From patchwork Thu Jan 25 21:45:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nishanth Menon X-Patchwork-Id: 125977 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1411831ljf; Thu, 25 Jan 2018 13:46:35 -0800 (PST) X-Google-Smtp-Source: AH8x227Qs8dGJZkEPrkQdj1Vli5KwuIJAdsKjwKacfaUEwYjiryePfvfIAGPmBaKrf/5VDFtUiVz X-Received: by 10.80.161.167 with SMTP id 36mr30860349edk.38.1516916795806; Thu, 25 Jan 2018 13:46:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516916795; cv=none; d=google.com; s=arc-20160816; b=mVuEkvVlv8T5apycRHomyyVFNJ55Ft8zc5izQUYu4oC4SfAtuh6bWzH0duFJpne7cq pzpOgM313C3qzf59qQhdfJ3TsbDcbx1LcGjT0lsobYrmdttltlZpcrbJ3gnKfcw2xIt8 MUF4cRtjbTZ0FgAvD0Hj9LVrXo2dbT0xM5DgI909bzH6bcQvZm3sQUBTTJrfIw0Wgvnp NLpL9fkui+UU/3AlilvnfcDb/X7vyryb+4IipfLeo63dymezjANP8u8MpXaiybH4cFT2 kXzT46xZSlWWze7KtWxIZM1vYDPVZlLYG7saMiDPU90Lxvp/9ijV+ADQjqyVemX35afN BPXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :cc:mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:arc-authentication-results; bh=GTZNNOHbjZLjKawSxNhuy8Fs8EkfCjPzgX5SXafVfGY=; b=oHQAGByqFelYvekmFiIUUhjHx+x0upuL8GWIaC8CR6tg7FVLNQO3XPCMsWv7j0OSvJ PJAFRfsvHApZN8+z27BfN3kijSyci53NC9APlzW88BMj+QTacOupIdum4X2sHZlP4uyg WWHeJxqw6039L55zDAyaf8YVgzraFHUgg1ePXETTL+sua3OD9IQsVXJZaOdK8+b5qfpf tBYo6Szt3aCzopk8MXy+GBxSsiIrLTl33xnTwox3njbkFXt52crNGEam4nW0WM5Cx7/I G1HcYG0u7gYyUs4O1INOEOQkURgvQJ2sLO+0TaxcAGhGrTuPQlnQt2l43zR69KTJ7mZW EgAQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@ti.com header.s=ti-com-17Q1 header.b=JknUFvHi; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id k35si157473edb.67.2018.01.25.13.46.35; Thu, 25 Jan 2018 13:46:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@ti.com header.s=ti-com-17Q1 header.b=JknUFvHi; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com Received: by lists.denx.de (Postfix, from userid 105) id 4E217C22294; Thu, 25 Jan 2018 21:46:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 398FEC21E90; Thu, 25 Jan 2018 21:46:28 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id EF886C21F97; Thu, 25 Jan 2018 21:46:26 +0000 (UTC) Received: from lelnx194.ext.ti.com (lelnx194.ext.ti.com [198.47.27.80]) by lists.denx.de (Postfix) with ESMTPS id A6131C21E90 for ; Thu, 25 Jan 2018 21:46:25 +0000 (UTC) Received: from dlelxv90.itg.ti.com ([172.17.2.17]) by lelnx194.ext.ti.com (8.15.1/8.15.1) with ESMTP id w0PLk0Rx011456; Thu, 25 Jan 2018 15:46:00 -0600 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ti.com; s=ti-com-17Q1; t=1516916760; bh=7ZztqWrDvMODQvVfJuOMKTpwGOFxhQlpo+Ffo3+PKjU=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=JknUFvHio/8iDNAuGIqjCJqDegy182PztYJNVWhPU2bI5KI7mg4zw0Lj+e8zAEVtb sLcFBKGNpWxyibAs3O8IiqVnrOgEcv5d/f6KqZPLfffocZKITJW1ozNJU5A60Hls02 /AIK4l8p2eMQqrD0U4QAWgwDPTNYM6+rVsFch+fs= Received: from DFLE106.ent.ti.com (dfle106.ent.ti.com [10.64.6.27]) by dlelxv90.itg.ti.com (8.14.3/8.13.8) with ESMTP id w0PLk0K5028051; Thu, 25 Jan 2018 15:46:00 -0600 Received: from DFLE100.ent.ti.com (10.64.6.21) by DFLE106.ent.ti.com (10.64.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.35; Thu, 25 Jan 2018 15:46:00 -0600 Received: from dlep33.itg.ti.com (157.170.170.75) by DFLE100.ent.ti.com (10.64.6.21) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1261.35 via Frontend Transport; Thu, 25 Jan 2018 15:45:59 -0600 Received: from localhost (ileax41-snat.itg.ti.com [10.172.224.153]) by dlep33.itg.ti.com (8.14.3/8.13.8) with ESMTP id w0PLjxFK004824; Thu, 25 Jan 2018 15:45:59 -0600 From: Nishanth Menon To: Tom Rini Date: Thu, 25 Jan 2018 15:45:58 -0600 Message-ID: <20180125214559.27570-2-nm@ti.com> X-Mailer: git-send-email 2.15.1 In-Reply-To: <20180125214559.27570-1-nm@ti.com> References: <20180125214559.27570-1-nm@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 Cc: Russell King , u-boot@lists.denx.de, Ard Biesheuvel , Marc Zyngier , Catalin Marinas , Will Deacon , Tony Lindgren , Andre Przywara , Robin Murphy Subject: [U-Boot] [RFC PATCH 1/2] ARM: Introduce ability to enable ACR::IBE on Cortex-A8 for CVE-2017-5715 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" As recommended by Arm in [1], IBE[2] has to be enabled unconditionally for BPIALL to be functional on Cortex-A8 processors. Provide a config option for platforms to enable this option based on impact analysis for products. NOTE: This patch in itself is NOT the final solution, this requires: a) Implementation of v7_arch_cp15_set_acr on SoCs which may not provide direct access to ACR register. b) Operating Systems such as Linux to provide adequate workaround in the right locations. [1] https://developer.arm.com/support/security-update [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0344k/Bgbffjhh.html Cc: Marc Zyngier Cc: Russell King Cc: Tony Lindgren Cc: Robin Murphy Cc: Florian Fainelli Cc: Catalin Marinas Cc: Will Deacon Cc: Christoffer Dall Cc: Andre Przywara Cc: Ard Biesheuvel Cc: Tom Rini Cc: Michael Nazzareno Trimarchi Signed-off-by: Nishanth Menon --- arch/arm/Kconfig | 5 +++++ arch/arm/cpu/armv7/start.S | 7 +++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index f6d57f5505ff..c2ac0fef9d0c 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -86,6 +86,8 @@ config THUMB2_KERNEL # CONFIG_ARM_ERRATA_621766 # CONFIG_ARM_ERRATA_798870 # CONFIG_ARM_ERRATA_801819 +# CONFIG_ARM_CORTEX_A8_CVE_2017_5715 + config ARM_ERRATA_430973 bool @@ -155,6 +157,9 @@ config ARM_ERRATA_852423 config ARM_ERRATA_855873 bool +config ARM_CORTEX_A8_CVE_2017_5715 + bool + config CPU_ARM720T bool select SYS_CACHE_SHIFT_5 diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S index 7e2695761e98..64c5d7598dea 100644 --- a/arch/arm/cpu/armv7/start.S +++ b/arch/arm/cpu/armv7/start.S @@ -249,12 +249,15 @@ skip_errata_801819: pop {r1-r5} @ Restore the cpu info - fall through #endif -#ifdef CONFIG_ARM_ERRATA_430973 +#if defined(CONFIG_ARM_ERRATA_430973) || defined (CONFIG_ARM_CORTEX_A8_CVE_2017_5715) mrc p15, 0, r0, c1, c0, 1 @ Read ACR +#ifdef CONFIG_ARM_CORTEX_A8_CVE_2017_5715 + orr r0, r0, #(0x1 << 6) @ Set IBE bit always to enable OS WA +#else cmp r2, #0x21 @ Only on < r2p1 orrlt r0, r0, #(0x1 << 6) @ Set IBE bit - +#endif push {r1-r5} @ Save the cpu info registers bl v7_arch_cp15_set_acr pop {r1-r5} @ Restore the cpu info - fall through From patchwork Thu Jan 25 21:45:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nishanth Menon X-Patchwork-Id: 125978 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1412174ljf; Thu, 25 Jan 2018 13:47:12 -0800 (PST) X-Google-Smtp-Source: AH8x226O6fxjTU41XKNSydOoWKExX+v+vAyD+zBDQrFuoIIaKLDEtJf8us1N5hjghcw2RhfPua6T X-Received: by 10.80.213.132 with SMTP id v4mr21094151edi.58.1516916832350; Thu, 25 Jan 2018 13:47:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516916832; cv=none; d=google.com; s=arc-20160816; b=pkusFdJOj4wPk6eSs30XvxfnepAKJJMg0Xteo0H1HPVLaXKUstxcQT8G1XkTyMm4Bt 8NNgNgGARUnVySTsXZa1eGwM+z3btQzzV3eauDxoAcbx6WKTheIA89hC6a8mCj1eKO5R Ns5UTWDE2ZVhng7F6pWhEcSC7SpV793ZqogDdopU6C+5byGmD7Ur7Wkybn/1+9Q84Awe S3FoSKfUmluQBOW+19gm8G9cL5pBPn5EXRafC7DqCKLYb0QN1DBI9B+2JYfYxcbvFcx4 NiAvlQeV5WOOW6qIYDsFtKdStChA3fIvR1/AevLXDu2fduC1R9oXC/rbYT3+dVXOrfY1 61NA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :cc:mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:arc-authentication-results; bh=6OuLCrYcnspJQFR2IFTZlTc70jaf8ZT+FLHnbYKhKro=; b=S48hS0U3W5n5aRVQtJ+996U2kwLuMX3pEMW7xsAdxb+Tt92/CLHwgO5QNGr0EAQN8l kVmAND2P4zQ/a3Q/djFVQimoyfqbl40fN1k/y2rtbVIYV8IwtPPNAcwbue7OyWc2ORpJ GDQxspNFzqmqNbYqOpuVEotZJTb+AtDtmC3kItMx22krUSF1/tNN5fjEZQ/tCRGcbwcx L1SS2agI3HZxUs5gUmLpnjavVFo7nF4PbdfJhFejgEWiv4vAfwPQMNOflwymIUAlbHXa 2JCZO+1G0TFKQPYF+0HG0d086gOCWg8qqD2OWWa3vA/3VqgQ5EHu5iEDQop5VXo/J36l UoVg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@ti.com header.s=ti-com-17Q1 header.b=NO7Y+zf6; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id z12si2988812edm.176.2018.01.25.13.47.11; Thu, 25 Jan 2018 13:47:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@ti.com header.s=ti-com-17Q1 header.b=NO7Y+zf6; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=QUARANTINE sp=NONE dis=QUARANTINE) header.from=ti.com Received: by lists.denx.de (Postfix, from userid 105) id C4C27C2232F; Thu, 25 Jan 2018 21:46:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 054FFC222BF; Thu, 25 Jan 2018 21:46:29 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 04F28C21D9F; Thu, 25 Jan 2018 21:46:26 +0000 (UTC) Received: from lelnx194.ext.ti.com (lelnx194.ext.ti.com [198.47.27.80]) by lists.denx.de (Postfix) with ESMTPS id D3098C21D9F for ; Thu, 25 Jan 2018 21:46:24 +0000 (UTC) Received: from dflxv15.itg.ti.com ([128.247.5.124]) by lelnx194.ext.ti.com (8.15.1/8.15.1) with ESMTP id w0PLk0DD011450; Thu, 25 Jan 2018 15:46:00 -0600 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ti.com; s=ti-com-17Q1; t=1516916760; bh=rXlrQwugHbnQMCZSRqMJSxJ0M7CoTjXuGIx/XcmrfFw=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=NO7Y+zf6alBRfFP/uBctONALZflEwMsf7/yfceRDzJd5j+K+A81x/i2CBad/bV0tP 1NYfFpr3lsiPfntXu/V2eLbiNEfp3WDZ6nTex7jJ7rC8ZTi/nio8uidyfLrc5KWEF3 U4R4eyc8U1E024vNpbK1cUwKEIYVOBySUf/SHA7U= Received: from DFLE105.ent.ti.com (dfle105.ent.ti.com [10.64.6.26]) by dflxv15.itg.ti.com (8.14.3/8.13.8) with ESMTP id w0PLk0Wt022900; Thu, 25 Jan 2018 15:46:00 -0600 Received: from DFLE110.ent.ti.com (10.64.6.31) by DFLE105.ent.ti.com (10.64.6.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.35; Thu, 25 Jan 2018 15:46:00 -0600 Received: from dlep32.itg.ti.com (157.170.170.100) by DFLE110.ent.ti.com (10.64.6.31) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.1261.35 via Frontend Transport; Thu, 25 Jan 2018 15:46:00 -0600 Received: from localhost (ileax41-snat.itg.ti.com [10.172.224.153]) by dlep32.itg.ti.com (8.14.3/8.13.8) with ESMTP id w0PLk0Vs007092; Thu, 25 Jan 2018 15:46:00 -0600 From: Nishanth Menon To: Tom Rini Date: Thu, 25 Jan 2018 15:45:59 -0600 Message-ID: <20180125214559.27570-3-nm@ti.com> X-Mailer: git-send-email 2.15.1 In-Reply-To: <20180125214559.27570-1-nm@ti.com> References: <20180125214559.27570-1-nm@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 Cc: Russell King , u-boot@lists.denx.de, Ard Biesheuvel , Marc Zyngier , Catalin Marinas , Will Deacon , Tony Lindgren , Andre Przywara , Robin Murphy Subject: [U-Boot] [RFC PATCH 2/2] ARM: Introduce ability to enable invalidate of BTB on Cortex-A15 for CVE-2017-5715 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" As recommended by Arm in [1], ACR needs to be set[2] to enable invalidation of BTB. This has to be enabled unconditionally for ICIALLU to be functional on Cortex-A15 processors. Provide a config option for platforms to enable this option based on impact analysis for products. NOTE: This patch in itself is NOT the final solution, this requires: a) Implementation of v7_arch_cp15_set_acr on SoCs which may not provide direct access to ACR register. b) Operating Systems such as Linux to provide adequate workaround in the right locations. [1] https://developer.arm.com/support/security-update [2] http://infocenter.arm.com/help/topic/com.arm.doc.ddi0438c/BABGHIBG.html Cc: Marc Zyngier Cc: Russell King Cc: Tony Lindgren Cc: Robin Murphy Cc: Florian Fainelli Cc: Catalin Marinas Cc: Will Deacon Cc: Christoffer Dall Cc: Andre Przywara Cc: Ard Biesheuvel Cc: Tom Rini Cc: Michael Nazzareno Trimarchi Signed-off-by: Nishanth Menon --- arch/arm/Kconfig | 4 ++++ arch/arm/cpu/armv7/start.S | 8 ++++++++ 2 files changed, 12 insertions(+) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index c2ac0fef9d0c..116cee559ca4 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -87,6 +87,7 @@ config THUMB2_KERNEL # CONFIG_ARM_ERRATA_798870 # CONFIG_ARM_ERRATA_801819 # CONFIG_ARM_CORTEX_A8_CVE_2017_5715 +# CONFIG_ARM_CORTEX_A15_CVE_2017_5715 config ARM_ERRATA_430973 bool @@ -160,6 +161,9 @@ config ARM_ERRATA_855873 config ARM_CORTEX_A8_CVE_2017_5715 bool +config ARM_CORTEX_A15_CVE_2017_5715 + bool + config CPU_ARM720T bool select SYS_CACHE_SHIFT_5 diff --git a/arch/arm/cpu/armv7/start.S b/arch/arm/cpu/armv7/start.S index 64c5d7598dea..4835316bb37e 100644 --- a/arch/arm/cpu/armv7/start.S +++ b/arch/arm/cpu/armv7/start.S @@ -238,6 +238,14 @@ skip_errata_798870: skip_errata_801819: #endif +#ifdef CONFIG_ARM_CORTEX_A15_CVE_2017_5715 + mrc p15, 0, r0, c1, c0, 1 @ read auxilary control register + orr r0, r0, #1 << 0 @ Enable invalidates of BTB + push {r1-r5} @ Save the cpu info registers + bl v7_arch_cp15_set_acr + pop {r1-r5} @ Restore the cpu info - fall through +#endif + #ifdef CONFIG_ARM_ERRATA_454179 mrc p15, 0, r0, c1, c0, 1 @ Read ACR