| Message ID | 20180412111138.40990-1-mark.rutland@arm.com |
|---|---|
| Headers | show |
| Series | arm64 spectre patches | expand |
On 04/12/2018 04:10 AM, Mark Rutland wrote: > Hi Greg, > > These patches backport arm64 spectre mitigations to v4.9.y (based on 4.9.93). > > I've done this backport from scratch, following the patches in the arm64 kpti > branch [1] (which contrary to its name, also has spectre patches intended for > backporting). > > To the best of my understanding the code is correct, in the context of the > v4.9.y kernel, and I've tested the series on arm64 hardware available to me, > using firmware with SMCCC 1.1 and branch predictor mitigations. > > I've Cc'd the usual suspects for testing. For anyone willing to test this, I've > pushed this out to the stable/4.9.y/spectre branch of my kernel.org repo [2]. > > Note that I've left off the Qualcomm Falkor patches, as it was pointed out that > necessary errata workarounds for Falkor were never backported, and thus I > assume that no-one is using v4.9.y on Falkor parts. Shanker, do you have any > idea whether people are using v4.9.y on Falkor? > > Thanks, > Mark. I've run this series on hikey on top of vanilla 4.9.93 (boots AOSP to serial shell) and android-linaro-hikey-4.9 (boots AOSP to home screen), with both SMCCC 1.0 and SMCCC 1.1 firmware. Tested-by: Greg Hackmann <ghackmann@google.com>
On Thu, Apr 12, 2018 at 12:10:56PM +0100, Mark Rutland wrote: > Hi Greg, > > These patches backport arm64 spectre mitigations to v4.9.y (based on 4.9.93). > > I've done this backport from scratch, following the patches in the arm64 kpti > branch [1] (which contrary to its name, also has spectre patches intended for > backporting). > > To the best of my understanding the code is correct, in the context of the > v4.9.y kernel, and I've tested the series on arm64 hardware available to me, > using firmware with SMCCC 1.1 and branch predictor mitigations. > > I've Cc'd the usual suspects for testing. For anyone willing to test this, I've > pushed this out to the stable/4.9.y/spectre branch of my kernel.org repo [2]. > > Note that I've left off the Qualcomm Falkor patches, as it was pointed out that > necessary errata workarounds for Falkor were never backported, and thus I > assume that no-one is using v4.9.y on Falkor parts. Shanker, do you have any > idea whether people are using v4.9.y on Falkor? I've taken all of these now except the futex patch which did not apply. thanks, greg k-h
Hi Greg, These patches backport arm64 spectre mitigations to v4.9.y (based on 4.9.93). I've done this backport from scratch, following the patches in the arm64 kpti branch [1] (which contrary to its name, also has spectre patches intended for backporting). To the best of my understanding the code is correct, in the context of the v4.9.y kernel, and I've tested the series on arm64 hardware available to me, using firmware with SMCCC 1.1 and branch predictor mitigations. I've Cc'd the usual suspects for testing. For anyone willing to test this, I've pushed this out to the stable/4.9.y/spectre branch of my kernel.org repo [2]. Note that I've left off the Qualcomm Falkor patches, as it was pointed out that necessary errata workarounds for Falkor were never backported, and thus I assume that no-one is using v4.9.y on Falkor parts. Shanker, do you have any idea whether people are using v4.9.y on Falkor? Thanks, Mark. [1] https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti [2] git://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git stable/4.9.y/spectre Catalin Marinas (1): arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro James Morse (1): arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early Jayachandran C (1): arm64: Branch predictor hardening for Cavium ThunderX2 Laura Abbott (1): mm: Introduce lm_alias Marc Zyngier (20): arm64: Move post_ttbr_update_workaround to C code arm64: Move BP hardening to check_and_switch_context arm64: KVM: Use per-CPU vector when BP hardening is enabled arm64: cpu_errata: Allow an erratum to be match for all revisions of a core arm64: KVM: Increment PC after handling an SMC trap arm/arm64: KVM: Consolidate the PSCI include files arm/arm64: KVM: Add PSCI_VERSION helper arm/arm64: KVM: Add smccc accessors to PSCI code arm/arm64: KVM: Implement PSCI 1.0 support arm/arm64: KVM: Advertise SMCCC v1.1 arm64: KVM: Make PSCI_VERSION a fast path arm/arm64: KVM: Turn kvm_psci_version into a static inline arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling firmware/psci: Expose PSCI conduit firmware/psci: Expose SMCCC version through psci_ops arm/arm64: smccc: Make function identifiers an unsigned quantity arm/arm64: smccc: Implement SMCCC v1.1 inline primitive arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support arm64: Kill PSCI_GET_VERSION as a variant-2 workaround Robin Murphy (3): arm64: Implement array_index_mask_nospec() arm64: Make USER_DS an inclusive limit arm64: Use pointer masking to limit uaccess speculation Suzuki K Poulose (1): arm64: Run enable method for errata work arounds on late CPUs Will Deacon (13): arm64: barrier: Add CSDB macros to control data-value prediction arm64: entry: Ensure branch through syscall table is bounded under speculation arm64: uaccess: Prevent speculative use of the current addr_limit arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user arm64: futex: Mask __user pointers prior to dereference arm64: cpufeature: Pass capability structure to ->enable callback drivers/firmware: Expose psci_get_version through psci_ops structure arm64: Add skeleton to harden the branch predictor against aliasing attacks arm64: entry: Apply BP hardening for high-priority synchronous exceptions arm64: entry: Apply BP hardening for suspicious interrupts from EL0 arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 arm64: Implement branch predictor hardening for affected Cortex-A CPUs Yury Norov (1): arm64: move TASK_* definitions to <asm/processor.h> arch/arm/include/asm/kvm_host.h | 6 + arch/arm/include/asm/kvm_mmu.h | 10 + arch/arm/include/asm/kvm_psci.h | 27 - arch/arm/kvm/arm.c | 11 +- arch/arm/kvm/handle_exit.c | 4 +- arch/arm/kvm/psci.c | 143 ++- arch/arm64/Kconfig | 17 + arch/arm64/crypto/sha256-core.S | 2061 ++++++++++++++++++++++++++++++++++++ arch/arm64/crypto/sha512-core.S | 1085 +++++++++++++++++++ arch/arm64/include/asm/assembler.h | 19 + arch/arm64/include/asm/barrier.h | 23 + arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/include/asm/cputype.h | 6 + arch/arm64/include/asm/futex.h | 9 +- arch/arm64/include/asm/kvm_host.h | 5 + arch/arm64/include/asm/kvm_mmu.h | 38 + arch/arm64/include/asm/kvm_psci.h | 27 - arch/arm64/include/asm/memory.h | 15 - arch/arm64/include/asm/mmu.h | 39 + arch/arm64/include/asm/processor.h | 24 + arch/arm64/include/asm/sysreg.h | 2 + arch/arm64/include/asm/uaccess.h | 153 ++- arch/arm64/kernel/Makefile | 4 + arch/arm64/kernel/arm64ksyms.c | 4 +- arch/arm64/kernel/bpi.S | 75 ++ arch/arm64/kernel/cpu_errata.c | 189 +++- arch/arm64/kernel/cpufeature.c | 10 +- arch/arm64/kernel/entry.S | 25 +- arch/arm64/kvm/handle_exit.c | 16 +- arch/arm64/kvm/hyp/hyp-entry.S | 20 +- arch/arm64/kvm/hyp/switch.c | 5 +- arch/arm64/lib/clear_user.S | 6 +- arch/arm64/lib/copy_in_user.S | 4 +- arch/arm64/mm/context.c | 12 + arch/arm64/mm/fault.c | 34 +- arch/arm64/mm/proc.S | 7 +- drivers/firmware/psci.c | 57 +- include/kvm/arm_psci.h | 51 + include/linux/arm-smccc.h | 165 ++- include/linux/mm.h | 4 + include/linux/psci.h | 14 + include/uapi/linux/psci.h | 3 + 42 files changed, 4237 insertions(+), 195 deletions(-) delete mode 100644 arch/arm/include/asm/kvm_psci.h create mode 100644 arch/arm64/crypto/sha256-core.S create mode 100644 arch/arm64/crypto/sha512-core.S delete mode 100644 arch/arm64/include/asm/kvm_psci.h create mode 100644 arch/arm64/kernel/bpi.S create mode 100644 include/kvm/arm_psci.h -- 2.11.0