From patchwork Wed Feb 27 01:05:43 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeremy Linton <jeremy.linton@arm.com>
X-Patchwork-Id: 159250
Delivered-To: patch@linaro.org
Received: by 2002:a02:5cc1:0:0:0:0:0 with SMTP id w62csp3851657jad;
 Tue, 26 Feb 2019 17:06:17 -0800 (PST)
X-Google-Smtp-Source: AHgI3IaaCmg0dkt5OrAMo7b+snrm502TcP5WSsXSPHQbj/5GvGIuUGTutqZW4QqLAtyE9Qt8dKqy
X-Received: by 2002:a17:902:42e4:: with SMTP id
 h91mr29673017pld.18.1551229577005; 
 Tue, 26 Feb 2019 17:06:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1551229576; cv=none;
 d=google.com; s=arc-20160816;
 b=TtqFpbYiofnNMxomIb2Iv7Zng4FgDa3nQFAyGFejJqFZAtIdKLrrNKS0OnRHCq8Cy/
 E7OaSTJHLeE86Z+eRWCe0tldUNs6ieHzkjSivr2KJMymFmwCSHuNw87aGroZRaizvXoP
 pbE7qxP3hiLkQxwbIsP56HxW030fW9lAb/+R4vKlfEaswHd3JRpZKS0Bcpb8Txsno/BN
 b30/ILpa1yYrL8m2OM+6kze9WD1SwXAgYotczOjoFiNl2v+MfFv/G88i4zEmqgmeXadM
 wVVy7R1zVcz7kDIuDQoW6lD3+lxM2jSKAdA1A++CzJ9ctzYNhVw3lSlNE3Hk9uPR7z2q
 djDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:sender:references:in-reply-to:message-id:date
 :subject:cc:to:from;
 bh=ko7VOjYkTxEk3ajFDcWnP8ZT8qL1w1mPzsQLYQE0gl8=;
 b=QK0wA+IqHPUMfSBxfN4f2ZykA3OlGcvd9/t3j+wa/n9LlGrit+xbNUF0xEtEwMpH4e
 TzUqMfmr555bU+jL5Gr/0WvlsTMz8YDIp22S0mX3M9sXK1L9zqSl6CeTVUMLlnXjzORD
 aRbNkNB5AI/gI0PkCZpk8BZnZPo6B85RwXuT9ZLK15kQDScwRiTC5ep2ScGmzWGPFDQ3
 7SK48+Acnb9RG/6/5dJT3MGSRzTNQ+h8MDf81tl+gOHJZmmOW/f83eLYLDVmZ4PYqqtY
 erEXx2U6m+bAtPzg4jrSK5rOw++AkT3wK/U4uDd85iTOfGjTzqV6SP3630is9yZfGqs/
 qo/g==
ARC-Authentication-Results: i=1; mx.google.com;
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 f89si10836843plb.20.2019.02.26.17.06.16; 
 Tue, 26 Feb 2019 17:06:16 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1729607AbfB0BGP (ORCPT <rfc822;mike.holmes@linaro.org>
 + 31 others); Tue, 26 Feb 2019 20:06:15 -0500
Received: from foss.arm.com ([217.140.101.70]:55694 "EHLO foss.arm.com"
 rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
 id S1729580AbfB0BGL (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
 Tue, 26 Feb 2019 20:06:11 -0500
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 54DBA1AED;
 Tue, 26 Feb 2019 17:06:11 -0800 (PST)
Received: from beelzebub.austin.arm.com (beelzebub.austin.arm.com
 [10.118.12.119])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id
 B66793F5C1; Tue, 26 Feb 2019 17:06:10 -0800 (PST)
From: Jeremy Linton <jeremy.linton@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com,
 suzuki.poulose@arm.com, Dave.Martin@arm.com,
 shankerd@codeaurora.org, julien.thierry@arm.com,
 mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com,
 linux-kernel@vger.kernel.org, Jeremy Linton <jeremy.linton@arm.com>
Subject: [PATCH v5 09/10] arm64: add sysfs vulnerability show for
 speculative store bypass
Date: Tue, 26 Feb 2019 19:05:43 -0600
Message-Id: <20190227010544.597579-10-jeremy.linton@arm.com>
X-Mailer: git-send-email 2.17.2
In-Reply-To: <20190227010544.597579-1-jeremy.linton@arm.com>
References: <20190227010544.597579-1-jeremy.linton@arm.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Return status based on ssbd_state and the arm64 SSBS feature. If
the mitigation is disabled, or the firmware isn't responding then
return the expected machine state based on a new blacklist of known
vulnerable cores.

Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
---
 arch/arm64/kernel/cpu_errata.c | 43 ++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

-- 
2.20.1

diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 5f5611d17dc1..e1b03f643799 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -279,6 +279,7 @@ static int detect_harden_bp_fw(void)
 DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required);
 
 int ssbd_state __read_mostly = ARM64_SSBD_KERNEL;
+static bool __ssb_safe = true;
 
 static const struct ssbd_options {
 	const char	*str;
@@ -387,6 +388,9 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 
 	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
 
+	if (is_midr_in_range_list(read_cpuid_id(), entry->midr_range_list))
+		__ssb_safe = false;
+
 	if (this_cpu_has_cap(ARM64_SSBS)) {
 		required = false;
 		goto out_printmsg;
@@ -420,6 +424,7 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 		ssbd_state = ARM64_SSBD_UNKNOWN;
 		return false;
 
+	/* machines with mixed mitigation requirements must not return this */
 	case SMCCC_RET_NOT_REQUIRED:
 		pr_info_once("%s mitigation not required\n", entry->desc);
 		ssbd_state = ARM64_SSBD_MITIGATED;
@@ -475,6 +480,16 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
 	return required;
 }
 
+/* known vulnerable cores */
+static const struct midr_range arm64_ssb_cpus[] = {
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
+	MIDR_ALL_VERSIONS(MIDR_CORTEX_A76),
+	{},
+};
+
 static void __maybe_unused
 cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused)
 {
@@ -770,6 +785,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
 		.capability = ARM64_SSBD,
 		.type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
 		.matches = has_ssbd_mitigation,
+		.midr_range_list = arm64_ssb_cpus,
 	},
 #ifdef CONFIG_ARM64_ERRATUM_1188873
 	{
@@ -808,3 +824,30 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
 
 	return sprintf(buf, "Vulnerable\n");
 }
+
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+		struct device_attribute *attr, char *buf)
+{
+	/*
+	 *  Two assumptions: First, ssbd_state reflects the worse case
+	 *  for hetrogenous machines, and that if SSBS is supported its
+	 *  supported by all cores.
+	 */
+	switch (ssbd_state) {
+	case ARM64_SSBD_MITIGATED:
+		return sprintf(buf, "Not affected\n");
+
+	case ARM64_SSBD_KERNEL:
+	case ARM64_SSBD_FORCE_ENABLE:
+		if (cpus_have_cap(ARM64_SSBS))
+			return sprintf(buf, "Not affected\n");
+		if (IS_ENABLED(CONFIG_ARM64_SSBD))
+			return sprintf(buf,
+			    "Mitigation: Speculative Store Bypass disabled\n");
+	}
+
+	if (__ssb_safe)
+		return sprintf(buf, "Not affected\n");
+
+	return sprintf(buf, "Vulnerable\n");
+}