From patchwork Tue Jun 12 11:36:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138325 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234953lji; Tue, 12 Jun 2018 04:39:30 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJKfOypDzqnJ2V/GQ499VyMx7YxqrhIMQYoKS3R1k8NrtkR0M/9x/WUBvuOJRrLjQ0BZgBV X-Received: by 2002:a24:5106:: with SMTP id s6-v6mr1559ita.134.1528803570734; Tue, 12 Jun 2018 04:39:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803570; cv=none; d=google.com; s=arc-20160816; b=xgLK7aXglg7StBx6MSFpomLFBW4GcqPVC6VF82Tld0ee5BdJoGKnQKfc2Qm/H21cmc 3fB8dvwClsyh942NS8wDYjUB5AAhOYLiOXy8DhAyQY45UEbMooL/BYGPaflmXu/ZbTV0 bTStaA37wUJHSE7PIC8fuq93T07eU2VR6pwj6Cp7l/61XwNiyCk2oaBexqpTLKMhYamW yj+Aod+Xlra23k/aFGBes5OUwmm8/hyuxYEjcqYXLuFa5QJep3J+dKSQ2w80ZCRzbrW/ 8rJ9z8PFLP/5Ln+PWD8bBYFqKhdu59Hx16CmvHaDNkuzyHIftSTqP7eQAj1mK2R+tYH/ kQEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=kGUvn+YzMUEs/mY6yuKz3mbCWZYR/jFVUUlNWXLx8nQ=; b=y6DXcJrU/gJIItckA+5v0reDkv+oo3npPKzr09+BxSTuJ4BUecu7WFhgxNrJE/35y3 jxANrPy9x0Vl91WOKjdGoVOd9+XNzAvFFPdKegy6eWPEGGE4C8JPeBbErTni0J3rzxEK dpQlZneCcnagFiqpV5QFkkghgwaJjtm/wszjVifFWZaNoLj0eK62SCc5u42rbtOSQ8mF iOMassQcBBYDaAv/1QlhdNYIa7bGaUO8gwgFEvGRJ4d1SFt+lqyKHdM/xlflClQu7QVX XULKoEha706E3qZgLR++iMJSWQLoi1bkXY2DbnFGMVrIoXp7ryEhDFJIvp+M7uHEvORL ry6g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id n2-v6si654642iob.275.2018.06.12.04.39.30 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbZ-0000oJ-K7; Tue, 12 Jun 2018 11:36:53 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbX-0000nx-Re for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:51 +0000 X-Inumbo-ID: e8ee686d-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id e8ee686d-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:36:56 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 2FC6C1596; Tue, 12 Jun 2018 04:36:51 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 45D633F318; Tue, 12 Jun 2018 04:36:50 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:31 +0100 Message-Id: <20180612113643.32020-2-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 01/13] xen/arm: domain: Zero the per-vCPU cpu_info X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" A stack is allocated per vCPU to be used by Xen. The allocation is done with alloc_xenheap_pages that does not zero the memory returned. However the top of the stack is containing information that will be used to store the initial state of the vCPU (see struct cpu_info). Some of the fields may not be initialized and will lead to use/leak bits of previous memory in some cases on the first run of vCPU (AFAICT this only happen on vCPU0 for Dom0). This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v3: - Add stefano's reviewed-by Changes in v2: - Zero only cpu_info --- xen/arch/arm/domain.c | 1 + 1 file changed, 1 insertion(+) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index ec0f042bf7..5a2a9a6b83 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -550,6 +550,7 @@ int vcpu_initialise(struct vcpu *v) v->arch.cpu_info = (struct cpu_info *)(v->arch.stack + STACK_SIZE - sizeof(struct cpu_info)); + memset(v->arch.cpu_info, 0, sizeof(*v->arch.cpu_info)); memset(&v->arch.saved_context, 0, sizeof(v->arch.saved_context)); v->arch.saved_context.sp = (register_t)v->arch.cpu_info; From patchwork Tue Jun 12 11:36:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138324 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234938lji; Tue, 12 Jun 2018 04:39:30 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJBTbsgvnrUEwPGN+ClHIAbIpnEcGNhvu8laOqx0sN2qIXd2AwY1ryNx8r8+eT1TfpC9zLI X-Received: by 2002:a24:d105:: with SMTP id w5-v6mr13194itg.64.1528803569971; Tue, 12 Jun 2018 04:39:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803569; cv=none; d=google.com; s=arc-20160816; b=tebvdlujOoVKmXKbG8Qtb+TdrFIJVfRmmR5bKd6VjE/rFXpeDblgZ+uEq+RgyimoyZ eYzlEHKyG4iN9DaO5TuKXhK9L8ci8iBneyBI96OFIRlnMy8nBjscj927vAU+qGlE97QD mZkXMoagA1AirslfVTpWBm7O/NuOFzotMthC0EjFmjH/WuoclH9D48jbbZmrbewG8UWR kt/xBxJyvmABV//X5ZFWK/fxIL0gCNA2hIl2dxD7OHycKKmA37DozWada0P0zS3yM7/2 ISqb1HsAHwqHGUaNP7ly0z8dbM4aHQl7vkZO+L6P6wgFxHQhoWT3GDF6CDWan7rxBUJ0 kTEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=Fxa+kXEmk4az94pHPhbvYCdcgdNXelYaOFTEHWMD0lU=; b=nW+hpfcU1gc7cpx3Q4Vc5BKGTtyi+uf+H3rzmnHCu94In5q5EnxhXoLpgX5HceOaSV Pi8StLlsYKn+3vEyChrmwM3z5kYtJn2AjFlCaGyDeuVpvvRsQDP8y1EeNaGt8e6hIhNk rYlaq159WpxMFqfcy2wSEtHom83+t4YfyidY2bbCkHkvU07Hp07iGSIlufxIV0P4Aa12 DANv29NdTYrdMpA3uahB/2HEhnzREK2Pcx85J4TVypsN2TMiwb0O3mhabLru4be5FbDn WVdA9jfhv56kj0uh94dTiAnH9U1hYdCVoO9+D1l0MZ4TGFHvCtSrt/smF5QSqpHOhS6A YIZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id f25-v6si654003iog.231.2018.06.12.04.39.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbb-0000ok-3r; Tue, 12 Jun 2018 11:36:55 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbZ-0000o8-1H for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:53 +0000 X-Inumbo-ID: e99ef133-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id e99ef133-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:36:57 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5811F1435; Tue, 12 Jun 2018 04:36:52 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6E0073F318; Tue, 12 Jun 2018 04:36:51 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:32 +0100 Message-Id: <20180612113643.32020-3-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 02/13] xen/arm64: entry: Use named label in guest_sync X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This will improve readability for future changes. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/arm64/entry.S | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index ffa9a1c492..e2344e565f 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -226,11 +226,11 @@ guest_sync: mrs x1, esr_el2 lsr x1, x1, #HSR_EC_SHIFT /* x1 = ESR_EL2.EC */ cmp x1, #HSR_EC_HVC64 - b.ne 1f /* Not a HVC skip fastpath. */ + b.ne guest_sync_slowpath /* Not a HVC skip fastpath. */ mrs x1, esr_el2 and x1, x1, #0xffff /* Check the immediate [0:16] */ - cbnz x1, 1f /* should be 0 for HVC #0 */ + cbnz x1, guest_sync_slowpath /* should be 0 for HVC #0 */ /* * Fastest path possible for ARM_SMCCC_ARCH_WORKAROUND_1. @@ -241,7 +241,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, 1f + cbnz w0, guest_sync_slowpath /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,7 +250,7 @@ guest_sync: mov x1, xzr eret -1: +guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid * to save them. From patchwork Tue Jun 12 11:36:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138327 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234984lji; Tue, 12 Jun 2018 04:39:31 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIRCCXcX7uCxmj8o8sNvkPSqoemq3QgGFG/VcPSMlA4kvd6Y6+jKNgrm93WSEyWNYOxWGxe X-Received: by 2002:a24:3c42:: with SMTP id m63-v6mr862ita.138.1528803571710; Tue, 12 Jun 2018 04:39:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803571; cv=none; d=google.com; s=arc-20160816; b=eXDyfQUI3r95hD5Y+9UyO+cIDFvCYEQRmacsPc3PoFQnmku1zX+RdWBjKzpKhR4AKl GatvGXwQhHLA8OipxboqVBqJwAWf5M78bQViYEpDSoiKiQ68NNsbyQbPWIcqPGqzh4WE 5pXAgY55WMKBZulhRG+hkUnUrgLO3Rf1Mr+9sMBp6uUpofiLTnquemY6QwVkbodGA85A Q/Fhfrn98sE0faaY9NXRSI7pIUZBtagKcabzqhFhaVjPWxUAl48sy7MC/woFLUlkpmyH 1BkRZGZw2iS915tiRpo+geAwbDWY8S5ElQWFGRHFeSuClGaBtqgxo4nRcdfOJ0el0D6V Z5QA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=6CGRcLPipuVN7XDfc4tEVZTA97BzOLB+ZTDTSpkJOf8=; b=zcCbV+ro6Iutd+HE7C1u1xzAh4LIh5NsKAzRSGD4+BMnHR8v/vl9WaAj6K5BUyAGsA kyXTXmdX6DVK1sDSrUsgSTHzJTDgMfPobkMh+THDlikGeF/XShG1NpWEcfnc55eirCSN IYEy0C/Bs0SgqduHexQKjRvHdZ5uvrAMuUMaGwz+PMrdco3PJ2ePpV98RJFqKvb32by+ qkp6DQHO2IYHYZuTcvyRu9lQEfYK9t1/XsKW7VvZkQXNHtdGgKs6LxBqoSdyZ4DA3zHb 6fXgppQrKLrimGuWaRoY0bZTe3Rvckp8qRWNNQldzz05KyHhez1sf4e3WmAndSzYP85h TAtw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id t126-v6si218157ita.74.2018.06.12.04.39.31 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbb-0000os-Ei; Tue, 12 Jun 2018 11:36:55 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShba-0000ob-SJ for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:54 +0000 X-Inumbo-ID: ea50b95c-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id ea50b95c-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:36:58 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 803DF1596; Tue, 12 Jun 2018 04:36:53 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 965243F318; Tue, 12 Jun 2018 04:36:52 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:33 +0100 Message-Id: <20180612113643.32020-4-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 03/13] xen/arm: setup: Check errata for boot CPU later on X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Some errata will rely on the SMCCC version which is detected by psci_init(). This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/setup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 1d6f6bf37e..ac93de4786 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -171,8 +171,6 @@ static void __init processor_id(void) } processor_setup(); - - check_local_cpu_errata(); } void dt_unreserved_regions(paddr_t s, paddr_t e, @@ -779,6 +777,12 @@ void __init start_xen(unsigned long boot_phys_offset, printk(XENLOG_INFO "SMP: Allowing %u CPUs\n", cpus); nr_cpu_ids = cpus; + /* + * Some errata relies on SMCCC version which is detected by psci_init() + * (called from smp_init_cpus()). + */ + check_local_cpu_errata(); + init_xen_time(); gic_init(); From patchwork Tue Jun 12 11:36:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138335 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235140lji; Tue, 12 Jun 2018 04:39:39 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJyii2m8NU0M25THoTssLHTTGeaV0+8QEWSCfeqDXyUEi/ZV1fCPUw0CZbsrN7GpLJChOtQ X-Received: by 2002:a6b:274f:: with SMTP id n76-v6mr3071004ion.259.1528803579298; Tue, 12 Jun 2018 04:39:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803579; cv=none; d=google.com; s=arc-20160816; b=D337kqlNyBnorzOEyDHwf3MDff8KKVZTCx6dlNl5+XU276HyzJLZqv3CaCxNAPNC7K VnwgvezgRviVmWmk6JcnsfEe3g9bc8aUhZ1cd1U+JmE2YoTIFzYJwjFfy1bAsI9Q564G HM4SSSI52FXyAUC95feIssQsELu01o1wMZzWbrYxJC8nWJ8X38zGayfrZOiZsvOMHXac XFzso/LfBw7SAV67AT91HEGBRhhUwrqmu4JZB758T6KoI8or5pOBVj3j25coJs42dIKL oewbaUXbYxYOeVo8nmasVRBdJxyqdUW+RkPfc9yMgkZaLbjHlj9kgUZUdgUb3EtYs5t/ jNTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=yfqBO+97wzbHCKAeMXFp83Yeyqh8RSM+GYwQr192KtY=; b=uwXwIcaOSnT6CJ1eUTmp45PFsGHnhYmsjz2OLkUllnYRv1cmTzKwN0i6UZ69IKvPHy sf3ULmr2tfVXZXi0ltVNqRMBXYsSClNdE5f4dXoEuKqpWbcJdRMmg33yJvMWDvweU5It x2JmBjECEaCwHEue7oaMuBWQ56QKnT5CyIjTE+WEipg0VfEkJmz0ggHO7Yl0QvNFw2PT 8XWd5LMDxa+1WY7BaZd4Hj77qDKHj0jFHp//G28OzgwifrInEFJx3d0c+sKiAvmN85Zc /vlg/u57fWnVDh3pmHhostAD3YoPQ46QjxPynvO00W19hSAhAt5AyZRDRjf9DdmiFOS7 YhRA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id z84-v6si200989itf.70.2018.06.12.04.39.39 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbd-0000pJ-Pz; Tue, 12 Jun 2018 11:36:57 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbc-0000p4-1b for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:56 +0000 X-Inumbo-ID: eb023eba-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id eb023eba-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:36:59 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A85C71435; Tue, 12 Jun 2018 04:36:54 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BE4AB3F318; Tue, 12 Jun 2018 04:36:53 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:34 +0100 Message-Id: <20180612113643.32020-5-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 04/13] xen/arm: Add ARCH_WORKAROUND_2 probing X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" As for Spectre variant-2, we rely on SMCCC 1.1 to provide the discovery mechanism for detecting the SSBD mitigation. A new capability is also allocated for that purpose, and a config option. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v3: - required should be false when then mitigation is not required on a given CPU Changes in v2: - Add the switch in this patch rather than the next one. - s/supported/required/ --- xen/arch/arm/Kconfig | 10 +++++++ xen/arch/arm/cpuerrata.c | 58 ++++++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/cpuerrata.h | 21 +++++++++++++++ xen/include/asm-arm/cpufeature.h | 3 ++- xen/include/asm-arm/smccc.h | 7 +++++ 5 files changed, 98 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 8174c0c635..0e2d027060 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -73,6 +73,16 @@ config SBSA_VUART_CONSOLE Allows a guest to use SBSA Generic UART as a console. The SBSA Generic UART implements a subset of ARM PL011 UART. +config ARM_SSBD + bool "Speculative Store Bypass Disable" if EXPERT = "y" + depends on HAS_ALTERNATIVE + default y + help + This enables mitigation of bypassing of previous stores by speculative + loads. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 1baa20654b..1a6130406c 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -235,6 +235,58 @@ static int enable_ic_inv_hardening(void *data) #endif +#ifdef CONFIG_ARM_SSBD + +/* + * Assembly code may use the variable directly, so we need to make sure + * it fits in a register. + */ +DEFINE_PER_CPU_READ_MOSTLY(register_t, ssbd_callback_required); + +static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) +{ + struct arm_smccc_res res; + bool required; + + if ( smccc_ver < SMCCC_VERSION(1, 1) ) + return false; + + /* + * The probe function return value is either negative (unsupported + * or mitigated), positive (unaffected), or zero (requires + * mitigation). We only need to do anything in the last case. + */ + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, + ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); + + switch ( (int)res.a0 ) + { + case ARM_SMCCC_NOT_SUPPORTED: + return false; + + case ARM_SMCCC_NOT_REQUIRED: + return false; + + case ARM_SMCCC_SUCCESS: + required = true; + break; + + case 1: /* Mitigation not required on this CPU. */ + required = false; + break; + + default: + ASSERT_UNREACHABLE(); + return false; + } + + if ( required ) + this_cpu(ssbd_callback_required) = 1; + + return required; +} +#endif + #define MIDR_RANGE(model, min, max) \ .matches = is_affected_midr_range, \ .midr_model = model, \ @@ -336,6 +388,12 @@ static const struct arm_cpu_capabilities arm_errata[] = { .enable = enable_ic_inv_hardening, }, #endif +#ifdef CONFIG_ARM_SSBD + { + .capability = ARM_SSBD, + .matches = has_ssbd_mitigation, + }, +#endif {}, }; diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index 4e45b237c8..e628d3ff56 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -27,9 +27,30 @@ static inline bool check_workaround_##erratum(void) \ CHECK_WORKAROUND_HELPER(766422, ARM32_WORKAROUND_766422, CONFIG_ARM_32) CHECK_WORKAROUND_HELPER(834220, ARM64_WORKAROUND_834220, CONFIG_ARM_64) +CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +#ifdef CONFIG_ARM_SSBD + +#include + +DECLARE_PER_CPU(register_t, ssbd_callback_required); + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return this_cpu(ssbd_callback_required); +} + +#else + +static inline bool cpu_require_ssbd_mitigation(void) +{ + return false; +} + +#endif + #endif /* __ARM_CPUERRATA_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/cpufeature.h b/xen/include/asm-arm/cpufeature.h index e557a095af..2a5c075d3b 100644 --- a/xen/include/asm-arm/cpufeature.h +++ b/xen/include/asm-arm/cpufeature.h @@ -43,8 +43,9 @@ #define SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT 5 #define SKIP_CTXT_SWITCH_SERROR_SYNC 6 #define ARM_HARDEN_BRANCH_PREDICTOR 7 +#define ARM_SSBD 8 -#define ARM_NCAPS 8 +#define ARM_NCAPS 9 #ifndef __ASSEMBLY__ diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index 8342cc33fe..a6804cec99 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -258,7 +258,14 @@ struct arm_smccc_res { ARM_SMCCC_OWNER_ARCH, \ 0x8000) +#define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x7FFF) + /* SMCCC error codes */ +#define ARM_SMCCC_NOT_REQUIRED (-2) #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) #define ARM_SMCCC_NOT_SUPPORTED (-1) #define ARM_SMCCC_SUCCESS (0) From patchwork Tue Jun 12 11:36:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138332 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235057lji; Tue, 12 Jun 2018 04:39:35 -0700 (PDT) X-Google-Smtp-Source: ADUXVKI3ZX2142zycFnVNyoiozgEy2Xnt4WgkLejUBmZuK7BPBWgnvvWnmFuI5qe5+Q/vZ0GCaYd X-Received: by 2002:a6b:e907:: with SMTP id u7-v6mr31477iof.38.1528803575603; Tue, 12 Jun 2018 04:39:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803575; cv=none; d=google.com; s=arc-20160816; b=MU6E/ecKKXMSemkqR5V6GsIAD0fVlgq1YyAwXwMEb3C6mTfX4KqvYK554WwCLgSWgu DKHOUiLG9nNkIcb6HC2oW0cZEelboxSRPnyH5ap26VSj7huLYagRBd18T0o9BSXBdUNR JmTTUteiJcxh63DqnXTzT+8nT/g6u3xjaNgiDwnNR+/vv3bx9yabp9N7MgriKzSAww1n /OhbvB+NJtfj+WwThnabJ8ROvkGvFdAfcSGF7gWc/lyZeMlNcsYA8uYx8oKt9yGwX8/G fVkPdF+MV1NTeb6Aa3EDwc++Xq5H5+GYHHLIHWATdEtmlQUm8Zcdox8MsqwUy5W0mem1 9ngw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=L+ke3BG7RL0K4tyBcVQjtRpFtBVgZ17l3fKoZFSeUwQ=; b=h02MucLSW+fcRtVNCY7lQGFOTFbWoLUiEVTqJNIN0ide82VzCpa8FKthT4xU9cC4Oy 0WVUmoDs17eZ53buZTrIU3/eq1WSnHyhNRJXOCDMPSCtiRU2WQeFSKeGJQQYk2zQ3MYB cV0nylXZ6d3XqDgm9WUUAtzwop6gVcUklB6MEg4AjbcyKj5H9fec/VW7qDVMkweq9en9 AhaF2YV1N7rZWudo9cXyp7TQ18VeMunwt7Y2UyrcfvX5fGtZBMjbGIfuTQE57UWoohUm 0NbL4k/QMWPVx0tI5qRiuWOeHJwp3STBfj1LoA0N+/2CM2FRbDFhoD8apCV0Q+9xEiyb dJ8g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id a189-v6si774777iog.16.2018.06.12.04.39.35 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbf-0000pU-2z; Tue, 12 Jun 2018 11:36:59 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbd-0000pE-7B for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:57 +0000 X-Inumbo-ID: ebca0218-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id ebca0218-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:00 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id F3B0B1596; Tue, 12 Jun 2018 04:36:55 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E65243F318; Tue, 12 Jun 2018 04:36:54 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:35 +0100 Message-Id: <20180612113643.32020-6-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 05/13] xen/arm: Add command line option to control SSBD mitigation X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" On a system where the firmware implements ARCH_WORKAROUND_2, it may be useful to either permanently enable or disable the workaround for cases where the user decides that they'd rather not get a trap overhead, and keep the mitigation permanently on or off instead of switching it on exception entry/exit. In any case, default to mitigation being enabled. The new command line option is implemented as list of one option to follow x86 option and also allow to extend it more easily in the future. Note that for convenience, the full implemention of the workaround is done in the .matches callback. Lastly, a accessor is provided to know the state of the mitigation. After this patch, there are 3 methods complementing each other to find the state of the mitigation: - The capability ARM_SSBD indicates the platform is affected by the vulnerability. This will also return false if the user decide to force disabled the mitigation (spec-ctrl="ssbd=force-disable"). The capability is useful for putting shortcut in place using alternative. - ssbd_state indicates the global state of the mitigation (e.g unknown, force enable...). The global state is required to report the state to a guest. - The per-cpu ssbd_callback_required indicates whether a pCPU requires to call the SMC. This allows to shortcut SMC call and save an entry/exit to EL3. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v3: - Fix typo in the name Changes in v2: - Move out some code to the previous patch. - Update the commit message with more background --- docs/misc/xen-command-line.markdown | 18 ++++++++ xen/arch/arm/cpuerrata.c | 88 ++++++++++++++++++++++++++++++++++--- xen/include/asm-arm/cpuerrata.h | 21 +++++++++ 3 files changed, 120 insertions(+), 7 deletions(-) diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown index 8712a833a2..962028b6ed 100644 --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -1756,6 +1756,24 @@ enforces the maximum theoretically necessary timeout of 670ms. Any number is being interpreted as a custom timeout in milliseconds. Zero or boolean false disable the quirk workaround, which is also the default. +### spec-ctrl (Arm) +> `= List of [ ssbd=force-disable|runtime|force-enable ]` + +Controls for speculative execution sidechannel mitigations. + +The option `ssbd=` is used to control the state of Speculative Store +Bypass Disable (SSBD) mitigation. + +* `ssbd=force-disable` will keep the mitigation permanently off. The guest +will not be able to control the state of the mitigation. +* `ssbd=runtime` will always turn on the mitigation when running in the +hypervisor context. The guest will be to turn on/off the mitigation for +itself by using the firmware interface ARCH\_WORKAROUND\_2. +* `ssbd=force-enable` will keep the mitigation permanently on. The guest will +not be able to control the state of the mitigation. + +By default SSBD will be mitigated at runtime (i.e `ssbd=runtime`). + ### spec-ctrl (x86) > `= List of [ , xen=, {pv,hvm,msr-sc,rsb}=, > bti-thunk=retpoline|lfence|jmp, {ibrs,ibpb,ssbd}= ]` diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 1a6130406c..4292008692 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -237,6 +237,41 @@ static int enable_ic_inv_hardening(void *data) #ifdef CONFIG_ARM_SSBD +enum ssbd_state ssbd_state = ARM_SSBD_RUNTIME; + +static int __init parse_spec_ctrl(const char *s) +{ + const char *ss; + int rc = 0; + + do { + ss = strchr(s, ','); + if ( !ss ) + ss = strchr(s, '\0'); + + if ( !strncmp(s, "ssbd=", 5) ) + { + s += 5; + + if ( !strncmp(s, "force-disable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_DISABLE; + else if ( !strncmp(s, "runtime", ss - s) ) + ssbd_state = ARM_SSBD_RUNTIME; + else if ( !strncmp(s, "force-enable", ss - s) ) + ssbd_state = ARM_SSBD_FORCE_ENABLE; + else + rc = -EINVAL; + } + else + rc = -EINVAL; + + s = ss + 1; + } while ( *ss ); + + return rc; +} +custom_param("spec-ctrl", parse_spec_ctrl); + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. @@ -251,20 +286,17 @@ static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) if ( smccc_ver < SMCCC_VERSION(1, 1) ) return false; - /* - * The probe function return value is either negative (unsupported - * or mitigated), positive (unaffected), or zero (requires - * mitigation). We only need to do anything in the last case. - */ arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, ARM_SMCCC_ARCH_WORKAROUND_2_FID, &res); switch ( (int)res.a0 ) { case ARM_SMCCC_NOT_SUPPORTED: + ssbd_state = ARM_SSBD_UNKNOWN; return false; case ARM_SMCCC_NOT_REQUIRED: + ssbd_state = ARM_SSBD_MITIGATED; return false; case ARM_SMCCC_SUCCESS: @@ -280,8 +312,49 @@ static bool has_ssbd_mitigation(const struct arm_cpu_capabilities *entry) return false; } - if ( required ) - this_cpu(ssbd_callback_required) = 1; + switch ( ssbd_state ) + { + case ARM_SSBD_FORCE_DISABLE: + { + static bool once = true; + + if ( once ) + printk("%s disabled from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + required = false; + + break; + } + + case ARM_SSBD_RUNTIME: + if ( required ) + { + this_cpu(ssbd_callback_required) = 1; + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + } + + break; + + case ARM_SSBD_FORCE_ENABLE: + { + static bool once = true; + + if ( once ) + printk("%s forced from command-line\n", entry->desc); + once = false; + + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + required = true; + + break; + } + + default: + ASSERT_UNREACHABLE(); + return false; + } return required; } @@ -390,6 +463,7 @@ static const struct arm_cpu_capabilities arm_errata[] = { #endif #ifdef CONFIG_ARM_SSBD { + .desc = "Speculative Store Bypass Disabled", .capability = ARM_SSBD, .matches = has_ssbd_mitigation, }, diff --git a/xen/include/asm-arm/cpuerrata.h b/xen/include/asm-arm/cpuerrata.h index e628d3ff56..55ddfda272 100644 --- a/xen/include/asm-arm/cpuerrata.h +++ b/xen/include/asm-arm/cpuerrata.h @@ -31,10 +31,26 @@ CHECK_WORKAROUND_HELPER(ssbd, ARM_SSBD, CONFIG_ARM_SSBD) #undef CHECK_WORKAROUND_HELPER +enum ssbd_state +{ + ARM_SSBD_UNKNOWN, + ARM_SSBD_FORCE_DISABLE, + ARM_SSBD_RUNTIME, + ARM_SSBD_FORCE_ENABLE, + ARM_SSBD_MITIGATED, +}; + #ifdef CONFIG_ARM_SSBD #include +extern enum ssbd_state ssbd_state; + +static inline enum ssbd_state get_ssbd_state(void) +{ + return ssbd_state; +} + DECLARE_PER_CPU(register_t, ssbd_callback_required); static inline bool cpu_require_ssbd_mitigation(void) @@ -49,6 +65,11 @@ static inline bool cpu_require_ssbd_mitigation(void) return false; } +static inline enum ssbd_state get_ssbd_state(void) +{ + return ARM_SSBD_UNKNOWN; +} + #endif #endif /* __ARM_CPUERRATA_H__ */ From patchwork Tue Jun 12 11:36:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138323 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234933lji; Tue, 12 Jun 2018 04:39:29 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLcZ/F7Fv4NwbB8g6E6O5L88IX7cTbJFBU9HWe4X3FhIzxLLnccVmhgUCmIq2vb9AARrp8S X-Received: by 2002:a6b:cb08:: with SMTP id b8-v6mr15304iog.128.1528803569771; Tue, 12 Jun 2018 04:39:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803569; cv=none; d=google.com; s=arc-20160816; b=f8bUDizRN8x+D2FkZ1YxH52QC8l9lt/J267Kw0XSqU2VdwyILlfKF1T1q6QOOEoPCE lqELg9bPAdaXdxyNGAwlxZuRDElKQRy0ULUcIZCGkkSb6DN6yhnxnTFdaLsYMT8/NRQG yDWNddzjW+7QGKv/rN6D8QwRN+ppaa6lZRg9RhGDFDe0PuDAy14uBQwkAjSF8wWK82Xz TshFvy85nJl3p8TPVvmHzadz/UfSaQUC22Ag2KFfBGuZ31PC9oW1pLSetWmbH4h1C294 E9z9eTWFi0fbzXNIyvIuSDRo9nL60jencZUuU91kogCl9Shzz9mxVFLqbIt+xhOVOL3H xIAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=9G8d0NO1xOoY3fhf6GKQPOqUbkAEQ/ghdfT0O8c3udY=; b=HwtcXmszY8bkQprDPxQuF8M3fH+duWAB5QLUTmC5DfkPMQFy5bJLJsm7YM0EB1IKEP FJFzLSwr5MhKzc3rva5WcMZ/KzOjhpJ2ohzJHVre5elwBhSxvVoa8L1VG9dM1lR6esSX PC+3YkTP93COR93PiJXgdFAXGA9S+NrOav/gabCX4Zvkmz/mGZqINQ2MNQXfvjQdNl82 rK5AfFaNZYQGKjvcwIIiYjUwuTSTb5diHIYFFXAfRCq8szHPYemsQAoEtze36N2xu17t 2+Jhubg2wmput/RWdsmNnGblD4RlRkOSvTbePleDwy72/MpR29SNEOR5j3LUcYL8ltLs 7LXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id o136-v6si209603itg.30.2018.06.12.04.39.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbf-0000pm-Ef; Tue, 12 Jun 2018 11:36:59 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbe-0000pP-R3 for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:36:58 +0000 X-Inumbo-ID: 93129215-6e34-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 93129215-6e34-11e8-9728-bc764e045a96; Tue, 12 Jun 2018 13:34:32 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 27A8A1435; Tue, 12 Jun 2018 04:36:57 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3DB493F318; Tue, 12 Jun 2018 04:36:56 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:36 +0100 Message-Id: <20180612113643.32020-7-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 06/13] xen/arm: Add ARCH_WORKAROUND_2 support for guests X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In order to offer ARCH_WORKAROUND_2 support to guests, we need to track the state of the workaround per-vCPU. The field 'pad' in cpu_info is now repurposed to store flags easily accessible in assembly. As the hypervisor will always run with the workaround enabled, we may need to enable (on guest exit) or disable (on guest entry) the workaround. A follow-up patch will add fastpath for the workaround for arm64 guests. Note that check_workaround_ssbd() is used instead of ssbd_get_state() because the former is implemented using an alternative. Thefore the code will be shortcut on affected platform. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v3: - Add Stefano's reviewed-by Changes in v2: - Fix the condition in need_ssbd_flip() --- xen/arch/arm/domain.c | 8 ++++++++ xen/arch/arm/traps.c | 20 ++++++++++++++++++++ xen/arch/arm/vsmc.c | 37 +++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/current.h | 6 +++++- 4 files changed, 70 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index 5a2a9a6b83..4baecc2447 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include @@ -572,6 +573,13 @@ int vcpu_initialise(struct vcpu *v) if ( (rc = vcpu_vtimer_init(v)) != 0 ) goto fail; + /* + * The workaround 2 (i.e SSBD mitigation) is enabled by default if + * supported. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + v->arch.cpu_info->flags |= CPUINFO_WORKAROUND_2_FLAG; + return rc; fail: diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 5c18e918b0..315fc61f77 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2011,10 +2011,23 @@ inject_abt: inject_iabt_exception(regs, gva, hsr.len); } +static inline bool needs_ssbd_flip(struct vcpu *v) +{ + if ( !check_workaround_ssbd() ) + return false; + + return !(v->arch.cpu_info->flags & CPUINFO_WORKAROUND_2_FLAG) && + cpu_require_ssbd_mitigation(); +} + static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + /* If the guest has disabled the workaround, bring it back on. */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); + /* * If we pended a virtual abort, preserve it until it gets cleared. * See ARM ARM DDI 0487A.j D1.14.3 (Virtual Interrupts) for details, @@ -2260,6 +2273,13 @@ void leave_hypervisor_tail(void) */ SYNCHRONIZE_SERROR(SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT); + /* + * The hypervisor runs with the workaround always present. + * If the guest wants it disabled, so be it... + */ + if ( needs_ssbd_flip(current) ) + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 0, NULL); + return; } local_irq_enable(); diff --git a/xen/arch/arm/vsmc.c b/xen/arch/arm/vsmc.c index 40a80d5760..c4ccae6030 100644 --- a/xen/arch/arm/vsmc.c +++ b/xen/arch/arm/vsmc.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -104,6 +105,23 @@ static bool handle_arch(struct cpu_user_regs *regs) if ( cpus_have_cap(ARM_HARDEN_BRANCH_PREDICTOR) ) ret = 0; break; + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + switch ( get_ssbd_state() ) + { + case ARM_SSBD_UNKNOWN: + case ARM_SSBD_FORCE_DISABLE: + break; + + case ARM_SSBD_RUNTIME: + ret = ARM_SMCCC_SUCCESS; + break; + + case ARM_SSBD_FORCE_ENABLE: + case ARM_SSBD_MITIGATED: + ret = ARM_SMCCC_NOT_REQUIRED; + break; + } + break; } set_user_reg(regs, 0, ret); @@ -114,6 +132,25 @@ static bool handle_arch(struct cpu_user_regs *regs) case ARM_SMCCC_ARCH_WORKAROUND_1_FID: /* No return value */ return true; + + case ARM_SMCCC_ARCH_WORKAROUND_2_FID: + { + bool enable = (uint32_t)get_user_reg(regs, 1); + + /* + * ARM_WORKAROUND_2_FID should only be called when mitigation + * state can be changed at runtime. + */ + if ( unlikely(get_ssbd_state() != ARM_SSBD_RUNTIME) ) + return true; + + if ( enable ) + get_cpu_info()->flags |= CPUINFO_WORKAROUND_2_FLAG; + else + get_cpu_info()->flags &= ~CPUINFO_WORKAROUND_2_FLAG; + + return true; + } } return false; diff --git a/xen/include/asm-arm/current.h b/xen/include/asm-arm/current.h index 7a0971fdea..f9819b34fc 100644 --- a/xen/include/asm-arm/current.h +++ b/xen/include/asm-arm/current.h @@ -7,6 +7,10 @@ #include #include +/* Tell whether the guest vCPU enabled Workaround 2 (i.e variant 4) */ +#define CPUINFO_WORKAROUND_2_FLAG_SHIFT 0 +#define CPUINFO_WORKAROUND_2_FLAG (_AC(1, U) << CPUINFO_WORKAROUND_2_FLAG_SHIFT) + #ifndef __ASSEMBLY__ struct vcpu; @@ -21,7 +25,7 @@ DECLARE_PER_CPU(struct vcpu *, curr_vcpu); struct cpu_info { struct cpu_user_regs guest_cpu_user_regs; unsigned long elr; - unsigned int pad; + uint32_t flags; }; static inline struct cpu_info *get_cpu_info(void) From patchwork Tue Jun 12 11:36:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138331 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235054lji; Tue, 12 Jun 2018 04:39:35 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJNLqElQXNvvigIU8gZAUi88Frl2gvSLv2jfRKlzd8kZTByzLu7VgjjuBOCnL1Hd74CcxiJ X-Received: by 2002:a6b:fb04:: with SMTP id h4-v6mr3122736iog.193.1528803575349; Tue, 12 Jun 2018 04:39:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803575; cv=none; d=google.com; s=arc-20160816; b=H3kXC2hKYhbbKE4ktcJzb4jiJprPRk0vTX4YvW0FHDcFaj2Y9x3SfxhrHJ7x67M3Dd iJKQ+6OwjCLL+FQlpHDv8AHPmtPA6Pa009WilnJCOpWdrvICPYwbdforlWe5q1KHXXFt uF4dVUMjya4W0rInpZxc0QbL//bb9gYuovykjkqUxHBHjpMA4JKNgKZX53p39ZoUqxpc 8aIkjLB8sNzJ8CI7jlskBetpvAB1+JE4FgA8QEtUoFu4uPvz1MP18OTkmFnXr0myCvmM fLIU61SQIyHd3p58AjJyVayGTvZ+Sw8pOxFmt3QmxmrllBn/TBoNIMwqUiBudjrPRW2E tt/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=XFrKks2sB/xMNxPveEwDUoSnqw8v1S41g7E7lO4LhrM=; b=SUScKAJqfT33vijTmtN/iqhO/q6CP6VTqKF7GDahduI8Ifu/ZxZN/82M37Q2ruLS2v /iPsCA+rKWsjHaksOsaRSJrQCYLu7sB1UpN4mrjrU52/lj7TD2y+uNAKcYFELLa9gn2S GDiTyD6PgiDE6tEXLVoYNXC+PTohZS8EXj4ON2S6aYM6GgPm/373tlco+Y+Qxkw03zj2 9eQY/YV8gji4X+aDSVkYFD0TfsyVJ1G0B9hAljqbl+0D25H0OpnP4s9FUyWmkJgne29+ ibtdIMfKcchzvAss26D+gkhMcLSgHQ0dPuV1rbphNX58Dk1QXE0uPStgLLEvpRTye66C B0fw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id i16-v6si658475ioe.225.2018.06.12.04.39.35 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbi-0000r5-1j; Tue, 12 Jun 2018 11:37:02 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbg-0000qC-5O for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:00 +0000 X-Inumbo-ID: 93d9f179-6e34-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 93d9f179-6e34-11e8-9728-bc764e045a96; Tue, 12 Jun 2018 13:34:33 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 73C541596; Tue, 12 Jun 2018 04:36:58 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 660FE3F318; Tue, 12 Jun 2018 04:36:57 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:37 +0100 Message-Id: <20180612113643.32020-8-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 07/13] xen/arm: Simplify alternative patching of non-writable region X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" During the MMU setup process, Xen will set SCTLR_EL2.WNX (Write-Non-eXecutable) bit. Because of that, the alternative code need to re-mapped the region in a difference place in order to modify the text section. At the moment, the function patching the code is only aware of the re-mapped region. This requires the caller to mess with Xen internal in order to have function such as is_active_kernel_text() working. All the interactions with Xen internal can be removed by specifying the offset between the region patch and the writable region for updating the instruction This simplification will also make it easier to integrate dynamic patching in a follow-up patch. Indeed, the callback address should be in an original region and not re-mapped only which is writeable non-executable. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Cc: Konrad Rzeszutek Wilk Changes in v3: - Add stefano's reviewed-by Changes in v2: - Add commit message - Remove comment in the code that does not make sense anymore --- xen/arch/arm/alternative.c | 42 +++++++++++++----------------------------- 1 file changed, 13 insertions(+), 29 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index 9ffdc475d6..936cf04956 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -97,12 +97,16 @@ static u32 get_alt_insn(const struct alt_instr *alt, /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. + * + * @update_offset: Offset between the region patched and the writable + * region for the update. 0 if the patched region is writable. */ -static int __apply_alternatives(const struct alt_region *region) +static int __apply_alternatives(const struct alt_region *region, + paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr; - u32 *origptr; + const u32 *replptr, *origptr; + u32 *updptr; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); @@ -118,6 +122,7 @@ static int __apply_alternatives(const struct alt_region *region) BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); + updptr = (void *)origptr + update_offset; replptr = ALT_REPL_PTR(alt); nr_inst = alt->alt_len / sizeof(insn); @@ -125,7 +130,7 @@ static int __apply_alternatives(const struct alt_region *region) for ( i = 0; i < nr_inst; i++ ) { insn = get_alt_insn(alt, origptr + i, replptr + i); - *(origptr + i) = cpu_to_le32(insn); + *(updptr + i) = cpu_to_le32(insn); } /* Ensure the new instructions reached the memory and nuke */ @@ -162,9 +167,6 @@ static int __apply_alternatives_multi_stop(void *unused) paddr_t xen_size = _end - _start; unsigned int xen_order = get_order_from_bytes(xen_size); void *xenmap; - struct virtual_region patch_region = { - .list = LIST_HEAD_INIT(patch_region.list), - }; BUG_ON(patched); @@ -177,31 +179,13 @@ static int __apply_alternatives_multi_stop(void *unused) /* Re-mapping Xen is not expected to fail during boot. */ BUG_ON(!xenmap); - /* - * If we generate a new branch instruction, the target will be - * calculated in this re-mapped Xen region. So we have to register - * this re-mapped Xen region as a virtual region temporarily. - */ - patch_region.start = xenmap; - patch_region.end = xenmap + xen_size; - register_virtual_region(&patch_region); + region.begin = __alt_instructions; + region.end = __alt_instructions_end; - /* - * Find the virtual address of the alternative region in the new - * mapping. - * alt_instr contains relative offset, so the function - * __apply_alternatives will patch in the re-mapped version of - * Xen. - */ - region.begin = (void *)__alt_instructions - (void *)_start + xenmap; - region.end = (void *)__alt_instructions_end - (void *)_start + xenmap; - - ret = __apply_alternatives(®ion); + ret = __apply_alternatives(®ion, xenmap - (void *)_start); /* The patching is not expected to fail during boot. */ BUG_ON(ret != 0); - unregister_virtual_region(&patch_region); - vunmap(xenmap); /* Barriers provided by the cache flushing */ @@ -235,7 +219,7 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .end = end, }; - return __apply_alternatives(®ion); + return __apply_alternatives(®ion, 0); } /* From patchwork Tue Jun 12 11:36:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138334 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235090lji; Tue, 12 Jun 2018 04:39:36 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLoIPphfz0CwUtoxUCG4i5wWwSZcI1lR9zq2ylXChwj1zHI24Ih874uU0jii+LTwKlJ22+D X-Received: by 2002:a6b:b846:: with SMTP id i67-v6mr2946653iof.21.1528803576656; Tue, 12 Jun 2018 04:39:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803576; cv=none; d=google.com; s=arc-20160816; b=mJ3gRFdtwVOYges0lcO6rDcgM/Stgm/dLcfLTlIj/SVjXxYzYC40/ayv1y6HmdlUJ3 luIvRkpchopBq2zYY7i4hZrFHBKLfMw6WRLvUdyaV58YlTCOPJzmHWOjBZecvyr38ZuZ 8n/hzwttVpZ1+HXEsxA3tZoIONxugVcvrTM5SidQSozR8xjqR7aMCym+dyq5jRErGIPx AM8cdHzQWo6SfHY1b/9eDDOV1YeV07OQi8bTmaEHzf/kPzl7TdelZ1iG+dkhYD/dzi8g lm5UmpuMUyIMh0Cn3Rwm6csUxqFDKG+XUJQ4g5t4zVQqSNic/npI/VzwIxDmJh2Z10OE qsrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=TOWGXZUFkWM4cifKOWg8lYWbqud3GPyZRBgJQT0NJ2A=; b=QUq+qaEz0lX0XHcZ5BIaMkW8kzTjhrEhu3bPsiOt0Aq4VZLqBv9S2u8p2Cokam8B/Z pnsICF1AGkSE1N81N2qrQ9VHDFIajpM13/xRXry1aDCaJ6msPc6Qs14oxEJ469pgkQ12 G4N7dzojec2H/kai+KNGliHqrQRCQb+LWcAuf48oUws+aDQl697NQw8sDSfzPOsczG1Z s+A2AK/8JxuPXnDgCgfksTW5MU7RXtTML54eQRxC3k9q0/mMz3uHwW86IJLK2G8SF6kx 1UPJKY8p84mDKWLwi6tCS0nKim9MVnPY2aR4jvHtgHFZ4kvrKUFTrCKO53cBmJdakpmL dJNQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id y196-v6si702454iod.32.2018.06.12.04.39.36 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbi-0000rD-CC; Tue, 12 Jun 2018 11:37:02 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbg-0000qX-DX for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:00 +0000 X-Inumbo-ID: edf55b21-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id edf55b21-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:04 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9BA4B1435; Tue, 12 Jun 2018 04:36:59 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B1BB83F318; Tue, 12 Jun 2018 04:36:58 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:38 +0100 Message-Id: <20180612113643.32020-9-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 08/13] xen/arm: alternatives: Add dynamic patching feature X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This is based on the Linux commit dea5e2a4c5bc "arm64: alternatives: Add dynamic patching feature" written by Marc Zyngier: We've so far relied on a patching infrastructure that only gave us a single alternative, without any way to provide a range of potential replacement instructions. For a single feature, this is an all or nothing thing. It would be interesting to have a more flexible grained way of patching the kernel though, where we could dynamically tune the code that gets injected. In order to achive this, let's introduce a new form of dynamic patching, assiciating a callback to a patching site. This callback gets source and target locations of the patching request, as well as the number of instructions to be patched. Dynamic patching is declared with the new ALTERNATIVE_CB and alternative_cb directives: asm volatile(ALTERNATIVE_CB("mov %0, #0\n", callback) : "r" (v)); or alternative_cb callback mov x0, #0 alternative_cb_end where callback is the C function computing the alternative. Reviewed-by: Christoffer Dall Reviewed-by: Catalin Marinas Signed-off-by: Marc Zyngier This is part of XSA-263. Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- Changes in v2: - Fix typo in the commit message - Add Stefano's acked-by --- xen/arch/arm/alternative.c | 48 +++++++++++++++++++++++++++++---------- xen/include/asm-arm/alternative.h | 44 +++++++++++++++++++++++++++++++---- 2 files changed, 75 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c index 936cf04956..52ed7edf69 100644 --- a/xen/arch/arm/alternative.c +++ b/xen/arch/arm/alternative.c @@ -30,6 +30,8 @@ #include #include #include +/* XXX: Move ARCH_PATCH_INSN_SIZE out of livepatch.h */ +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -94,6 +96,23 @@ static u32 get_alt_insn(const struct alt_instr *alt, return insn; } +static void patch_alternative(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + const uint32_t *replptr; + unsigned int i; + + replptr = ALT_REPL_PTR(alt); + for ( i = 0; i < nr_inst; i++ ) + { + uint32_t insn; + + insn = get_alt_insn(alt, origptr + i, replptr + i); + updptr[i] = cpu_to_le32(insn); + } +} + /* * The region patched should be read-write to allow __apply_alternatives * to replacing the instructions when necessary. @@ -105,33 +124,38 @@ static int __apply_alternatives(const struct alt_region *region, paddr_t update_offset) { const struct alt_instr *alt; - const u32 *replptr, *origptr; + const u32 *origptr; u32 *updptr; + alternative_cb_t alt_cb; printk(XENLOG_INFO "alternatives: Patching with alt table %p -> %p\n", region->begin, region->end); for ( alt = region->begin; alt < region->end; alt++ ) { - u32 insn; - int i, nr_inst; + int nr_inst; - if ( !cpus_have_cap(alt->cpufeature) ) + /* Use ARM_CB_PATCH as an unconditional patch */ + if ( alt->cpufeature < ARM_CB_PATCH && + !cpus_have_cap(alt->cpufeature) ) continue; - BUG_ON(alt->alt_len != alt->orig_len); + if ( alt->cpufeature == ARM_CB_PATCH ) + BUG_ON(alt->alt_len != 0); + else + BUG_ON(alt->alt_len != alt->orig_len); origptr = ALT_ORIG_PTR(alt); updptr = (void *)origptr + update_offset; - replptr = ALT_REPL_PTR(alt); - nr_inst = alt->alt_len / sizeof(insn); + nr_inst = alt->orig_len / ARCH_PATCH_INSN_SIZE; - for ( i = 0; i < nr_inst; i++ ) - { - insn = get_alt_insn(alt, origptr + i, replptr + i); - *(updptr + i) = cpu_to_le32(insn); - } + if ( alt->cpufeature < ARM_CB_PATCH ) + alt_cb = patch_alternative; + else + alt_cb = ALT_REPL_PTR(alt); + + alt_cb(alt, origptr, updptr, nr_inst); /* Ensure the new instructions reached the memory and nuke */ clean_and_invalidate_dcache_va_range(origptr, diff --git a/xen/include/asm-arm/alternative.h b/xen/include/asm-arm/alternative.h index 4e33d1cdf7..9b4b02811b 100644 --- a/xen/include/asm-arm/alternative.h +++ b/xen/include/asm-arm/alternative.h @@ -3,6 +3,8 @@ #include +#define ARM_CB_PATCH ARM_NCAPS + #ifndef __ASSEMBLY__ #include @@ -18,16 +20,24 @@ struct alt_instr { }; /* Xen: helpers used by common code. */ -#define __ALT_PTR(a,f) ((u32 *)((void *)&(a)->f + (a)->f)) +#define __ALT_PTR(a,f) ((void *)&(a)->f + (a)->f) #define ALT_ORIG_PTR(a) __ALT_PTR(a, orig_offset) #define ALT_REPL_PTR(a) __ALT_PTR(a, alt_offset) +typedef void (*alternative_cb_t)(const struct alt_instr *alt, + const uint32_t *origptr, uint32_t *updptr, + int nr_inst); + void __init apply_alternatives_all(void); int apply_alternatives(const struct alt_instr *start, const struct alt_instr *end); -#define ALTINSTR_ENTRY(feature) \ +#define ALTINSTR_ENTRY(feature, cb) \ " .word 661b - .\n" /* label */ \ + " .if " __stringify(cb) " == 0\n" \ " .word 663f - .\n" /* new instruction */ \ + " .else\n" \ + " .word " __stringify(cb) "- .\n" /* callback */ \ + " .endif\n" \ " .hword " __stringify(feature) "\n" /* feature bit */ \ " .byte 662b-661b\n" /* source len */ \ " .byte 664f-663f\n" /* replacement len */ @@ -45,15 +55,18 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en * but most assemblers die if insn1 or insn2 have a .inst. This should * be fixed in a binutils release posterior to 2.25.51.0.2 (anything * containing commit 4e4d08cf7399b606 or c1baaddf8861). + * + * Alternatives with callbacks do not generate replacement instructions. */ -#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled) \ +#define __ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg_enabled, cb) \ ".if "__stringify(cfg_enabled)" == 1\n" \ "661:\n\t" \ oldinstr "\n" \ "662:\n" \ ".pushsection .altinstructions,\"a\"\n" \ - ALTINSTR_ENTRY(feature) \ + ALTINSTR_ENTRY(feature,cb) \ ".popsection\n" \ + " .if " __stringify(cb) " == 0\n" \ ".pushsection .altinstr_replacement, \"a\"\n" \ "663:\n\t" \ newinstr "\n" \ @@ -61,11 +74,17 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en ".popsection\n\t" \ ".org . - (664b-663b) + (662b-661b)\n\t" \ ".org . - (662b-661b) + (664b-663b)\n" \ + ".else\n\t" \ + "663:\n\t" \ + "664:\n\t" \ + ".endif\n" \ ".endif\n" #define _ALTERNATIVE_CFG(oldinstr, newinstr, feature, cfg, ...) \ - __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg)) + __ALTERNATIVE_CFG(oldinstr, newinstr, feature, IS_ENABLED(cfg), 0) +#define ALTERNATIVE_CB(oldinstr, cb) \ + __ALTERNATIVE_CFG(oldinstr, "NOT_AN_INSTRUCTION", ARM_CB_PATCH, 1, cb) #else #include @@ -126,6 +145,14 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en 663: .endm +.macro alternative_cb cb + .set .Lasm_alt_mode, 0 + .pushsection .altinstructions, "a" + altinstruction_entry 661f, \cb, ARM_CB_PATCH, 662f-661f, 0 + .popsection +661: +.endm + /* * Complete an alternative code sequence. */ @@ -135,6 +162,13 @@ int apply_alternatives(const struct alt_instr *start, const struct alt_instr *en .org . - (662b-661b) + (664b-663b) .endm +/* + * Callback-based alternative epilogue + */ +.macro alternative_cb_end +662: +.endm + #define _ALTERNATIVE_CFG(insn1, insn2, cap, cfg, ...) \ alternative_insn insn1, insn2, cap, IS_ENABLED(cfg) From patchwork Tue Jun 12 11:36:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138329 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235028lji; Tue, 12 Jun 2018 04:39:34 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJ3oA6oMlh2NJ0EwDTAn1B8sknAEhrEf8pexBIv2GTlQAd3oMFsK76RvTZFyNw2F4H9kV6A X-Received: by 2002:a24:414c:: with SMTP id x73-v6mr8139ita.96.1528803574033; Tue, 12 Jun 2018 04:39:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803574; cv=none; d=google.com; s=arc-20160816; b=RRtlZ6fu7mqL38r3hQ3RXFJ+QVhrvgOAXZsunWhV93R6+iL45YRkbZ3hGF8Xy4VJUO LSfgJ8vgWggrqa1KU7kcAi0bjDE/90uXCYgokZHwJ0crW88BxUGz0ALG6F51J6WE+e29 98DAVGM1vz0EKLbrkZO+1o21xP+12OXwj70CNam61Dwb8pL20O1TR7eeXWvURoMsjAH6 AB/PzGxKb/S6gkSdkFRsoO/inJqtTlmUpztlXDATG2u6QjqdlKE9wo+bUbbIufc5m/Nb JE1wBn3kZVL/V5y+utmqQVD2TdWTxuBmR1VdlLyBGYc7fHzpCjY+QTMxaOyNqnBAU0RS yfKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=EWJUC/1UqN0pVVnVHxodOhuvjvERyOqkL55zIAgc15I=; b=UHqXFbS5cvG4t8SLpeEEEhhEI6Hax1uV8zIVw1DtlyCW/NdsPim/GoRJwxThxT0P7c KcIe4/gscGGyP/PGD6sQ65nqf26W5iWD0lA9/KaeUz/L/EQft0wG0R8XLiAHCn/ZLj30 R3CvsZQGcZbS9MXa53Nsmp7g0T2f4sK6VgaTQYrz66084XncAH12xuVceqpeJcurqp5l HfbbP9QSqwKIDxtk4w0y1GLAosaADdOM+8kU+0HFqNytElAsRZTIWumee4iPk8Mtxsgx PFsedgqLN/iqMkiN+MImlkYkid/Qo+q98e7vfPRto49cz7vuksN+TROYEsGWps9hPvfJ jJyA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id r207-v6si220948itr.10.2018.06.12.04.39.33 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbi-0000rO-PG; Tue, 12 Jun 2018 11:37:02 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbh-0000qy-Iv for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:01 +0000 X-Inumbo-ID: eea6a7f2-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id eea6a7f2-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:05 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C371D1596; Tue, 12 Jun 2018 04:37:00 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D971E3F318; Tue, 12 Jun 2018 04:36:59 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:39 +0100 Message-Id: <20180612113643.32020-10-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 09/13] xen/arm64: Add generic assembly macros X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Add assembly macros to simplify assembly code: - adr_cpu_info: Get the address to the current cpu_info structure - ldr_this_cpu: Load a per-cpu value This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/include/asm-arm/arm64/macros.h | 25 +++++++++++++++++++++++++ xen/include/asm-arm/macros.h | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 xen/include/asm-arm/arm64/macros.h diff --git a/xen/include/asm-arm/arm64/macros.h b/xen/include/asm-arm/arm64/macros.h new file mode 100644 index 0000000000..9c5e676b37 --- /dev/null +++ b/xen/include/asm-arm/arm64/macros.h @@ -0,0 +1,25 @@ +#ifndef __ASM_ARM_ARM64_MACROS_H +#define __ASM_ARM_ARM64_MACROS_H + + /* + * @dst: Result of get_cpu_info() + */ + .macro adr_cpu_info, dst + add \dst, sp, #STACK_SIZE + and \dst, \dst, #~(STACK_SIZE - 1) + sub \dst, \dst, #CPUINFO_sizeof + .endm + + /* + * @dst: Result of READ_ONCE(per_cpu(sym, smp_processor_id())) + * @sym: The name of the per-cpu variable + * @tmp: scratch register + */ + .macro ldr_this_cpu, dst, sym, tmp + ldr \dst, =per_cpu__\sym + mrs \tmp, tpidr_el2 + ldr \dst, [\dst, \tmp] + .endm + +#endif /* __ASM_ARM_ARM64_MACROS_H */ + diff --git a/xen/include/asm-arm/macros.h b/xen/include/asm-arm/macros.h index 5d837cb38b..1d4bb41d15 100644 --- a/xen/include/asm-arm/macros.h +++ b/xen/include/asm-arm/macros.h @@ -8,7 +8,7 @@ #if defined (CONFIG_ARM_32) # include #elif defined(CONFIG_ARM_64) -/* No specific ARM64 macros for now */ +# include #else # error "unknown ARM variant" #endif From patchwork Tue Jun 12 11:36:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138328 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234999lji; Tue, 12 Jun 2018 04:39:32 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLaUt13CTBmALSFqATXCiiYRl5GLGq9Iou0DuP4Ul7+GN3oCnNV0olN5188fwXxRHrr7NzB X-Received: by 2002:a6b:9403:: with SMTP id w3-v6mr20522iod.108.1528803572474; Tue, 12 Jun 2018 04:39:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803572; cv=none; d=google.com; s=arc-20160816; b=QDw0wik292L+uivTkTfoLwzCMDmNH7hrHHdwW4F5PD9u8A2Ci/FnwNsdShKW55QsuU +b85H8aQvt6rx8CAAbPE8rFqo+vfoAkjlNud5aNBLgVozIcCRlA1Cm4N0TdlRV8HYsSB utiCMcfVAOvdT0J8Kezmev3tLoDeaaSVOw2i2wbGE5s2FhW3qjnNNiPBI18Lw55KC/6/ oicm4rodAekEq6+IOakRCvkz0Ouvs3s8YeA76ac8ewtb+foA9jCzzvgSyx5/wXmoD+BV v7UMFxa4e44G7dwCFZTI3QbsGU1o91Ah/UE3QABridO253ZE8uKmSwCyTq+F2rB6V6pk 4OOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=MDhEKpm8SiKDGW68e0hUnfI4WuGChq7a0s9p9rJi/t8=; b=hB49vfudifdTjvqYuO4ELM1BJNUkGlUJhZ8POKLi6pt9g7k7nKQhmuAIvKzI8ysRiZ V10tGbak2gVID9GzNWlKDg1PWD1s7bMadu+PEE6U8FkBWajQTDRFfa3KGy/yt2OUl68e tivoNgaFm/XHLnDFSQqM1ZzFBAS6C9Znaxrcg39gpotZQ8tstlSzmVERWhqav9sO8Oh0 DTpiFIaIEXOX327C88XzuNWZtWZFIluVndmRYRcSiJsTaMqFrU6UKTuzhCn+THGVq3ok bZBYEbM/NRogmDVQWrHZ2kF/MNaVCLnDr7rjJOjPhxhAIgglpm+d4XBxnlIWjLWB+GUe WRRw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id g14-v6si661387iog.51.2018.06.12.04.39.32 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbk-0000tb-4g; Tue, 12 Jun 2018 11:37:04 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbj-0000rX-0h for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:03 +0000 X-Inumbo-ID: ef58640b-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id ef58640b-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:06 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id EB73E1435; Tue, 12 Jun 2018 04:37:01 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 0D6A73F318; Tue, 12 Jun 2018 04:37:00 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:40 +0100 Message-Id: <20180612113643.32020-11-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 10/13] xen/arm64: Implement a fast path for handling SMCCC_ARCH_WORKAROUND_2 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The function ARM_SMCCC_ARCH_WORKAROUND_2 will be called by the guest for enabling/disabling the ssbd mitigation. So we want the handling to be as fast as possible. The new sequence will forward guest's ARCH_WORKAROUND_2 call to EL3 and also track the state of the workaround per-vCPU. Note that since we need to execute branches, this always executes after the spectre-v2 mitigation. This code is based on KVM counterpart "arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests" written by Marc Zyngier. This is part of XSA-263. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v3: - Add Stefano's reviewed-by Changes in v2: - Combine the 2 consecutive eor instructions in a single one. --- xen/arch/arm/arm64/asm-offsets.c | 2 ++ xen/arch/arm/arm64/entry.S | 42 +++++++++++++++++++++++++++++++++++++++- xen/arch/arm/cpuerrata.c | 18 +++++++++++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/arm64/asm-offsets.c b/xen/arch/arm/arm64/asm-offsets.c index ce24e44473..f5c696d092 100644 --- a/xen/arch/arm/arm64/asm-offsets.c +++ b/xen/arch/arm/arm64/asm-offsets.c @@ -22,6 +22,7 @@ void __dummy__(void) { OFFSET(UREGS_X0, struct cpu_user_regs, x0); + OFFSET(UREGS_X1, struct cpu_user_regs, x1); OFFSET(UREGS_LR, struct cpu_user_regs, lr); OFFSET(UREGS_SP, struct cpu_user_regs, sp); @@ -45,6 +46,7 @@ void __dummy__(void) BLANK(); DEFINE(CPUINFO_sizeof, sizeof(struct cpu_info)); + OFFSET(CPUINFO_flags, struct cpu_info, flags); OFFSET(VCPU_arch_saved_context, struct vcpu, arch.saved_context); diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index e2344e565f..97b05f53ea 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -1,4 +1,6 @@ #include +#include +#include #include #include #include @@ -241,7 +243,7 @@ guest_sync: * be encoded as an immediate for cmp. */ eor w0, w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID - cbnz w0, guest_sync_slowpath + cbnz w0, check_wa2 /* * Clobber both x0 and x1 to prevent leakage. Note that thanks @@ -250,6 +252,44 @@ guest_sync: mov x1, xzr eret +check_wa2: + /* ARM_SMCCC_ARCH_WORKAROUND_2 handling */ + eor w0, w0, #(ARM_SMCCC_ARCH_WORKAROUND_1_FID ^ ARM_SMCCC_ARCH_WORKAROUND_2_FID) + cbnz w0, guest_sync_slowpath +#ifdef CONFIG_ARM_SSBD +alternative_cb arm_enable_wa2_handling + b wa2_end +alternative_cb_end + /* Sanitize the argument */ + mov x0, #-(UREGS_kernel_sizeof - UREGS_X1) /* x0 := offset of guest's x1 on the stack */ + ldr x1, [sp, x0] /* Load guest's x1 */ + cmp w1, wzr + cset x1, ne + + /* + * Update the guest flag. At this stage sp point after the field + * guest_cpu_user_regs in cpu_info. + */ + adr_cpu_info x2 + ldr x0, [x2, #CPUINFO_flags] + bfi x0, x1, #CPUINFO_WORKAROUND_2_FLAG_SHIFT, #1 + str x0, [x2, #CPUINFO_flags] + + /* Check that we actually need to perform the call */ + ldr_this_cpu x0, ssbd_callback_required, x2 + cbz x0, wa2_end + + mov w0, #ARM_SMCCC_ARCH_WORKAROUND_2_FID + smc #0 + +wa2_end: + /* Don't leak data from the SMC call */ + mov x1, xzr + mov x2, xzr + mov x3, xzr +#endif /* !CONFIG_ARM_SSBD */ + mov x0, xzr + eret guest_sync_slowpath: /* * x0/x1 may have been scratch by the fast path above, so avoid diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 4292008692..7455f09f26 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -7,6 +7,7 @@ #include #include #include +#include #include /* Override macros from asm/page.h to make them work with mfn_t */ @@ -272,6 +273,23 @@ static int __init parse_spec_ctrl(const char *s) } custom_param("spec-ctrl", parse_spec_ctrl); +/* Arm64 only for now as for Arm32 the workaround is currently handled in C. */ +#ifdef CONFIG_ARM_64 +void __init arm_enable_wa2_handling(const struct alt_instr *alt, + const uint32_t *origptr, + uint32_t *updptr, int nr_inst) +{ + BUG_ON(nr_inst != 1); + + /* + * Only allow mitigation on guest ARCH_WORKAROUND_2 if the SSBD + * state allow it to be flipped. + */ + if ( get_ssbd_state() == ARM_SSBD_RUNTIME ) + *updptr = aarch64_insn_gen_nop(); +} +#endif + /* * Assembly code may use the variable directly, so we need to make sure * it fits in a register. From patchwork Tue Jun 12 11:36:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138330 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235002lji; Tue, 12 Jun 2018 04:39:32 -0700 (PDT) X-Google-Smtp-Source: ADUXVKICX8qfcUmHu4MC3vzyPkmmbNc1ocVhXViLecFD8y43Br+LEGiWTHWJSS7SCIb8i22QAUzU X-Received: by 2002:a6b:1410:: with SMTP id 16-v6mr7188iou.218.1528803572583; Tue, 12 Jun 2018 04:39:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803572; cv=none; d=google.com; s=arc-20160816; b=pwcExXiILQxFQBLW8u9G3VsOuhLO6nv1o21JJboH+qfLkt55M7FImvdOiiaTzQd9cU jsFqGtQXo7x4YN+MR6JBKDE6YsnM1jG/Ec86lEPW0CmdQjp4qQF7EUW6gR3WZOCxUEWG Qe5sBljzl9mptzpZyLRwtkdV6Mo4dWPuOvu5KVQUG4atlhXwbSyXvRqC+TxlHOGb225S H4lcY0cM6iopH1PJHcDoCqH7KKwGgfjGduT1FvQMfDSz2T9AxstA9DIo8bAzfcyQwdUv 5i7lvJFJUrPBHdMuQcTV8pUUpGA8EWtUf/vW7hNhwAsfiL8dKUGZGT/N2iwPfeo6mgR0 P2Cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=KVA7WYpFbGgKB4E75PMYwdw9dNxJbsWv8jzhfYqCg2M=; b=a7pGrd/U7TkD0LiV76YAOt1C+6HVhtFgfxtD7ZuPItP8pjFWNKtgL5Gv8qB11myrMy LdfIHJ+Hxw9YU7qj4pAsuy3RjOi4qK9PYOb74HaIruUaIQzn67RN0cHSmcj22sFNwEY7 zcdnldoK77fq11p/pQPtrp9Nwymqsv69vxaafBMUgO88+e3gCbljda84lGQglOKEZPa+ +ZsrCq74JZJIkcscHaSzjRe8vVSRfRs5tlZhp7Kmu3O4MXSigcw8dHU5w6+obJyxXhhn Pjo6UqZUXYH6H2BmZW9FQBGlvpWtE9cRKq9LH9gb9n6LnXNmvAzceaGGimYzvKGvzVZt Hb5A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id l16-v6si684225iol.88.2018.06.12.04.39.32 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbm-0000v5-Fp; Tue, 12 Jun 2018 11:37:06 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbk-0000tg-Ap for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:04 +0000 X-Inumbo-ID: 96a011c4-6e34-11e8-9728-bc764e045a96 Received: from foss.arm.com (unknown [217.140.101.70]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTP id 96a011c4-6e34-11e8-9728-bc764e045a96; Tue, 12 Jun 2018 13:34:38 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1F8BA1596; Tue, 12 Jun 2018 04:37:03 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 356C43F318; Tue, 12 Jun 2018 04:37:02 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:41 +0100 Message-Id: <20180612113643.32020-12-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 11/13] xen/arm: Kconfig: Move HARDEN_BRANCH_PREDICTOR under "Architecture features" X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" At the moment, HARDEN_BRANCH_PREDICTOR is not in any section making impossible for the user to unselect it. Also, it looks like we require to use 'expert = "y"' for showing the option in expert mode. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/Kconfig | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 0e2d027060..4212c58171 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -83,6 +83,23 @@ config ARM_SSBD If unsure, say Y. +config HARDEN_BRANCH_PREDICTOR + bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y" + default y + help + Speculation attacks against some high-performance processors rely on + being able to manipulate the branch predictor for a victim context by + executing aliasing branches in the attacker context. Such attacks + can be partially mitigated against by clearing internal branch + predictor state and limiting the prediction logic in some situations. + + This config option will take CPU-specific actions to harden the + branch predictor against aliasing attacks and may rely on specific + instruction sequences or control bits being set by the system + firmware. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" @@ -197,23 +214,6 @@ config ARM64_ERRATUM_834220 endmenu -config HARDEN_BRANCH_PREDICTOR - bool "Harden the branch predictor against aliasing attacks" if EXPERT - default y - help - Speculation attacks against some high-performance processors rely on - being able to manipulate the branch predictor for a victim context by - executing aliasing branches in the attacker context. Such attacks - can be partially mitigated against by clearing internal branch - predictor state and limiting the prediction logic in some situations. - - This config option will take CPU-specific actions to harden the - branch predictor against aliasing attacks and may rely on specific - instruction sequences or control bits being set by the system - firmware. - - If unsure, say Y. - config ARM64_HARDEN_BRANCH_PREDICTOR def_bool y if ARM_64 && HARDEN_BRANCH_PREDICTOR From patchwork Tue Jun 12 11:36:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138336 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5235164lji; Tue, 12 Jun 2018 04:39:41 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKLigfYFNYS0yGhosT8h0VbhFTm2zU7OeubtvhoJI4r75kTvg78b4O3/wANVrazuZ5eAkZU X-Received: by 2002:a24:4fd3:: with SMTP id c202-v6mr20039itb.32.1528803581147; Tue, 12 Jun 2018 04:39:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803581; cv=none; d=google.com; s=arc-20160816; b=MRJNyqEM7bB7D2YCoTykkRLN/66XhXteUhN8XXVHItDUpf4HCnlBt8CEBwoMYyGSGi NervylcOumWtpfh8WWqwEYv+BIOAzLo5GOhXqKfHouzoaXDZ35/lUPdnAjHZ5KO5/5vV /PkKEyZhi53Mr+9t78uD4QWJPhpu8Y5lRA6jwQmZetRiTLa9O4ocIKU8nAaUPYmja3Hn brE/291Ak3jVhjwyMbTuo9lLStHsS1cxcuMsRwZ+nIfiydSg94PGWysOxCV2fKewT9Ga CRDK8dQnCoXAHM6c4dmWZUgVzVJoiB4JLdgFM77cCfLQtFyoiBCS6Y7OvZcps+wcX7kh TdRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=K/zrqP0z/NfYfazw/sbgskwe6NSLgv2VqgNqfpZnIvQ=; b=mw6fzkycNnh2TtrBwTzbv5FnccfAbRhIub85YfbcChii010HtRpkkRXyVKz7gmDQsB 58ksqlw6Km4KuvrcQXJHofglYB3DedlE2Wrx9h6IA9u1d4M1fW/NGwGHdJ/Sjj2ZcVs2 pDHGFCwv7PFbstjUwerQXl8zP04HUbyZ4zKgw8qEbxKJc/Sg/DtDvN0PIs3y63U+qnBw xNMB3zaSMACh300G5LUuJxhP8jdYe5a9pPTOA0sGqbSAs6emJLpKyivl0n7muvL/124w fimEMM4KU42C40RkDe3CCoP7o9CdNFBKrEjXBHlX3p9DhtK+HIsss53A+pcosB4ypb07 kyDA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id j64-v6si668290ioe.48.2018.06.12.04.39.40 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbm-0000vU-Qs; Tue, 12 Jun 2018 11:37:06 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbl-0000ua-9U for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:05 +0000 X-Inumbo-ID: f0bb8778-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id f0bb8778-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:09 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 473C41435; Tue, 12 Jun 2018 04:37:04 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5D5093F318; Tue, 12 Jun 2018 04:37:03 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:42 +0100 Message-Id: <20180612113643.32020-13-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 12/13] xen/arm: smccc: Fix indentation in ARM_SMCCC_ARCH_WORKAROUND_1_FID X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Signed-off-by: Julien Grall Acked-by: Stefano Stabellini --- Changes in v2: - Add Stefano's acked-by --- xen/include/asm-arm/smccc.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h index a6804cec99..74c13f8419 100644 --- a/xen/include/asm-arm/smccc.h +++ b/xen/include/asm-arm/smccc.h @@ -254,9 +254,9 @@ struct arm_smccc_res { #define ARM_SMCCC_ARCH_WORKAROUND_1_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ - ARM_SMCCC_CONV_32, \ - ARM_SMCCC_OWNER_ARCH, \ - 0x8000) + ARM_SMCCC_CONV_32, \ + ARM_SMCCC_OWNER_ARCH, \ + 0x8000) #define ARM_SMCCC_ARCH_WORKAROUND_2_FID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \ From patchwork Tue Jun 12 11:36:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 138326 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp5234960lji; Tue, 12 Jun 2018 04:39:31 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLm5mqC5gobjDpgpW/7httJ0J2s52ttoO8i1Wd2Uil8ApUOWLAMng5HsgpaMgkZKLMT+dDu X-Received: by 2002:a6b:9156:: with SMTP id t83-v6mr31440iod.32.1528803571036; Tue, 12 Jun 2018 04:39:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528803571; cv=none; d=google.com; s=arc-20160816; b=QmBBYF2dPvFe745kfUQdzeupG1w8hSK4iBc6UbODSY+mClrNF4LfUVCYTlIokTXUi1 Xjsl+VlnRF7UaMl7AQ1tvgbw+9J+TObtvzhLEUwlnb8TSnJKRUTh/iAICi2r3GcqgF7S n6mPTUQ+3tC4KwwEVEP2mE3QX94GKp2F4S2GHtQ0YV8KgzuIKOITKwrSJhndcEPnIb+2 vTra+hVk8YhmpKCcW+fWhaOUCSISGuJI3xYA5xTJnWsf7sjb4HdUg4zDMo/weYy9VK/5 dOGa4gG2j4E/cPq2YJmsQF0gBSDMOAdT+zZ1pRgzhnxw7DD2CGU7XymNaBa/GekZFYnY wtYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from :arc-authentication-results; bh=smFcaeoBTL6C+7qA4zFKrSWVpBF6FtHMeKqU3+D14zc=; b=Ud7c5zT5akw8hokFStXdSka7yFEMb6BedlTPYHXQGEYrRarg1HPp0XgFkHioet+6Qc h9raWPAFClpIImcAsyNaIr9fQRri1I4BWLfae+01LA101P5icCn1sIFpPP795H1M98vE NxbvOYWpaPeSKaUHUgyER+TqAx9FRzUY/RF7k24vlY1jIohh2Fs8ljIwJEizMoWCyZlz /4ER+uVFsZLGXoXE/3y6C/zNfHDhSWCxlzU9NVGu8p9wV2+dlxDE24H9vNGwyy1Fi9vp 6Uaj7vQoELShrxbSlgXj032o/sV9CxttMg5W6+qOiRMt2uP14puK5WihDm6DeLc19ejk v82g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id j62-v6si206942ite.84.2018.06.12.04.39.30 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 12 Jun 2018 04:39:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbo-0000xj-J0; Tue, 12 Jun 2018 11:37:08 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1fShbm-0000vO-Qf for xen-devel@lists.xenproject.org; Tue, 12 Jun 2018 11:37:06 +0000 X-Inumbo-ID: f16d5ffc-6e34-11e8-bc1d-65256ead4e3a Received: from foss.arm.com (unknown [217.140.101.70]) by us1-amaz-eas1.inumbo.com (Halon) with ESMTP id f16d5ffc-6e34-11e8-bc1d-65256ead4e3a; Tue, 12 Jun 2018 11:37:10 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6FA411435; Tue, 12 Jun 2018 04:37:05 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.206.53]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 85C3B3F318; Tue, 12 Jun 2018 04:37:04 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 12 Jun 2018 12:36:43 +0100 Message-Id: <20180612113643.32020-14-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180612113643.32020-1-julien.grall@arm.com> References: <20180612113643.32020-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v3 13/13] xen/arm: Avoid to use current everywhere in enter_hypervisor_head X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, Julien Grall , sstabellini@kernel.org MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Using current is fairly expensive, so save up into a variable. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- Changes in v2: - Add Stefano's reviewed-by --- xen/arch/arm/traps.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 315fc61f77..bde303261e 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2024,8 +2024,10 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) { if ( guest_mode(regs) ) { + struct vcpu *v = current; + /* If the guest has disabled the workaround, bring it back on. */ - if ( needs_ssbd_flip(current) ) + if ( needs_ssbd_flip(v) ) arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2_FID, 1, NULL); /* @@ -2034,8 +2036,8 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * but the crucial bit is "On taking a vSError interrupt, HCR_EL2.VSE * (alias of HCR.VA) is cleared to 0." */ - if ( current->arch.hcr_el2 & HCR_VA ) - current->arch.hcr_el2 = READ_SYSREG(HCR_EL2); + if ( v->arch.hcr_el2 & HCR_VA ) + v->arch.hcr_el2 = READ_SYSREG(HCR_EL2); #ifdef CONFIG_NEW_VGIC /* @@ -2045,11 +2047,11 @@ static void enter_hypervisor_head(struct cpu_user_regs *regs) * TODO: Investigate whether this is necessary to do on every * trap and how it can be optimised. */ - vtimer_update_irqs(current); - vcpu_update_evtchn_irq(current); + vtimer_update_irqs(v); + vcpu_update_evtchn_irq(v); #endif - vgic_sync_from_lrs(current); + vgic_sync_from_lrs(v); } }