From patchwork Mon Mar 12 13:19:35 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Julien Grall <julien.grall@arm.com>
X-Patchwork-Id: 131380
Delivered-To: patch@linaro.org
Received: by 10.46.84.17 with SMTP id i17csp736036ljb;
 Mon, 12 Mar 2018 06:21:54 -0700 (PDT)
X-Google-Smtp-Source: AG47ELvPrKrBujsPS7xKYMCG+6tJOkdDI21fpTzxf7TmTQmNyKOE4xDOdprwKNUwDKKvnRLA9x/T
X-Received: by 10.107.34.199 with SMTP id i190mr8772553ioi.185.1520860914651; 
 Mon, 12 Mar 2018 06:21:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1520860914; cv=none;
 d=google.com; s=arc-20160816;
 b=jLC1+G4JNoEnHl3POPDVCFBpmA3P/uv975Q4SoNDCvt/g3OJbjJq1SUKToN7rxjqWN
 6ZRRCOZK1EqELamACMkM8G2xVc1zlupE72jNoVryv9AflIZqNwI+8egLF3An4CDTsPqX
 z07vE4MzZ+n7RMVRe0ABj6gCJ+HfWd7/V/rXY/aRcDkyTBRBOdId5rQJoElAgA1+GcRw
 Y7B7EM2G2xGi0hGH5rY3t0OhHlmaOThTmIDU4YVLdBH47+pGaMDw+I89u0h5JDRkB/rp
 l/csAVhM9+j3kNuHWBmYYTEzf9alOTgv8Rh+UHBZd81e/9S+wJcrzDstfkPxhAyU5y//
 GyUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:content-transfer-encoding:mime-version
 :list-subscribe:list-help:list-post:list-unsubscribe:list-id
 :precedence:subject:cc:message-id:date:to:from
 :arc-authentication-results;
 bh=bgqIGYRiCjJts1FcpqeiOxbPMVwE74Y0y7FOOYfMDMk=;
 b=DSwZelwSIGKS/b2qK+ZOHD3TEi8YG2kewhpix/PCeLMDEK0hjH9lmpCTTD/NYXD2VN
 AQQJ3Igwxe/Fa2ag1EKHXYXlu+vK8IoB8fN07STQso7tsxEVx0ZFTahUcSET2Mvnz4MZ
 i2zKl0rS4P+o0wA1W4/FSUVjN8+LSKq7lYt2DoghowTv9CUcKy/u+gXmx0WovFpSR7wH
 HdJUmSHbTJBlxp296I07U4hSGdD2Gg9+ombGqHXr5sLU6bryt0uRcKlNRBqyIuckj0DY
 uGjSHOsEwTScX13YvsNckn8uwNhr7ZNgf9ewPvafhJwMFc2Kh0aR3tdEBUNHW1OQ+SEW
 Af5A==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120])
 by mx.google.com with ESMTPS id
 c18si3947195itd.48.2018.03.12.06.21.54
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Mon, 12 Mar 2018 06:21:54 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 xen-devel-bounces@lists.xenproject.org designates
 192.237.175.120 as permitted sender)
 smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <xen-devel-bounces@lists.xenproject.org>)
 id 1evNMj-0006qB-Sj; Mon, 12 Mar 2018 13:19:49 +0000
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57])
 by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from
 <srs0=tain=gc=arm.com=julien.grall@srs-us1.protection.inumbo.net>)
 id 1evNMi-0006pv-Rq
 for xen-devel@lists.xenproject.org; Mon, 12 Mar 2018 13:19:48 +0000
X-Inumbo-ID: 0632a119-25f8-11e8-8248-2fda3a446a53
Received: from foss.arm.com (unknown [217.140.101.70])
 by us1-amaz-eas1.inumbo.com (Halon) with ESMTP
 id 0632a119-25f8-11e8-8248-2fda3a446a53;
 Mon, 12 Mar 2018 13:19:42 +0000 (UTC)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A78F91596;
 Mon, 12 Mar 2018 06:19:41 -0700 (PDT)
Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com
 [10.1.206.53])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id
 BB8543F24A; Mon, 12 Mar 2018 06:19:40 -0700 (PDT)
From: julien.grall@arm.com
To: xen-devel@lists.xenproject.org
Date: Mon, 12 Mar 2018 13:19:35 +0000
Message-Id: <20180312131935.31545-1-julien.grall@arm.com>
X-Mailer: git-send-email 2.11.0
Cc: andre.przywara@arm.com, Julien Grall <julien.grall@arm.com>,
 sstabellini@kernel.org
Subject: [Xen-devel] [PATCH] xen/arm: Relax ARM_SMCCC_ARCH_WORKAROUND_1
 discovery
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>, 
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

From: Julien Grall <julien.grall@arm.com>

A recent update to the ARM SMCCC_ARCH_WORKAROUND_1 specification (see [1])
allows firmware to return a non zero, positive value, to describe that
although the mitigation is implemented at the higher exception level,
the CPU on which the call is made is not affected.

Relax the check on the return value from ARM_WORKAROUND_1 so that we
only error out if the returned value is negative.

[1] https://developer.arm.com/support/security-update/downloads
"Firmware interfaces for mitigating CVE-2017-5715 System Software on Arm
Systems"

Signed-off-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
---
    This patch should be backported as part of XSA-254.

    There are potential more optimization to do as part of this
    relaxation. For instance, we dropping the CPU ID recognition and
    only look ad the SMCCC.
---
 xen/arch/arm/cpuerrata.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c
index 4eb1567589..1baa20654b 100644
--- a/xen/arch/arm/cpuerrata.c
+++ b/xen/arch/arm/cpuerrata.c
@@ -168,7 +168,8 @@ static int enable_smccc_arch_workaround_1(void *data)
 
     arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID,
                       ARM_SMCCC_ARCH_WORKAROUND_1_FID, &res);
-    if ( res.a0 != ARM_SMCCC_SUCCESS )
+    /* The return value is in the lower 32-bits. */
+    if ( (int)res.a0 < 0 )
         goto warn;
 
     return !install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start,