From patchwork Thu Feb 15 15:02:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 128458 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp1846858ljc; Thu, 15 Feb 2018 07:05:42 -0800 (PST) X-Google-Smtp-Source: AH8x224A0Mc+925GJ5tlJ3cejAyeIPVNEwmowtNFjy+X+3e3Y0OxbjOcWDus7zBpPXIL4SvAlWFF X-Received: by 10.202.237.212 with SMTP id l203mr2104827oih.109.1518707142448; Thu, 15 Feb 2018 07:05:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518707142; cv=none; d=google.com; s=arc-20160816; b=K+cyBMWva0GYAmhil+KUgDRBOB7KWxZtk+LzeSqjjGMcttUoUjVNB78Ndqzt5iBt0K E8T6P/2Dl4C4nnbKPmNlQlfRphYgXe+GYn70JReao6skTu3/j0C7hLp2bGn3gZ7cVmqk P73enBogUrUom3TvOXzEjwkVrzbyUjUCd/8rPwW0NTWMZP/4T99t+yS2dKhitjIcXSyL +WuIdQ4pdH0gkonC1M7wI+vNUaOCMXeoyJW+ZCLD4DnO0Encnr9rn7kTI20w/KQfqIxI KSGd5ro4TTTP2m9Igg3r42Zp8vsE1W7KwSUgmCnEn4XZMxIVNqSXQOl5OkKaQisK+sgC zLcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:cc:references:in-reply-to:message-id:date:to :from:arc-authentication-results; bh=U+oZkLsBlRLmtnn2hTxx13JA6R04LAD3RBFXU5kKoP0=; b=MjPBv6BsacspgYv4mdJWG6yL4+3PsbfD/Ve9MJRYpxFUVvDoE/xNvXwiIEBcE1PU+l Iv5Lw8NDvrOcH5sBMOk21sahYVP2YmYLGykkDTNV2Bls0uvguni+paqDNI7hydelGE67 2j7eboiyfJN30j8rjx82ToMog90r/zoJ0BfWLiRzUz2zwRDOLu7qFUkCi+lwSbFXi2bb wmJ1PJ0QdWvlsrrooyPvcN/L/XtWsGSitrQrGl9WxngtOg2JxR4FmAMQ194EAzV8TKmn Hl5nYWsAFMdMSnRbs12fz8soe2sLJaJkfxN80eBhCOxzVZhp9togccJbp/+wJ674mpdF tLFw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id o205si8179234itd.161.2018.02.15.07.05.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Feb 2018 07:05:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1emL4C-00024n-O2; Thu, 15 Feb 2018 15:03:20 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1emL4B-0001zt-LZ for xen-devel@lists.xen.org; Thu, 15 Feb 2018 15:03:19 +0000 X-Inumbo-ID: 85ef62c7-1261-11e8-b9b1-635ca7ef6cff Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id 85ef62c7-1261-11e8-b9b1-635ca7ef6cff; Thu, 15 Feb 2018 15:04:30 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B1CBC15BF; Thu, 15 Feb 2018 07:03:12 -0800 (PST) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id A2A9E3F41F; Thu, 15 Feb 2018 07:03:11 -0800 (PST) From: Julien Grall To: xen-devel@lists.xen.org Date: Thu, 15 Feb 2018 15:02:41 +0000 Message-Id: <20180215150248.28922-11-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180215150248.28922-1-julien.grall@arm.com> References: <20180215150248.28922-1-julien.grall@arm.com> Cc: Julien Grall , sstabellini@kernel.org, volodymyr_babchuk@epam.com, andre.przywara@linaro.org Subject: [Xen-devel] [PATCH v3 10/17] xen/arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Add the detection and runtime code for ARM_SMCCC_ARCH_WORKAROUND_1. Signed-off-by: Julien Grall Reviewed-by: Volodymyr Babchuk Reviewed-by: Stefano Stabellini --- Changes in v3: - Add the missing call to smc #0. Changes in v2: - Patch added --- xen/arch/arm/arm64/bpi.S | 13 +++++++++++++ xen/arch/arm/cpuerrata.c | 32 +++++++++++++++++++++++++++++++- xen/include/asm-arm/smccc.h | 1 + 3 files changed, 45 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/arm64/bpi.S b/xen/arch/arm/arm64/bpi.S index 4b7f1dc21f..981fb83a88 100644 --- a/xen/arch/arm/arm64/bpi.S +++ b/xen/arch/arm/arm64/bpi.S @@ -16,6 +16,8 @@ * along with this program. If not, see . */ +#include + .macro ventry target .rept 31 nop @@ -81,6 +83,17 @@ ENTRY(__psci_hyp_bp_inval_start) add sp, sp, #(8 * 18) ENTRY(__psci_hyp_bp_inval_end) +ENTRY(__smccc_workaround_1_smc_start) + sub sp, sp, #(8 * 4) + stp x2, x3, [sp, #(8 * 0)] + stp x0, x1, [sp, #(8 * 2)] + mov w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID + smc #0 + ldp x2, x3, [sp, #(8 * 0)] + ldp x0, x1, [sp, #(8 * 2)] + add sp, sp, #(8 * 4) +ENTRY(__smccc_workaround_1_smc_end) + /* * Local variables: * mode: ASM diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 8d5f8d372a..dec9074422 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -147,6 +147,34 @@ install_bp_hardening_vec(const struct arm_cpu_capabilities *entry, return ret; } +extern char __smccc_workaround_1_smc_start[], __smccc_workaround_1_smc_end[]; + +static bool +check_smccc_arch_workaround_1(const struct arm_cpu_capabilities *entry) +{ + struct arm_smccc_res res; + + /* + * Enable callbacks are called on every CPU based on the + * capabilities. So double-check whether the CPU matches the + * entry. + */ + if ( !entry->matches(entry) ) + return false; + + if ( smccc_ver < SMCCC_VERSION(1, 1) ) + return false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, + ARM_SMCCC_ARCH_WORKAROUND_1_FID, &res); + if ( res.a0 != ARM_SMCCC_SUCCESS ) + return false; + + return install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start, + __smccc_workaround_1_smc_end, + "call ARM_SMCCC_ARCH_WORKAROUND_1"); +} + extern char __psci_hyp_bp_inval_start[], __psci_hyp_bp_inval_end[]; static int enable_psci_bp_hardening(void *data) @@ -154,12 +182,14 @@ static int enable_psci_bp_hardening(void *data) bool ret = true; static bool warned = false; + if ( check_smccc_arch_workaround_1(data) ) + return 0; /* * The mitigation is using PSCI version function to invalidate the * branch predictor. This function is only available with PSCI 0.2 * and later. */ - if ( psci_ver >= PSCI_VERSION(0, 2) ) + else if ( psci_ver >= PSCI_VERSION(0, 2) ) ret = install_bp_hardening_vec(data, __psci_hyp_bp_inval_start, __psci_hyp_bp_inval_end, "call PSCI get version"); diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index 154772b728..8342cc33fe 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -261,6 +261,7 @@ struct arm_smccc_res { /* SMCCC error codes */ #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) #define ARM_SMCCC_NOT_SUPPORTED (-1) +#define ARM_SMCCC_SUCCESS (0) /* SMCCC function identifier range which is reserved for existing APIs */ #define ARM_SMCCC_RESERVED_RANGE_START 0x0