. Reviewed-by: Christoffer Dall Reviewed-by: Catalin Marinas Signed-off-by: Marc Zyngier This is part of XSA-263. Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- Changes in v2: - Fix typo in the commit message - Add Stefano's acked-by --- xen/arch/arm/alternative.c | 48 +++++++++++++++++++++++++++++---------- xen/include/asm-arm/alternative.h | 44 +++++++++++++++++++++++++++++++---- 2 files changed, 75 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index 936cf04956..52ed7edf69 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -30,6 +30,8 @@ #include #include #include +/* XXX: Move ARCH_PATCH_INSN_SIZE out of livepatch.h */ +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -94,6 +96,23 @@ static u32 get_alt_insn(const struct alt_instr *alt, return insn; } +static void patch_alternative(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + const uint32_t *replptr; + unsigned int i; + + replptr = ALT_REPL_PTR(alt); + for ( i = 0; i < nr_inst; i++ ) + { + uint32_t insn; + + insn = get_alt_insn(alt, origptr + i, replptr + i); + updptr[i] = cpu_to_le32(insn); + } +} + /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. @@ -105,33 +124,38 @@ static int __apply_alternatives(const struct alt_region *region, paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr, *origptr; + const u32 *origptr; u32 *updptr; + alternative_cb_t alt_cb; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); for ( alt = region->begin; alt < region->end; alt++ ) { - u32 insn; - int i, nr_inst; + int nr_inst; - if ( !cpus_have_cap(alt->cpufeature) ) + /* Use ARM_CB_PATCH as an unconditional patch */ + if ( alt->cpufeature < ARM_CB_PATCH && + !cpus_have_cap(alt->cpufeature) ) continue; - BUG_ON(alt->alt_len != alt->orig_len); + if ( alt->cpufeature == ARM_CB_PATCH ) + BUG_ON(alt->alt_len != 0); + else + BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); updptr = (void *)origptr + update_offset; - replptr = ALT_REPL_PTR(alt); - nr_inst = alt->alt_len / sizeof(insn); + nr_inst = alt->orig_len / ARCH_PATCH_INSN_SIZE; - for ( i = 0; i < nr_inst; i++ ) - { - insn = get_alt_insn(alt, origptr + i, replptr + i); - *(updptr + i) = cpu_to_le32(insn); - } + if ( alt->cpufeature < ARM_CB_PATCH ) + alt_cb = patch_alternative; + else + alt_cb = ALT_REPL_PTR(alt); + + alt_cb(alt, origptr, updptr, nr_inst); /* Ensure the new instructions reached the memory and nuke */ clean_and_invalidate_dcache_va_range(origptr, diff --git a/xen/include/asm-arm/alternative.h b/xen/include/asm-arm/alternative.h index 4e33d1cdf7..9b4b02811b 100644 --- a/xen/include/asm-arm/alternative.h +++ b/xen/include/asm-arm/alternative.h @@ -3,6 +3,8 @@ #include +#define ARM_CB_PATCH ARM_NCAPS + #ifndef __ASSEMBLY__ #include @@ -18,16 +20,24 @@ struct alt_instr { }; /* Xen: helpers used by common code. */ -#define __ALT_PTR(a,f) ((u32 *)((void *)&(a)->f + (a)->f)) +#define __ALT_PTR(a,f) ((void *)&(a)->f + (a)->f) #define ALT_ORIG_PTR(a) __ALT_PTR(a, orig_offset) #define ALT_REPL_PTR(a) __ALT_PTR(a, alt_offset) +typedef void (*alternative_cb_t)(const struct alt_instr *alt, + const uint32_t *origptr, uint32_t *updptr, + int nr_inst); + void __init apply_alternatives_all(void); int apply_alternatives(const struct alt_instr *start, const struct alt_instr *end); -#define ALTINSTR_ENTRY(feature) \ +#define ALTINSTR_ENTRY(feature, cb) \ " .word 661b - .\n" /* label */ \ + " .if " __stringify(cb) " == 0\n" \ " .word 663f - .\n" /* new instruction */ \ + " .else\n" \ + " .word " __stringify(cb) "- .\n" /* callback */ \ + " .endif\n" \ " .hword " __stringify(feature) "\n" /* feature bit */ \ " .byte 662b-661b\n" /* source len */ \ " .byte 664f-663f\n" /* replacement len */ @@ -45,15 +55,18 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en * but most assemblers die if insn1 or insn2 have a .inst. This should * be fixed in a binutils release posterior to 2.25.51.0.2 (anything * containing commit 4e4d08cf7399b606 or c1baaddf8861). + * + * Alternatives with callbacks do not generate replacement instructions. */ -#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled) \ +#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled, cb) \ ".if "__stringify(cfg_enabled)" == 1\n" \ "661:\n\t" \ oldinstr "\n" \ "662:\n" \ ".pushsection .altinstructions,\"a\"\n" \ - ALTINSTR_ENTRY(feature) \ + ALTINSTR_ENTRY(feature,cb) \ ".popsection\n" \ + " .if " __stringify(cb) " == 0\n" \ ".pushsection .altinstr_replacement, \"a\"\n" \ "663:\n\t" \ newinstr "\n" \ @@ -61,11 +74,17 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en ".popsection\n\t" \ ".org . - (664b-663b) + (662b-661b)\n\t" \ ".org . - (662b-661b) + (664b-663b)\n" \ + ".else\n\t" \ + "663:\n\t" \ + "664:\n\t" \ + ".endif\n" \ ".endif\n" #define _ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg, ...) \ - __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg)) + __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg), 0) +#define ALTERNATIVE_CB(oldinstr, cb) \ + __ALTERNATIVE_CFG(oldinstr, "NOT_AN_INSTRUCTION", ARM_CB_PATCH, 1, cb) #else #include @@ -126,6 +145,14 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en 663: .endm +.macro alternative_cb cb + .set .Lasm_alt_mode, 0 + .pushsection .altinstructions, "a" + altinstruction_entry 661f, \cb, ARM_CB_PATCH, 662f-661f, 0 + .popsection +661: +.endm + /* * Complete an alternative code sequence. */ @@ -135,6 +162,13 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .org . - (662b-661b) + (664b-663b) .endm +/* + * Callback-based alternative epilogue + */ +.macro alternative_cb_end +662: +.endm + #define _ALTERNATIVE_CFG(insn1, insn2, cap, cfg, ...) \ alternative_insn insn1, insn2, cap, IS_ENABLED(cfg) From patchwork Tue Jun 5 15:22:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137764 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099068lji; Tue, 5 Jun 2018 08:26:11 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIoVeKAhRlll2FGqS4N69wBLlzRr6Z33uppZ0s1pD/KXkEstUJB9Do0YWSXrQHn55SfhY/m X-Received: by 2002:a24:efc2:: with SMTP id i185-v6mr11796335ith.57.1528212371760; Tue, 05 Jun 2018 08:26:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212371; cv=none; d=google.com; s=arc-20160816; b=jf1k1P6o4UxawDo/3PpTatUcNvE9Z90mjjTYQnfigoY0xwO/py46yxt7u/ZJS6Iach 3/fqjeDI4VTLfpYV/vlNy1MNrYXS86vHnw3vgeYs6EelC8F4ds1XyfUMtAwD5MlQkzx5 Y32pH70hFXjaX0aPq5C3BbkiNTJ3t18CORrdOD74RQ2mkcvWuk68oCvgYszvcela13+5 NpbbUjJ/qEVVzB4887BfnLJVb53ffvpIHmvPOq+nFdR1GyK1ktQJEeKESL1ugJcEdgFT 2+Y1s7lR6NBbLtvk2K7gw4WdF7GxDTxkmdGbaYm9QUo3eSyA+JwuIQHd8T23/ovs/6fi oenw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=02rkkCNahmVW5nVl2POeGICfBMWGBUZuJMDv4XJduCU=; b=Ze8UwkUWBh71bLVtUEb1TdMQJ1HzTwXacObl7t/MyeSivPPcEx6ocbbR/yLNBzm+rP pilKdhnxJG1ycEAOIUTrIFdjkA82RLiJdrcRMdnA5RwXuTzQEOeTvMpcLCfojFh9bo+q AHvCAMNOlYcvXcmef/pHPbLGzmirnNPUL1ULs4XWuxXvZBSvSNL/zj32L7s6oNj/cQuL VlWs6DL0gaFfTgCVaiwuPDQKk+E9GzO69oA1nlNy1sTk4E/y1A/VNB4VNpTzwF37zn+k Hme288p75GxF/lnlEiEE9AOLLewrjFSbBdoKSXo1NAn8cTOdDlNXO5oRVB/6hzwTaSer EUnA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id i12-v6si1787653itb.110.2018.06.05.08.26.11 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo3-0005Cq-JX; Tue, 05 Jun 2018 15:23:31 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo2-0005CM-Oy for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:30 +0000 X-Inumbo-ID: 16233dd4-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 16233dd4-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:14 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0814F1596; Tue, 5 Jun 2018 08:23:29 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id EE59F3F557; Tue, 5 Jun 2018 08:23:27 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:22:59 +0100 Message-Id: <20180605152303.14450-10-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 09/13] xen/arm64: Add generic assembly macros X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org, Stefano Stabellini MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Add assembly macros to simplify assembly code: - adr_cpu_info: Get the address to the current cpu_info structure - ldr_this_cpu: Load a per-cpu value This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/include/asm-arm/arm64/macros.h | 25 +++++++++++++++++++++++++ xen/include/asm-arm/macros.h | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 xen/include/asm-arm/arm64/macros.h diff --git a/xen/include/asm-arm/arm64/macros.h b/xen/include/asm-arm/arm64/macros.h new file mode 100644 index 0000000000..9c5e676b37 --- /dev/null +++ b/xen/include/asm-arm/arm64/macros.h @@ -0,0 +1,25 @@ +#ifndef __ASM_ARM_ARM64_MACROS_H +#define __ASM_ARM_ARM64_MACROS_H + + /* + * @dst: Result of get_cpu_info() + */ + .macro adr_cpu_info, dst + add \dst, sp, #STACK_SIZE + and \dst, \dst, #~(STACK_SIZE - 1) + sub \dst, \dst, #CPUINFO_sizeof + .endm + + /* + * @dst: Result of READ_ONCE(per_cpu(sym, smp_processor_id())) + * @sym: The name of the per-cpu variable + * @tmp: scratch register + */ + .macro ldr_this_cpu, dst, sym, tmp + ldr \dst, =per_cpu__\sym + mrs \tmp, tpidr_el2 + ldr \dst, [\dst, \tmp] + .endm + +#endif /* __ASM_ARM_ARM64_MACROS_H */ + diff --git a/xen/include/asm-arm/macros.h b/xen/include/asm-arm/macros.h index 5d837cb38b..1d4bb41d15 100644 --- a/xen/include/asm-arm/macros.h +++ b/xen/include/asm-arm/macros.h @@ -8,7 +8,7 @@ #if defined (CONFIG_ARM_32) # include #elif defined(CONFIG_ARM_64) -/* No specific ARM64 macros for now */ +# include #else # error "unknown ARM variant" #endif From patchwork Tue Jun 5 15:23:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137767 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099097lji; Tue, 5 Jun 2018 08:26:14 -0700 (PDT) X-Google-Smtp-Source: ADUXVKK1OdXCZmrOiOuq8pCJqZGiSnuAmxRtby0+ryq4otSlURmIDUTXYgi3BQghwpINzkcbDpTb X-Received: by 2002:a24:5390:: with SMTP id n138-v6mr18873415itb.42.1528212373917; Tue, 05 Jun 2018 08:26:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212373; cv=none; d=google.com; s=arc-20160816; b=otREB6SBuI06uD8RWPSttll2MKVMcBs0E4MyNNFRnGf+yMr5w3mk/R25W3J3f03Af3 mnpPMgxXlD3aP9eaWNBe/y04mbax4ez4+4PpKWIsfdg7lv46DliRpdZxHNOkRzdBgXMo +a6QbcPdawZcjLeHw2XF9KG1peHVGChkrJ9LbQW5+hH7xoO92e+Z/2ZzThYx9ksSeHYW jRaw0FJpBSFIRJzyAQTKDkpKE15frJTiMoUMdYsqHe2OfDzrD9szIrkkfrka1UK8jFAe RhcAi33kJIikfmzJZGyiOHx1roMofWw5Du8C4dyG1Ulb8JLKMRWIivOhGC2n5hcvW95p BHlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=uL1BUz0iih+OcvAVkjF6elfQdcVTWMsBTl12P7oalsc=; b=XFYhcBMnlgk+jt9PQfosaVYiZgpPdWVo9kbBWg6Z4fFNvleNYhOAIAfNFnL2VgZkPI didyYATwpCwGbEmWeGHqo68XKqZwvorVLO1EcoyJ2ye5q2mC7+10EW4KAPzLMLtb67A1 dlubF0JxYaQEHh7eDHIHMrmLMi8cyy+FwuVx4t1DLApgpN05YOCGspeYEmOSUM9Caop1 SWx1EPtNVbwVEeoLohPeF6ZwHM58jY6x4glhpQEFd7K+8HNk1W6jEMdXGHNFRT4BlcQz 4dpJ4NGYwqXtogKqr5dVhH5XB92jLg8sduKbkgXTJr67Ax1dJdSZhdmwR0xj/cld04tB msVQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id l2-v6si6889263ioa.105.2018.06.05.08.26.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo5-0005Ee-0o; Tue, 05 Jun 2018 15:23:33 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo4-0005Cv-29 for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:32 +0000 X-Inumbo-ID: 16bdaec3-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 16bdaec3-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:16 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3024815B2; Tue, 5 Jun 2018 08:23:30 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 45E703F557; Tue, 5 Jun 2018 08:23:29 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:23:00 +0100 Message-Id: <20180605152303.14450-11-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 10/13] xen/arm64: Implement a fast path for handling SMCCC_ARCH_WORKAROUND_2 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The function ARM_SMCCC_ARCH_WORKAROUND_2 will be called by the guest for enabling/disabling the ssbd mitigation. So we want the handling to be as fast as possible. The new sequence will forward guest's ARCH_WORKAROUND_2 call to EL3 and also track the state of the workaround per-vCPU. Note that since we need to execute branches, this always executes after the spectre-v2 mitigation. This code is based on KVM counterpart "arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests" written by Marc Zyngier. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Combine the 2 consecutive eor instructions in a single one. --- xen/arch/arm/arm64/asm-offsets.c | 2 ++ xen/arch/arm/arm64/entry.S | 42 +++++++++++++++++++++++++++++++++++++++- xen/arch/arm/cpuerrata.c | 18 +++++++++++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/arm64/asm-offsets.c b/xen/arch/arm/arm64/asm-offsets.c index ce24e44473..f5c696d092 100644 --- a/xen/arch/arm/arm64/asm-offsets.c +++ b/xen/arch/arm/arm64/asm-offsets.c @@ -22,6 +22,7 @@ void __dummy__(void) { OFFSET(UREGS_X0, struct cpu_user_regs, x0); + OFFSET(UREGS_X1, struct cpu_user_regs, x1); OFFSET(UREGS_LR, struct cpu_user_regs, lr); OFFSET(UREGS_SP, struct cpu_user_regs, sp); @@ -45,6 +46,7 @@ void __dummy__(void) BLANK(); DEFINE(CPUINFO_sizeof, sizeof(struct cpu_info)); + OFFSET(CPUINFO_flags, struct cpu_info, flags); OFFSET(VCPU_arch_saved_context, struct vcpu, arch.saved_context); diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index e2344e565f..97b05f53ea 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -1,4 +1,6 @@ #include +#include +#include #include #include #include @@ -241,7 +243,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, guest_sync_slowpath + cbnz w0, check_wa2 /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,6 +252,44 @@ guest_sync: mov x1, xzr eret +check_wa2: + /* ARM_SMCCC_ARCH_WORKAROUND_2 handling */ + eor w0, w0, #(ARM_SMCCC_ARCH_WORKAROUND_1_FID ^ ARM_SMCCC_ARCH_WORKAROUND_2_FID) + cbnz w0, guest_sync_slowpath +#ifdef CONFIG_ARM_SSBD +alternative_cb arm_enable_wa2_handling + b wa2_end +alternative_cb_end + /* Sanitize the argument */ + mov x0, #-(UREGS_kernel_sizeof - UREGS_X1) /* x0 := offset of guest's x1 on the stack */ + ldr x1, [sp, x0] /* Load guest's x1 */ + cmp w1, wzr + cset x1, ne + + /* + * Update the guest flag. At this stage sp point after the field + * guest_cpu_user_regs in cpu_info. + */ + adr_cpu_info x2 + ldr x0, [x2, #CPUINFO_flags] + bfi x0, x1, #CPUINFO_WORKAROUND_2_FLAG_SHIFT, #1 + str x0, [x2, #CPUINFO_flags] + + /* Check that we actually need to perform the call */ + ldr_this_cpu x0, ssbd_callback_required, x2 + cbz x0, wa2_end + + mov w0, #ARM_SMCCC_ARCH_WORKAROUND_2_FID + smc #0 + +wa2_end: + /* Don't leak data from the SMC call */ + mov x1, xzr + mov x2, xzr + mov x3, xzr +#endif /* !CONFIG_ARM_SSBD */ + mov x0, xzr + eret guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 4292008692..7455f09f26 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -7,6 +7,7 @@ #include #include #include +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -272,6 +273,23 @@ static int __init parse_spec_ctrl(const char *s) } custom_param("spec-ctrl", parse_spec_ctrl); +/* Arm64 only for now as for Arm32 the workaround is currently handled in C. */ +#ifdef CONFIG_ARM_64 +void __init arm_enable_wa2_handling(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + BUG_ON(nr_inst != 1); + + /* + * Only allow mitigation on guest ARCH_WORKAROUND_2 if the SSBD + * state allow it to be flipped. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + *updptr = aarch64_insn_gen_nop(); +} +#endif + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. From patchwork Tue Jun 5 15:23:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137763 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099063lji; Tue, 5 Jun 2018 08:26:11 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIT/RGJeEY5NrlvDN6m2SvwgvIyq+9Q9x1ZR1Y1THPn7j9jX9e0qqojcZud7hFK2uIP4ga/ X-Received: by 2002:a24:6c8c:: with SMTP id w134-v6mr9447667itb.75.1528212371463; Tue, 05 Jun 2018 08:26:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212371; cv=none; d=google.com; s=arc-20160816; b=i9aTiWG77mpqp/D6o0dB8NlcwwjtCkvZF+sbVSBGm9ch5fHrQzk5voL0Jb/UYGzMwO IISF1ugoE6c5iKVMre4g/8DBPIRD6yaV76Np3YlqwrKt18jvEOweLnQF/bpCojJZHOyw r8IgUG1wTKwekm9sBRYF5Hv2Ms/oGBWRe9N8cOIRfOhatml8++CiGAF1K3PIwJAjgq5G dcTeGViskifXX0E62V3ukINLFmaLrC/fofbZN1Dh+MUS93QxgXybJcOWgTddZV6dhG3C kGOtyefckwlxBkJvpzJVfsSmnwUwIRz6nxsrw+ncE9o+GAX9Oxnr/VuoYdN1gbOnCLQd 5O6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=KVA7WYpFbGgKB4E75PMYwdw9dNxJbsWv8jzhfYqCg2M=; b=h1c/aukSVBERc6O5GYaschEeLYgCNOlGpChzcm9x5LD4BRey57ZLsWxDCDswUEYN0T v8q0XEusy8ZkDyzOFBZFtb6H172JF+Daf2KZjY6VFFbbAh19Zgsg8PYewAdFy3W1USVq L9YA/vt02kUYkZANVj207zLCMwLTZ5kdcCJpVjsjfNzG/W/AEa6mCcZXG64aJ8Hf91TS hU5ZAUWcC6eK/VUH6K/o2zSG3Hy3IeF0oueN/zVcVkyAxxBGzIDoB6uEZvSPpytOZxve +/MD2XZy6QK0VUOFJUhiJvhjGyp8t2sP+tgHl2Ns/7THJWU6U92kCXgw5y9IlfDI1n50 AJmw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id b129-v6si1887325ith.68.2018.06.05.08.26.11 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo7-0005Hb-QC; Tue, 05 Jun 2018 15:23:35 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo5-0005Eo-Bl for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:33 +0000 X-Inumbo-ID: 176f320e-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 176f320e-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:17 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5874D1596; Tue, 5 Jun 2018 08:23:31 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6DFFA3F557; Tue, 5 Jun 2018 08:23:30 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:23:01 +0100 Message-Id: <20180605152303.14450-12-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 11/13] xen/arm: Kconfig: Move HARDEN_BRANCH_PREDICTOR under "Architecture features" X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" At the moment, HARDEN_BRANCH_PREDICTOR is not in any section making impossible for the user to unselect it. Also, it looks like we require to use 'expert = "y"' for showing the option in expert mode. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/Kconfig | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 0e2d027060..4212c58171 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -83,6 +83,23 @@ config ARM_SSBD If unsure, say Y. +config HARDEN_BRANCH_PREDICTOR + bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y" + default y + help + Speculation attacks against some high-performance processors rely on + being able to manipulate the branch predictor for a victim context by + executing aliasing branches in the attacker context. Such attacks + can be partially mitigated against by clearing internal branch + predictor state and limiting the prediction logic in some situations. + + This config option will take CPU-specific actions to harden the + branch predictor against aliasing attacks and may rely on specific + instruction sequences or control bits being set by the system + firmware. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" @@ -197,23 +214,6 @@ config ARM64_ERRATUM_834220 endmenu -config HARDEN_BRANCH_PREDICTOR - bool "Harden the branch predictor against aliasing attacks" if EXPERT - default y - help - Speculation attacks against some high-performance processors rely on - being able to manipulate the branch predictor for a victim context by - executing aliasing branches in the attacker context. Such attacks - can be partially mitigated against by clearing internal branch - predictor state and limiting the prediction logic in some situations. - - This config option will take CPU-specific actions to harden the - branch predictor against aliasing attacks and may rely on specific - instruction sequences or control bits being set by the system - firmware. - - If unsure, say Y. - config ARM64_HARDEN_BRANCH_PREDICTOR def_bool y if ARM_64 && HARDEN_BRANCH_PREDICTOR From patchwork Tue Jun 5 15:23:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137769 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1099143lji; Tue, 5 Jun 2018 08:26:16 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLdKdohVC/u00GqEU4aIW6F8AAMG8Q7jT7Juk+IesN96j7xeHahczvZ8j9g106kSW7/Aife X-Received: by 2002:a24:e506:: with SMTP id g6-v6mr2038060iti.117.1528212376075; Tue, 05 Jun 2018 08:26:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212376; cv=none; d=google.com; s=arc-20160816; b=diIh5VD6n2CD00+pY8py40LwX8whTdONjyVsSW7w76ANZk0QczbBf3OwXfCKv8vZQE HqFDBG9zvn4vioZbkdOJs12p1PlQRCiiH78LXAhSZ3ua/AooxFAe/wZGQIBFmoK2OQxl JZxKBlnpJ1xJpYmSe/DKGVlVOcdapqzXHOtmIr5v22W5iFA8Zc2lYjvvD7hb0ldf9V7Q TleK9yL0qmv8gOwf/rDcDc2e2OaKWbT8hfij+aeuPdqHNZ/C3zYQbFkUPmc7O9oQwRO/ 6+RjuFSOohR6J0UDSnj3sZ7feUkD634OteiTVaaxfy3NwRxA4okbSp23XFB03n8R36+i 3s+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=K/zrqP0z/NfYfazw/sbgskwe6NSLgv2VqgNqfpZnIvQ=; b=wMTMZRK4iFF6++P9XIaQHUKcbWI+kUK9uL09di2c3U5flYmxChqfhnpqQ40Nwe3JqX J5C6jo+LrYIxdsGeQ3I2VUWKsChzsRlf1bmEN93AvghZ775kJ5uXGFxVC8Pc+22Lm9t4 nWiKOohy2pLpCMORyOl/pmfJ8+ukON7R3NTymiBQ7Ei3PdOGf/0KIjm02XEEHclAWYBy 3ga5gbV7YYtMlgK5xHN1cXUV9wYjseVd2w0sPp0e7miLDkTY+uKaDlYoxD/+FzXNe8Zd qwBqlARUFbsb/CHbGD9YUGER/ncjCtnk9zIQrCeNhjZfNHwGJnf6gGECuENIe9CLBtbV m5IA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id i197-v6si1454413itf.117.2018.06.05.08.26.15 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo7-0005H9-Ei; Tue, 05 Jun 2018 15:23:35 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo5-0005Ep-Bt for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:33 +0000 X-Inumbo-ID: 180aac7c-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 180aac7c-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:18 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 80ACB1596; Tue, 5 Jun 2018 08:23:32 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 964963F557; Tue, 5 Jun 2018 08:23:31 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:23:02 +0100 Message-Id: <20180605152303.14450-13-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 12/13] xen/arm: smccc: Fix indentation in ARM_SMCCC_ARCH_WORKAROUND_1_FID X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- Changes in v2: - Add Stefano's acked-by --- xen/include/asm-arm/smccc.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index a6804cec99..74c13f8419 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -254,9 +254,9 @@ struct arm_smccc_res { #define ARM_SMCCC_ARCH_WORKAROUND_1_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ - ARM_SMCCC_CONV_32, \ - ARM_SMCCC_OWNER_ARCH, \ - 0x8000) + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x8000) #define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ From patchwork Tue Jun 5 15:23:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 137761 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1098977lji; Tue, 5 Jun 2018 08:26:07 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIYAX0UdeKRmwQ0RLYuZOBdWXtmOs6dtTsOqgZHfxnubSBz+aTaEXHJP5trcgqqKooi6m3q X-Received: by 2002:a6b:720d:: with SMTP id n13-v6mr27360456ioc.123.1528212367320; Tue, 05 Jun 2018 08:26:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528212367; cv=none; d=google.com; s=arc-20160816; b=EI0B7qtIyKUUsbc/AiaiTU7zYKhslfGQHsMi/U4JAGoJ0F0C2anaF1s9F8L4+8FS+A fM854nJbUvB53N5hpPG0+7O/5UpAuR7EhDi85NWOorIMykZvcrOCme6VAemQTmCnWd5/ O+w4c5R6XqZO8qwpJmFDZ4YAi0Nv684ph89TdzNppwD/HejeXUTEZlpQsiJpw5BQMMFp ePSjE5Znk0OTc4ASWuLBNVqpcjx2b7KgThYlU2FxAkR+JFX0CPf51kP5PNkd3s91DU1r Z80VK6087yPvZuOAwoFpBiuSrR+mHYQr67PaD2LNMLwO9k/2pJZ5HfcSmnsIWPhU4dZA u88w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=smFcaeoBTL6C+7qA4zFKrSWVpBF6FtHMeKqU3+D14zc=; b=HWeJJsYZzcveywnZaJZDWV0Kt7rtEsUz2mYcQJIrdizxGSH94SXZnhK6jyrK9TYUzP KKVIT9gDhrTKSy1OWvHNq+6uGBFp7jxClsA/r6Sc6hMcBo1eAXIdXVYJ+IbfZ4QUYYJl rSN6Jm5s/ZEeadYsmfOnw2JNpMjcJQ5g+f+Vet6solXgz7nL4hfa0eaXu1JSI5uu29Cu qiBAMCz8r2Y4ZB8Wl2ywHtPripyxCIkaoXQv2iE0odkT7+fx96quHS8lVJv0jtVBhFPH bJ/6TkfKMMZl9X/UqydBfMDjyFJR52ESzdPzxAHnecgcBxeJwPqEYX/sY8Q7Kta0KJeY Q/fg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id o187-v6si1773486ito.88.2018.06.05.08.26.07 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Jun 2018 08:26:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo9-0005It-7Q; Tue, 05 Jun 2018 15:23:37 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fQDo7-0005HI-MM for xen-devel@lists.xenproject.org; Tue, 05 Jun 2018 15:23:35 +0000 X-Inumbo-ID: 18d2faf1-68d4-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 18d2faf1-68d4-11e8-9728-bc764e045a96; Tue, 05 Jun 2018 17:21:19 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A8EBA15AD; Tue, 5 Jun 2018 08:23:33 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BE66B3F557; Tue, 5 Jun 2018 08:23:32 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 5 Jun 2018 16:23:03 +0100 Message-Id: <20180605152303.14450-14-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180605152303.14450-1-julien.grall@arm.com> References: <20180605152303.14450-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v1 13/13] xen/arm: Avoid to use current everywhere in enter_hypervisor_head X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Using current is fairly expensive, so save up into a variable. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/traps.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 315fc61f77..bde303261e 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2024,8 +2024,10 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + struct vcpu *v = current; + /* If the guest has disabled the workaround, bring it back on. */ - if ( needs_ssbd_flip(current) ) + if ( needs_ssbd_flip(v) ) arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); /* @@ -2034,8 +2036,8 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * but the crucial bit is "On taking a vSError interrupt, HCR_EL2.VSE * (alias of HCR.VA) is cleared to 0." */ - if ( current->arch.hcr_el2 & HCR_VA ) - current->arch.hcr_el2 = READ_SYSREG(HCR_EL2); + if ( v->arch.hcr_el2 & HCR_VA ) + v->arch.hcr_el2 = READ_SYSREG(HCR_EL2); #ifdef CONFIG_NEW_VGIC /* @@ -2045,11 +2047,11 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * TODO: Investigate whether this is necessary to do on every * trap and how it can be optimised. */ - vtimer_update_irqs(current); - vcpu_update_evtchn_irq(current); + vtimer_update_irqs(v); + vcpu_update_evtchn_irq(v); #endif - vgic_sync_from_lrs(current); + vgic_sync_from_lrs(v); } }