From patchwork Mon Apr 15 21:21:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162271 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418117jan; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqxju7vHW43AXLzy62fzdBHs5i8l/jqfEPgYWnQViTPka6RSKnM4u7Zwjn42ZfRdR+pMYmNE X-Received: by 2002:a17:902:4501:: with SMTP id m1mr49958506pld.290.1555363302601; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363302; cv=none; d=google.com; s=arc-20160816; b=GwmCVRCZEC6aWosqwaeOW5Ojl2Rqi4OO+a28S40rw98Wfz7OXJoSjT7Xj2xpzdwTQv F//QO8//4Nrv2eieya3haPkfdZRbx1zVxo0EdW/Gwkrk3S6fI5DBgcgI4y0d69tdTEgp srkqsvaMb2XgPlqNDZmQSixncVKFHJQn1UDx0f5u0rjVnm02/QfT6AcBPE7w7vCsHfUS JEeJE5etebLcJSDy9D+k8j9BHhr5ipQ/EwhA9T+zd2Sv3pKTQqNl2rwt6p8YN4Y1e7pm qLHWznPlFNXjpAaiWyWXI75Oklr9wNDyQ1J2f5tvMzInZ23G24WbfV4rYGABJlpC912k gUaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=CT3d/nBKRnTrp1q6CX5C4QJaO2VkT4DsSJpOzC4dACI=; b=SIpbx5lUeUs8KXn4HO2JQDcOS8W/jmLVsApGoKkONhfCLaI1rL4m+1602kWGfNNQVR uPg+lGDeTh+OU9vMkPvLWN/bEQhscRmPpIiirpgFx7qc6Ly/+xbHcrZQWWkgcor5LsMV cgRG97nrui1Qwlkq0GNRD+eT0Ol/aEFnEIBpz8VoDvcut4k2w6LQGJ4FHf1nNJOkf/0g T/4EvK2kry/1eBs1r9RN9zHAX53tjIBezVlVg+QKn/x+nih4WPWbHDmfFM1UOa4BJ5Of I/d7DZgxu5v3lD78WXWLhJ9YuiWjpQqQeNz6ddx/NurEZVS3vX1bK4udzX8uiFF03Xir dqoA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k193si45383232pga.319.2019.04.15.14.21.42; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728024AbfDOVVl (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:41 -0400 Received: from foss.arm.com ([217.140.101.70]:42876 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726041AbfDOVVi (ORCPT ); Mon, 15 Apr 2019 17:21:38 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 35D2FA78; Mon, 15 Apr 2019 14:21:38 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 7C0653F68F; Mon, 15 Apr 2019 14:21:37 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara , Jonathan Corbet , linux-doc@vger.kernel.org Subject: [v8 01/10] arm64: Provide a command line to disable spectre_v2 mitigation Date: Mon, 15 Apr 2019 16:21:20 -0500 Message-Id: <20190415212129.1112-2-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org There are various reasons, including bencmarking, to disable spectrev2 mitigation on a machine. Provide a command-line to do so. Signed-off-by: Jeremy Linton Reviewed-by: Suzuki K Poulose Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren Cc: Jonathan Corbet Cc: linux-doc@vger.kernel.org --- Documentation/admin-guide/kernel-parameters.txt | 8 ++++---- arch/arm64/kernel/cpu_errata.c | 13 +++++++++++++ 2 files changed, 17 insertions(+), 4 deletions(-) -- 2.20.1 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 2b8ee90bb644..d153bb15c8c7 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2873,10 +2873,10 @@ check bypass). With this option data leaks are possible in the system. - nospectre_v2 [X86,PPC_FSL_BOOK3E] Disable all mitigations for the Spectre variant 2 - (indirect branch prediction) vulnerability. System may - allow data leaks with this option, which is equivalent - to spectre_v2=off. + nospectre_v2 [X86,PPC_FSL_BOOK3E,ARM64] Disable all mitigations for + the Spectre variant 2 (indirect branch prediction) + vulnerability. System may allow data leaks with this + option. nospec_store_bypass_disable [HW] Disable all mitigations for the Speculative Store Bypass vulnerability diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 9950bb0cbd52..d2b2c69d31bb 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -220,6 +220,14 @@ static void qcom_link_stack_sanitization(void) : "=&r" (tmp)); } +static bool __nospectre_v2; +static int __init parse_nospectre_v2(char *str) +{ + __nospectre_v2 = true; + return 0; +} +early_param("nospectre_v2", parse_nospectre_v2); + static void enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) { @@ -231,6 +239,11 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) if (!entry->matches(entry, SCOPE_LOCAL_CPU)) return; + if (__nospectre_v2) { + pr_info_once("spectrev2 mitigation disabled by command line option\n"); + return; + } + if (psci_ops.smccc_version == SMCCC_VERSION_1_0) return; From patchwork Mon Apr 15 21:21:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162280 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418794jan; Mon, 15 Apr 2019 14:22:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqwyIx1KL9SHg1bhtyhSCfsCUVZKiFT+ulw5SMS4UB7Q1geJ34C3X8yaIdlF5OqmSH1SpDBh X-Received: by 2002:a63:4a5a:: with SMTP id j26mr72525176pgl.361.1555363350542; Mon, 15 Apr 2019 14:22:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363350; cv=none; d=google.com; s=arc-20160816; b=pNJuj9jhL1cIyFm8Nd7cZur86zKea0W1YsjcUEdmggyO/+G8zK07kZEtfiKjCfkGpn ZfRC7Jb5mK0fIzDPizjDGO9U3eo+qJTNhl/8NGFLkDGpPHKR8uVff1DpIhuwSDeppgJ+ OtiCMu5s1W3q4T+2XCYz32Txb3y3b/0AwE9g2C1L8+1xOEN3xerBZAoh2CyFZhaBj88G WuWEWWP2zzGQd4T5yeKUWXr1bykBGy9qE/7t00K55lUR4punI/ForTWMqVoadVsE6vWg XZHJ3LsG45/GYwjBvc/yD4jMTNX6f+pfdc4MazEHRV8s5ai3srBtnv44Xb7hRDyra9Vg 873A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=icZMQR98thfR3iCLpBwjnjTX/PUYNalFPwZ9x92ZF5Q=; b=frECBvUsjzTCYfpIjONR3jfZ9p7V19sWnVa5znuB/nXN6R3XqWPlssrt4UAmtYE3Rf 3iSxBYYOT8m/XQXzKJZynoecyI38tuJFxanvT0lnSRd3mu2H+QliJ95LDCuzz50PCZPe Bb2T08pL82HIvM29fzgr8fR4A9k1+YH9nZ/dGf8njUCavUl3kw6qlSGwMQyOqhGcNxWt jXfNJf6bZTZWuzUEeTWUefCRbFgniXLQPpK9vQheS0O9vJeV2BzVbGj6zWyfPARZl8+k tk741JplZ6fWTyvFmRR3MWcknPvX/irIn/mK4CB4o2oPBP9Wxv7/6RsGCb7g3sr5GZQc TvUg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q23si39542123pll.21.2019.04.15.14.22.30; Mon, 15 Apr 2019 14:22:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728225AbfDOVW2 (ORCPT + 30 others); Mon, 15 Apr 2019 17:22:28 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:42890 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728003AbfDOVVk (ORCPT ); Mon, 15 Apr 2019 17:21:40 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3C2391684; Mon, 15 Apr 2019 14:21:40 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 82A093F68F; Mon, 15 Apr 2019 14:21:39 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Mian Yousaf Kaukab , Jeremy Linton , Andre Przywara Subject: [v8 02/10] arm64: add sysfs vulnerability show for spectre v1 Date: Mon, 15 Apr 2019 16:21:21 -0500 Message-Id: <20190415212129.1112-3-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mian Yousaf Kaukab spectre v1, has been mitigated, and the mitigation is always active. Signed-off-by: Mian Yousaf Kaukab Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren Acked-by: Suzuki K Poulose --- arch/arm64/kernel/cpu_errata.c | 6 ++++++ 1 file changed, 6 insertions(+) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index d2b2c69d31bb..cf623657cf3c 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -755,3 +755,9 @@ const struct arm64_cpu_capabilities arm64_errata[] = { { } }; + +ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, + char *buf) +{ + return sprintf(buf, "Mitigation: __user pointer sanitization\n"); +} From patchwork Mon Apr 15 21:21:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162272 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418179jan; Mon, 15 Apr 2019 14:21:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqzs+2dJ5Ad8ZcmYc1O/GWyMgOLYtKznx+I4SBgColGYz2I/78KGfBb54yonZb2yKCxVIdpg X-Received: by 2002:aa7:914d:: with SMTP id 13mr78508243pfi.149.1555363306226; Mon, 15 Apr 2019 14:21:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363306; cv=none; d=google.com; s=arc-20160816; b=klFblOIwUsc98pvzZUBfaZS39JVDt+at2Epg/TcS0Wb6l7KsW/3dmG8QfqVM5XnqhG Kk4aWzoCKq8SnfuBXYDUT29W7AQ+CiLENn41TH7IrAyEa6QBRPuJw4KXF60x/2ek0gK9 dKjBJ0lxGy+v03nW3O/OYoGNs2xVAi7uvnLCMeNnI8lNeeWXQJWalm5WqhHehRpWtkPB VTcg8C0yLB926UYsab7c7uRcbr7r5FuxSBuGXyiWzw6tNOTdkNAjTpq9y8NJRKE8zsL6 aWw+OdMxIMX1Y0l3lrmmNDmHQRao6xdvwYz/BoY82fi4diT9RdTixZmfXIf48Q/+PYXY 6eow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=a6m7OOqx8DQTBLA6Hx7GSOf6BgSt5i17jWKolol5ZCg=; b=MblfIcmi1wqO0C1koJFQH/5LmXDR1KQTgYFxdzHp7IW67ZZ9Xmqt8sruuzLnT/quJG QhPVSaMJXg2aMC82+BQJO600B3fPP4iX+CYFGTlAI4VET3cwlEQwDLjfictQVnfXz+j9 AaTM5A+4JGayVt6NI20WHzkZ9CEHY10yOBx4bV1rAbBSfPbSbPrKitbG3vDDlUA6zOKq HDte6aZ86/YLoYYkRDHW0Mxc4LBj56CQgxmTnJTf2EGBWqRThE8QBB/8Mthd4kWxpAF9 dWLLYjv7/mSxzS3LqAn0ICs62fFfZV/5PPBn3VPFX+zaGZmcTRMo9TqZCoKC6xH2/y8F qYig== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k193si45383232pga.319.2019.04.15.14.21.45; Mon, 15 Apr 2019 14:21:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728068AbfDOVVp (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:45 -0400 Received: from foss.arm.com ([217.140.101.70]:42902 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728019AbfDOVVl (ORCPT ); Mon, 15 Apr 2019 17:21:41 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DF8E21688; Mon, 15 Apr 2019 14:21:40 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 43D483F68F; Mon, 15 Apr 2019 14:21:40 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 03/10] arm64: add sysfs vulnerability show for meltdown Date: Mon, 15 Apr 2019 16:21:22 -0500 Message-Id: <20190415212129.1112-4-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Display the system vulnerability status. This means that while its possible to have the mitigation enabled, the sysfs entry won't indicate that status. This is because the core ABI doesn't express the concept of mitigation when the system isn't vulnerable. Signed-off-by: Jeremy Linton Reviewed-by: Suzuki K Poulose Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/kernel/cpufeature.c | 58 ++++++++++++++++++++++++++-------- 1 file changed, 44 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 4061de10cea6..6b7e1556460a 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -947,7 +947,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope) return has_cpuid_feature(entry, scope); } -#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +static bool __meltdown_safe = true; static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, @@ -967,6 +967,16 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, { /* sentinel */ } }; char const *str = "command line option"; + bool meltdown_safe; + + meltdown_safe = is_midr_in_range_list(read_cpuid_id(), kpti_safe_list); + + /* Defer to CPU feature registers */ + if (has_cpuid_feature(entry, scope)) + meltdown_safe = true; + + if (!meltdown_safe) + __meltdown_safe = false; /* * For reasons that aren't entirely clear, enabling KPTI on Cavium @@ -978,6 +988,19 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, __kpti_forced = -1; } + /* Useful for KASLR robustness */ + if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_offset() > 0) { + if (!__kpti_forced) { + str = "KASLR"; + __kpti_forced = 1; + } + } + + if (!IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) { + pr_info_once("kernel page table isolation disabled by CONFIG\n"); + return false; + } + /* Forced? */ if (__kpti_forced) { pr_info_once("kernel page table isolation forced %s by %s\n", @@ -985,18 +1008,10 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, return __kpti_forced > 0; } - /* Useful for KASLR robustness */ - if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) - return kaslr_offset() > 0; - - /* Don't force KPTI for CPUs that are not vulnerable */ - if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) - return false; - - /* Defer to CPU feature registers */ - return !has_cpuid_feature(entry, scope); + return !meltdown_safe; } +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 static void kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) { @@ -1026,6 +1041,12 @@ kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) return; } +#else +static void +kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) +{ +} +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ static int __init parse_kpti(char *str) { @@ -1039,7 +1060,6 @@ static int __init parse_kpti(char *str) return 0; } early_param("kpti", parse_kpti); -#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ #ifdef CONFIG_ARM64_HW_AFDBM static inline void __cpu_enable_hw_dbm(void) @@ -1306,7 +1326,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { .field_pos = ID_AA64PFR0_EL0_SHIFT, .min_field_value = ID_AA64PFR0_EL0_32BIT_64BIT, }, -#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 { .desc = "Kernel page table isolation (KPTI)", .capability = ARM64_UNMAP_KERNEL_AT_EL0, @@ -1322,7 +1341,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = { .matches = unmap_kernel_at_el0, .cpu_enable = kpti_install_ng_mappings, }, -#endif { /* FP/SIMD is not implemented */ .capability = ARM64_HAS_NO_FPSIMD, @@ -2101,3 +2119,15 @@ static int __init enable_mrs_emulation(void) } core_initcall(enable_mrs_emulation); + +ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, + char *buf) +{ + if (__meltdown_safe) + return sprintf(buf, "Not affected\n"); + + if (arm64_kernel_unmapped_at_el0()) + return sprintf(buf, "Mitigation: KPTI\n"); + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Mon Apr 15 21:21:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162278 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418579jan; Mon, 15 Apr 2019 14:22:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqzGoNFYfLnidYA1COYLyZfMRPU2BUR5xjlSuMUI1gYVUslhzVpL+laSZ7tijl/veKLbJRjS X-Received: by 2002:a17:902:bd4b:: with SMTP id b11mr41424671plx.68.1555363335425; Mon, 15 Apr 2019 14:22:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363335; cv=none; d=google.com; s=arc-20160816; b=Mfcx7euaolCHnN+vcvHWjgOtH0QMGU4V0rwx4qQX4ovj0SqnbypbtyAN0WBPtKLNx6 z6ZyhbEgMIlIfkKykkgv6RRSbW4rRFh3LDffr17VlXJWdYLX3HJ6xX37mwUinF1AX4UG 7T81YsPPbhbOopVvNbw0VQ4VNyx5NG9r6WktHPRf+3HqUTsqvZpncUqpUhT8m0LZJnPh 3dBeQQ6k+5wV5SCG1Lf9DGXz5HGArJQi19mJ/k6x6FC0ccWAzkino3AaJCEJkmb3qIi6 uQDrkivg0Jhk37qhEDFunK68UvjVMpwKr8hyg1npmf2pob2j1EFlnQsccmzR1zNLlijP txJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=rVakggakiQRK+r7x8Af3Ghm8FelSfri5weU0LDMCmqQ=; b=nbRoo5RF5icFXamCgcAeU3tyXkAHMWYGYPw3QiiHQ8vOqTJhXCqycwmERUf2byQzdw bt11GR+kdLjOV61ZrSbs9kNVrMMCXgLL8QKGODLRG1THRGLykcr6/YFIX5UAUfa1FwHm r+b7ZTbzbrOqCwv39TpE+V7Iys/pss73Q7aYJm3G4Pug/yHlH01e5qaggLgSghYq8Bwv RR7Swv1lZl92imDzlid4TFk98zZNS66C6t6yAF/d1kobu08BoKvh48Em61W16B3EvpEi 1SgHXLH1DAPRQEeRAj+d45dD2qM8eEmgxUvtIA1NiWkKfJl0QLvVH86mS5qvGUpzyG5/ 0byA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s3si26670895plb.93.2019.04.15.14.22.15; Mon, 15 Apr 2019 14:22:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728197AbfDOVWN (ORCPT + 30 others); Mon, 15 Apr 2019 17:22:13 -0400 Received: from foss.arm.com ([217.140.101.70]:42916 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726041AbfDOVVm (ORCPT ); Mon, 15 Apr 2019 17:21:42 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8F2E8374; Mon, 15 Apr 2019 14:21:41 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E76E23F68F; Mon, 15 Apr 2019 14:21:40 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 04/10] arm64: Advertise mitigation of Spectre-v2, or lack thereof Date: Mon, 15 Apr 2019 16:21:23 -0500 Message-Id: <20190415212129.1112-5-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Marc Zyngier We currently have a list of CPUs affected by Spectre-v2, for which we check that the firmware implements ARCH_WORKAROUND_1. It turns out that not all firmwares do implement the required mitigation, and that we fail to let the user know about it. Instead, let's slightly revamp our checks, and rely on a whitelist of cores that are known to be non-vulnerable, and let the user know the status of the mitigation in the kernel log. Signed-off-by: Marc Zyngier [This makes more sense in front of the sysfs patch] [Pick pieces of that patch into this and move it earlier] Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Suzuki K Poulose Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 109 +++++++++++++++++---------------- 1 file changed, 56 insertions(+), 53 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index cf623657cf3c..032f1a4dbea2 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -131,9 +131,9 @@ static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start, __flush_icache_range((uintptr_t)dst, (uintptr_t)dst + SZ_2K); } -static void __install_bp_hardening_cb(bp_hardening_cb_t fn, - const char *hyp_vecs_start, - const char *hyp_vecs_end) +static void install_bp_hardening_cb(bp_hardening_cb_t fn, + const char *hyp_vecs_start, + const char *hyp_vecs_end) { static DEFINE_RAW_SPINLOCK(bp_lock); int cpu, slot = -1; @@ -169,7 +169,7 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn, #define __smccc_workaround_1_smc_start NULL #define __smccc_workaround_1_smc_end NULL -static void __install_bp_hardening_cb(bp_hardening_cb_t fn, +static void install_bp_hardening_cb(bp_hardening_cb_t fn, const char *hyp_vecs_start, const char *hyp_vecs_end) { @@ -177,23 +177,6 @@ static void __install_bp_hardening_cb(bp_hardening_cb_t fn, } #endif /* CONFIG_KVM_INDIRECT_VECTORS */ -static void install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry, - bp_hardening_cb_t fn, - const char *hyp_vecs_start, - const char *hyp_vecs_end) -{ - u64 pfr0; - - if (!entry->matches(entry, SCOPE_LOCAL_CPU)) - return; - - pfr0 = read_cpuid(ID_AA64PFR0_EL1); - if (cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_CSV2_SHIFT)) - return; - - __install_bp_hardening_cb(fn, hyp_vecs_start, hyp_vecs_end); -} - #include #include #include @@ -228,31 +211,27 @@ static int __init parse_nospectre_v2(char *str) } early_param("nospectre_v2", parse_nospectre_v2); -static void -enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) +/* + * -1: No workaround + * 0: No workaround required + * 1: Workaround installed + */ +static int detect_harden_bp_fw(void) { bp_hardening_cb_t cb; void *smccc_start, *smccc_end; struct arm_smccc_res res; u32 midr = read_cpuid_id(); - if (!entry->matches(entry, SCOPE_LOCAL_CPU)) - return; - - if (__nospectre_v2) { - pr_info_once("spectrev2 mitigation disabled by command line option\n"); - return; - } - if (psci_ops.smccc_version == SMCCC_VERSION_1_0) - return; + return -1; switch (psci_ops.conduit) { case PSCI_CONDUIT_HVC: arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); if ((int)res.a0 < 0) - return; + return -1; cb = call_hvc_arch_workaround_1; /* This is a guest, no need to patch KVM vectors */ smccc_start = NULL; @@ -263,23 +242,23 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry) arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); if ((int)res.a0 < 0) - return; + return -1; cb = call_smc_arch_workaround_1; smccc_start = __smccc_workaround_1_smc_start; smccc_end = __smccc_workaround_1_smc_end; break; default: - return; + return -1; } if (((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR) || ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) cb = qcom_link_stack_sanitization; - install_bp_hardening_cb(entry, cb, smccc_start, smccc_end); + install_bp_hardening_cb(cb, smccc_start, smccc_end); - return; + return 1; } #endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ @@ -521,24 +500,48 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) CAP_MIDR_RANGE_LIST(midr_list) #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR - /* - * List of CPUs where we need to issue a psci call to - * harden the branch predictor. + * List of CPUs that do not need any Spectre-v2 mitigation at all. */ -static const struct midr_range arm64_bp_harden_smccc_cpus[] = { - MIDR_ALL_VERSIONS(MIDR_CORTEX_A57), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A72), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), - MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), - MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), - MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2), - MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR_V1), - MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR), - MIDR_ALL_VERSIONS(MIDR_NVIDIA_DENVER), - {}, +static const struct midr_range spectre_v2_safe_list[] = { + MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A53), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A55), + { /* sentinel */ } }; +static bool __maybe_unused +check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) +{ + int need_wa; + + WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); + + /* If the CPU has CSV2 set, we're safe */ + if (cpuid_feature_extract_unsigned_field(read_cpuid(ID_AA64PFR0_EL1), + ID_AA64PFR0_CSV2_SHIFT)) + return false; + + /* Alternatively, we have a list of unaffected CPUs */ + if (is_midr_in_range_list(read_cpuid_id(), spectre_v2_safe_list)) + return false; + + /* Fallback to firmware detection */ + need_wa = detect_harden_bp_fw(); + if (!need_wa) + return false; + + /* forced off */ + if (__nospectre_v2) { + pr_info_once("spectrev2 mitigation disabled by command line option\n"); + return false; + } + + if (need_wa < 0) + pr_warn_once("ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware\n"); + + return (need_wa > 0); +} #endif #ifdef CONFIG_HARDEN_EL2_VECTORS @@ -717,8 +720,8 @@ const struct arm64_cpu_capabilities arm64_errata[] = { #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR { .capability = ARM64_HARDEN_BRANCH_PREDICTOR, - .cpu_enable = enable_smccc_arch_workaround_1, - ERRATA_MIDR_RANGE_LIST(arm64_bp_harden_smccc_cpus), + .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, + .matches = check_branch_predictor, }, #endif #ifdef CONFIG_HARDEN_EL2_VECTORS From patchwork Mon Apr 15 21:21:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162279 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418636jan; Mon, 15 Apr 2019 14:22:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqyUxL8T2/kenXyJnKYw6aOtU9qa+m2iz6X6Di3Zsuizpwg7buiN2ULGBrihewHKbmQfoCcW X-Received: by 2002:a65:608a:: with SMTP id t10mr60614832pgu.125.1555363339274; Mon, 15 Apr 2019 14:22:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363339; cv=none; d=google.com; s=arc-20160816; b=WfPuPkLDMVZQRdW82mDeZwjwqsk/Tb/NUz++85ohs+TIV0RA25PhWDyqgNgf0Gpfcd Er28QdnPQ8zXeBUATc+9Hvc4eIXTUxxLhQBGyXh0XgaoRCgnO5vdyQjR0zGLbDo+0SRD Lycko9DN8jFQybuZh7xzHV3o9cTGGKICZdX1eADO40SHivPH6jScjEU++2zqDuwJmkvg xg1zlc+ZKL6wiUI5IAgpkaS79EFTHrA15zXvo5no70tLjfO47Zc2eaDJt787aJms1XB+ MEY6gj6FATkanMRhV/3WrX9t1p4iDxDv+pC/anvmg0htUN04PbDGMLCKiN+q7oMa8O6M hVNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=IdW32AdxoA9VbkjcaG360AzZjbEGPKAgmSzvLha/H38=; b=lpu2vhOJhoIw4+zdKfg1rgpCNCZGZiA1KeACDkRFif1ucu5aO+20TYHXJu86RpJ7AD oNQtf4lWcCfjzpoUCi91tie39KVfgY30no5t/DnwVMoGVYZLVG4AnNke6wlwrpfzAY8+ 0sJaAhssVD/GSg3cpJ5neGSKuJBa+2J79aoikFgR4/aaJ3cGlcALqaBpbSA/+TUGLtrV 6sqAuMVoqnteTZigrhFvHtsP0ND1p6NjhG/iACTsDK87+G7xsXz/gfQE9fYJ2hKag7Ia 3YLAtZr84jUSwz+pchPwF1pFYprjke4DUhut7tMdASHxeY7JfpiFpKxP1q3scOxpukHC Sb6g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g4si26534362plb.168.2019.04.15.14.22.19; Mon, 15 Apr 2019 14:22:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728174AbfDOVWN (ORCPT + 30 others); Mon, 15 Apr 2019 17:22:13 -0400 Received: from foss.arm.com ([217.140.101.70]:42926 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727760AbfDOVVm (ORCPT ); Mon, 15 Apr 2019 17:21:42 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3E41FA78; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 96AD13F68F; Mon, 15 Apr 2019 14:21:41 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 05/10] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Date: Mon, 15 Apr 2019 16:21:24 -0500 Message-Id: <20190415212129.1112-6-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Marc Zyngier The SMCCC ARCH_WORKAROUND_1 service can indicate that although the firmware knows about the Spectre-v2 mitigation, this particular CPU is not vulnerable, and it is thus not necessary to call the firmware on this CPU. Let's use this information to our benefit. Signed-off-by: Marc Zyngier Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 032f1a4dbea2..60cf87c4deb7 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -230,22 +230,36 @@ static int detect_harden_bp_fw(void) case PSCI_CONDUIT_HVC: arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); - if ((int)res.a0 < 0) + switch ((int)res.a0) { + case 1: + /* Firmware says we're just fine */ + return 0; + case 0: + cb = call_hvc_arch_workaround_1; + /* This is a guest, no need to patch KVM vectors */ + smccc_start = NULL; + smccc_end = NULL; + break; + default: return -1; - cb = call_hvc_arch_workaround_1; - /* This is a guest, no need to patch KVM vectors */ - smccc_start = NULL; - smccc_end = NULL; + } break; case PSCI_CONDUIT_SMC: arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID, ARM_SMCCC_ARCH_WORKAROUND_1, &res); - if ((int)res.a0 < 0) + switch ((int)res.a0) { + case 1: + /* Firmware says we're just fine */ + return 0; + case 0: + cb = call_smc_arch_workaround_1; + smccc_start = __smccc_workaround_1_smc_start; + smccc_end = __smccc_workaround_1_smc_end; + break; + default: return -1; - cb = call_smc_arch_workaround_1; - smccc_start = __smccc_workaround_1_smc_start; - smccc_end = __smccc_workaround_1_smc_end; + } break; default: From patchwork Mon Apr 15 21:21:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162273 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418195jan; Mon, 15 Apr 2019 14:21:47 -0700 (PDT) X-Google-Smtp-Source: APXvYqyc8Cu2/Fa0MeIilKxwaRdqShHe4GCzHxOJq+mEBNeJpV9Cyo4NTZHgknUAbUfbH0zj3E5U X-Received: by 2002:a62:59cb:: with SMTP id k72mr79031996pfj.111.1555363307770; Mon, 15 Apr 2019 14:21:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363307; cv=none; d=google.com; s=arc-20160816; b=YByOEJ92uNvqvlfavvfiu6d+A35Qbw/w4BeJrWqFkzCwxRfxlmhe6r0pkNS9n9AOwF tAjobHbC1a5yjXMNtLWSwg8UzRa63ENUDWyzBbRqNPdxBDRr8G57wsHEr//2kNV2SR3e Zwp68apV/kPISdo300Gjqu32ESlHQ3Hvpt3/P4hdjwMdBCPt75jvYY9x+mSR46+YOKOw 8oAGqrdZM70f3kAHkWW7mAU691k2UZh/mZ/0ELs1oVWX9/2MRL/4wOSncxX9WF0Kvlr/ dGDnG+gbWMJ6emySJGlULsOnwB+O8VZkmnETkyHjeEV1iIpm0TbO5F4a060Ib6jHCT9a OPRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=rQCESJdc6KbVv9lW5790OcnC6ct5HRBCHKVdR3iQHi0=; b=lniDHRoxkSXgRf2jG+Ne/Bm3hgSflbhodyxlDoawuvQZj56bgkATJ5tI8UZpgxVF45 guupPm/HXFdkNVfqJF/SwOl3gWeEjjflt6sKvPwBOouDLRG9pcGgqwgpdcjQiSc1OMuu qy9KiDwfCqFB+AoEkHw6UiShcVmq2GYO7N7PcfXRYQRwVEk1R1xVz3pU39oXxY/EKR36 QgvfiCl1xm2cbPNhzWXmhWTBRlY1mqOVV9sC2J0Qy2QJ7XOPzh26Zf8/+7cUkFMXXLDZ LKH1crsI1W8oqQl7vpBQ9/+5u+es5XBC/9GaXALSAXGbHDOBvABX1a4OCP/mGv6hINA+ IR6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x9si39124931pgx.212.2019.04.15.14.21.47; Mon, 15 Apr 2019 14:21:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728088AbfDOVVq (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:46 -0400 Received: from foss.arm.com ([217.140.101.70]:42942 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728035AbfDOVVn (ORCPT ); Mon, 15 Apr 2019 17:21:43 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E18D0168F; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 45F0F3F68F; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 06/10] arm64: Always enable spectrev2 vulnerability detection Date: Mon, 15 Apr 2019 16:21:25 -0500 Message-Id: <20190415212129.1112-7-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The sysfs patches need to display machine vulnerability status regardless of kernel config. Prepare for that by breaking out the vulnerability/mitigation detection code from the logic which implements the mitigation. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 60cf87c4deb7..bd2cdd22da99 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -109,7 +109,6 @@ cpu_enable_trap_ctr_access(const struct arm64_cpu_capabilities *__unused) atomic_t arm64_el2_vector_last_slot = ATOMIC_INIT(-1); -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR #include #include @@ -270,11 +269,11 @@ static int detect_harden_bp_fw(void) ((midr & MIDR_CPU_MODEL_MASK) == MIDR_QCOM_FALKOR_V1)) cb = qcom_link_stack_sanitization; - install_bp_hardening_cb(cb, smccc_start, smccc_end); + if (IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) + install_bp_hardening_cb(cb, smccc_start, smccc_end); return 1; } -#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ #ifdef CONFIG_ARM64_SSBD DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); @@ -513,7 +512,6 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, \ CAP_MIDR_RANGE_LIST(midr_list) -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR /* * List of CPUs that do not need any Spectre-v2 mitigation at all. */ @@ -545,6 +543,11 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) if (!need_wa) return false; + if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { + pr_warn_once("spectrev2 mitigation disabled by configuration\n"); + return false; + } + /* forced off */ if (__nospectre_v2) { pr_info_once("spectrev2 mitigation disabled by command line option\n"); @@ -556,7 +559,6 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) return (need_wa > 0); } -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS @@ -731,13 +733,11 @@ const struct arm64_cpu_capabilities arm64_errata[] = { ERRATA_MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), }, #endif -#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR { .capability = ARM64_HARDEN_BRANCH_PREDICTOR, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = check_branch_predictor, }, -#endif #ifdef CONFIG_HARDEN_EL2_VECTORS { .desc = "EL2 vector hardening", From patchwork Mon Apr 15 21:21:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162276 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418437jan; Mon, 15 Apr 2019 14:22:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqwSWea/rCb5FyBICEn/Ho7eu77JpXqSPE8sdMK442fAx5rIKfSsEb8jYYWqOnK52zW/h+Yf X-Received: by 2002:a17:902:820c:: with SMTP id x12mr78595562pln.199.1555363325280; Mon, 15 Apr 2019 14:22:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363325; cv=none; d=google.com; s=arc-20160816; b=wq9XR2hHJ8mGeKAAzNMMxlYOtitKZfZ1ZU8S9ZtcXzplob7ZHX2Grf6pCfWItcYbJm gKZfBGujBgk4FtPavTU+UFqlQqwntOweoEwTqPTl3vZqdJDM8nVmFntNKN2mTE+ymsHc UxvPR/ElAwp/4+dAB+qKwT0ILm2j37WJrOrGY9Vc54x0rVvCd7f77uHqIxyVqOqIkquL Jce5neNyKakh6zYveOkfq/80WmSKR1sbTdT1n/g3hhVrf9eCYFxMOx2+c+nyW0B1sL0j xRXIhZJw/sblfEKmFgZae2dO7g9W/Va7tfRJ1xWLywRR7hYR4JqvHHmJxLSe/WDH0YPB beXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=pOMdwosS4Ht216sx8iW9c71mwbmeE5TzFujvz5D+9ko=; b=n2+kTsQ0LZuxG6qQoALT9qpTJHZBlX8bbUyiahYLHM+PBpS5rXcj4pAFWn2ugTSNSv 9oFvet0mDnIK3yRbIPrX2ZHFBY7tQevSz8PAY3RMVg6vc79sj/tVFC0WKQhBT0NiSzB6 9w1c7x9a6WAMRCFwXUIX1g/4UxmGax6x5GV/wbHTHqN5MPdbmFdhBW8qu1j6YEpRETno gesMJxNb6zfoiZ5oaNdBJLuEHMvaUA5/ti8QnkWVKiO/GFkjdVmqiCd7ijUqys9hI/k9 WBKZgQ9kGvZuH1RKkoKVbkSSoW2M8m+cf8AFDMz+Ty5x+BsIEDul7viHirB4oB5W3Drt 0saw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a64si46197305pge.592.2019.04.15.14.22.04; Mon, 15 Apr 2019 14:22:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727899AbfDOVWE (ORCPT + 30 others); Mon, 15 Apr 2019 17:22:04 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:42952 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728043AbfDOVVo (ORCPT ); Mon, 15 Apr 2019 17:21:44 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 90DB01688; Mon, 15 Apr 2019 14:21:43 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E94713F68F; Mon, 15 Apr 2019 14:21:42 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 07/10] arm64: add sysfs vulnerability show for spectre v2 Date: Mon, 15 Apr 2019 16:21:26 -0500 Message-Id: <20190415212129.1112-8-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add code to track whether all the cores in the machine are vulnerable, and whether all the vulnerable cores have been mitigated. Once we have that information we can add the sysfs stub and provide an accurate view of what is known about the machine. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/kernel/cpu_errata.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) -- 2.20.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index bd2cdd22da99..e51ddcb197c0 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -512,6 +512,10 @@ cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, \ CAP_MIDR_RANGE_LIST(midr_list) +/* Track overall mitigation state. We are only mitigated if all cores are ok */ +static bool __hardenbp_enab = true; +static bool __spectrev2_safe = true; + /* * List of CPUs that do not need any Spectre-v2 mitigation at all. */ @@ -522,6 +526,10 @@ static const struct midr_range spectre_v2_safe_list[] = { { /* sentinel */ } }; +/* + * Track overall bp hardening for all heterogeneous cores in the machine. + * We are only considered "safe" if all booted cores are known safe. + */ static bool __maybe_unused check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) { @@ -543,19 +551,25 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) if (!need_wa) return false; + __spectrev2_safe = false; + if (!IS_ENABLED(CONFIG_HARDEN_BRANCH_PREDICTOR)) { pr_warn_once("spectrev2 mitigation disabled by configuration\n"); + __hardenbp_enab = false; return false; } /* forced off */ if (__nospectre_v2) { pr_info_once("spectrev2 mitigation disabled by command line option\n"); + __hardenbp_enab = false; return false; } - if (need_wa < 0) + if (need_wa < 0) { pr_warn_once("ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware\n"); + __hardenbp_enab = false; + } return (need_wa > 0); } @@ -778,3 +792,15 @@ ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, { return sprintf(buf, "Mitigation: __user pointer sanitization\n"); } + +ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, + char *buf) +{ + if (__spectrev2_safe) + return sprintf(buf, "Not affected\n"); + + if (__hardenbp_enab) + return sprintf(buf, "Mitigation: Branch predictor hardening\n"); + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Mon Apr 15 21:21:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162277 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418491jan; Mon, 15 Apr 2019 14:22:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqxvLpw9hcU6AWaf1s+lEZrqWwrStG5xGaSN+Y0+dKiEuf2IwWpZY+jKk8ja5hklRKXGAJl3 X-Received: by 2002:a63:f115:: with SMTP id f21mr67331437pgi.65.1555363328789; Mon, 15 Apr 2019 14:22:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363328; cv=none; d=google.com; s=arc-20160816; b=L1OwZxegageKP8VCS3oFcj05hmbRrti9xT72okWOucBm208l50zlKmr6uxtq4JkUQx 2BdCRAV280ezm3WbYZKsbpW4tkxETXm2J9Wj/2HbRAy0eq2m38l3C7dAy+GGVoSjiP4W 3MjemZgjfcWaHmk/ovDkv/SgTSiYG+yVTNmUFT3FHh2n3XJPqA4SOy6w5hMiW/lPucTN sISssPDKoisrNlk5PaK3OvR7PSrHaHpVGZrwe3mbd3qDZ2kN5H748Zl6ORuHjS8r5B/o qnCifb0JpnNUgax8UQLqWqhrs/sMumdd9AP+Ppe71t1M/hkx/L2hIhN/DbLdRE73xq8H UGfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ccTWvIJePO3wJVksu7m93zMwGxHKarWYm3YSINZmFF0=; b=ddonsBAMcjrb+G4P41xJ+S2vFwOjkCz/T3s3UWhkqRsk+KnoP14zkuvlzMqpPwXmEO MTOLzbXzg8yQBc0kZFZ/KTQzlReedkX8YB4HWt9h7tqmoxKWMc59CeqdfCSuuUZVcngq Arqn4x2mxyjc79b4MDDkdnH6PcTLe8pK5rO12P9Esc+j++rygRdRSwFqpreo+zvW3vpU kxVimCX9CFug/wdC0OurKjPw+RV10LvIZOJ3TrW7Urw7kSDgueM751QATDkBe++4NBjv Xr2/6rAKjiwX4gUPGOr/1Vgkk9XNsQdFvQmLV7NwSMzdySsDivnRTdz1VwxN0F2FYG2E LA6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s3si26670895plb.93.2019.04.15.14.22.08; Mon, 15 Apr 2019 14:22:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728142AbfDOVWC (ORCPT + 30 others); Mon, 15 Apr 2019 17:22:02 -0400 Received: from foss.arm.com ([217.140.101.70]:42962 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728045AbfDOVVo (ORCPT ); Mon, 15 Apr 2019 17:21:44 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 401CC1684; Mon, 15 Apr 2019 14:21:44 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 989AE3F68F; Mon, 15 Apr 2019 14:21:43 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre Przywara Subject: [v8 08/10] arm64: Always enable ssb vulnerability detection Date: Mon, 15 Apr 2019 16:21:27 -0500 Message-Id: <20190415212129.1112-9-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The ssb detection logic is necessary regardless of whether the vulnerability mitigation code is built into the kernel. Break it out so that the CONFIG option only controls the mitigation logic and not the vulnerability detection. Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/include/asm/cpufeature.h | 4 ---- arch/arm64/kernel/cpu_errata.c | 11 +++++++---- 2 files changed, 7 insertions(+), 8 deletions(-) -- 2.20.1 diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h index e505e1fbd2b9..6ccdc97e5d6a 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -638,11 +638,7 @@ static inline int arm64_get_ssbd_state(void) #endif } -#ifdef CONFIG_ARM64_SSBD void arm64_set_ssbd_mitigation(bool state); -#else -static inline void arm64_set_ssbd_mitigation(bool state) {} -#endif extern int do_emulate_mrs(struct pt_regs *regs, u32 sys_reg, u32 rt); diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index e51ddcb197c0..5814645afd73 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -275,7 +275,6 @@ static int detect_harden_bp_fw(void) return 1; } -#ifdef CONFIG_ARM64_SSBD DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); int ssbd_state __read_mostly = ARM64_SSBD_KERNEL; @@ -346,6 +345,7 @@ void __init arm64_enable_wa2_handling(struct alt_instr *alt, *updptr = cpu_to_le32(aarch64_insn_gen_nop()); } +#ifdef CONFIG_ARM64_SSBD void arm64_set_ssbd_mitigation(bool state) { if (this_cpu_has_cap(ARM64_SSBS)) { @@ -370,6 +370,12 @@ void arm64_set_ssbd_mitigation(bool state) break; } } +#else +void arm64_set_ssbd_mitigation(bool state) +{ + pr_info_once("SSBD disabled by kernel configuration\n"); +} +#endif /* CONFIG_ARM64_SSBD */ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, int scope) @@ -467,7 +473,6 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, return required; } -#endif /* CONFIG_ARM64_SSBD */ static void __maybe_unused cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) @@ -759,14 +764,12 @@ const struct arm64_cpu_capabilities arm64_errata[] = { ERRATA_MIDR_RANGE_LIST(arm64_harden_el2_vectors), }, #endif -#ifdef CONFIG_ARM64_SSBD { .desc = "Speculative Store Bypass Disable", .capability = ARM64_SSBD, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = has_ssbd_mitigation, }, -#endif #ifdef CONFIG_ARM64_ERRATUM_1188873 { /* Cortex-A76 r0p0 to r2p0 */ From patchwork Mon Apr 15 21:21:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162275 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418331jan; Mon, 15 Apr 2019 14:21:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqw4B88akBaXAGB2KEYMEx3D3rLYzVZTZdvmPB7Bnm8rVaD6dnXnPHir9Nbq7joZimOKYV+O X-Received: by 2002:a63:1548:: with SMTP id 8mr67776332pgv.277.1555363317427; Mon, 15 Apr 2019 14:21:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363317; cv=none; d=google.com; s=arc-20160816; b=HivyHQ0Ih0T2xXAbQTBVPNyKjxBxrK39QlUMTpwq7sttx5YrSWUM4/JH6r6Kkgk7TS uwxBu8sEIWXg7mtnAqannLTYWgoNKP8CToh3nwyFOBw2Q7PVzUThTKL5ChkIHAwiYPpO LORB33qa9dDo8mc65CldqcBM0CUL3oe4UgdFwSyUQjXlZLLaGDEA4G544ijbcBHH3gDA /qQLUPOBrSF7BskrwUAHYqq5GdEWHpzWFZcmvpfJeoBZrVMK1EkDhVMFC4uWSV6BYWns MDNL+j0y+KLJNarGdwJ6r3qwDrCNFeOwU2Lp2f6+TKe5G0xQmAurUGvi0OxJnaHRDO5E yoqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=4IPirhIWpEhHX50QcML3PL4JkIvCza74un+fVA/lSg4=; b=yzWsioe1YJxchqrtw6FjgqSH2c+3nszS2dQXCRsg1YD4DOrIZtNnv7UKXQW4YdGq/z mEhWljsmfeyUhaKRDiDCnz5BEF+0NbNHbD07unqrYwcNhebV2EFjgmVRdWknrboIrGE3 RPIaAY+RHQgpolt1y5WqBbO5xvAeq2Zlw5jBB4i6IKuy+qvmOTwLbvmd9ER/rxKgDgHJ AhYDrRelPT/r9K6gjj1BJvxUGI9rfV6GgJwjjl3DNnhk70Lw9SzveIs5mmSEx1xFE/s3 rgnkkpQhMadIQs5CkKc7RpYZXKU/0H+5avZu89RSDB7M5XNXlFGHKP67Dh3LnTDntQZB bPEg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a64si46197305pge.592.2019.04.15.14.21.57; Mon, 15 Apr 2019 14:21:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728120AbfDOVV4 (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:56 -0400 Received: from foss.arm.com ([217.140.101.70]:42926 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728055AbfDOVVp (ORCPT ); Mon, 15 Apr 2019 17:21:45 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DA729374; Mon, 15 Apr 2019 14:21:44 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 47CD83F68F; Mon, 15 Apr 2019 14:21:44 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton Subject: [v8 09/10] arm64: add sysfs vulnerability show for speculative store bypass Date: Mon, 15 Apr 2019 16:21:28 -0500 Message-Id: <20190415212129.1112-10-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return status based on ssbd_state and __ssb_safe. If the mitigation is disabled, or the firmware isn't responding then return the expected machine state based on a whitelist of known good cores. Given a heterogeneous machine, the overall machine vulnerability defaults to safe but is reset to unsafe when we miss the whitelist and the firmware doesn't explicitly tell us the core is safe. In order to make that work we delay transitioning to vulnerable until we know the firmware isn't responding to avoid a case where we miss the whitelist, but the firmware goes ahead and reports the core is not vulnerable. If all the cores in the machine have SSBS, then __ssb_safe will remain true. Signed-off-by: Jeremy Linton --- arch/arm64/kernel/cpu_errata.c | 42 ++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) -- 2.20.1 Tested-by: Stefan Wahren diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 5814645afd73..91e551e0ad28 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -278,6 +278,7 @@ static int detect_harden_bp_fw(void) DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required); int ssbd_state __read_mostly = ARM64_SSBD_KERNEL; +static bool __ssb_safe = true; static const struct ssbd_options { const char *str; @@ -383,6 +384,7 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, struct arm_smccc_res res; bool required = true; s32 val; + bool this_cpu_safe = false; WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); @@ -391,8 +393,14 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, goto out_printmsg; } + /* delay setting __ssb_safe until we get a firmware response */ + if (is_midr_in_range_list(read_cpuid_id(), entry->midr_range_list)) + this_cpu_safe = true; + if (psci_ops.smccc_version == SMCCC_VERSION_1_0) { ssbd_state = ARM64_SSBD_UNKNOWN; + if (!this_cpu_safe) + __ssb_safe = false; return false; } @@ -409,6 +417,8 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, default: ssbd_state = ARM64_SSBD_UNKNOWN; + if (!this_cpu_safe) + __ssb_safe = false; return false; } @@ -417,14 +427,18 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, switch (val) { case SMCCC_RET_NOT_SUPPORTED: ssbd_state = ARM64_SSBD_UNKNOWN; + if (!this_cpu_safe) + __ssb_safe = false; return false; + /* machines with mixed mitigation requirements must not return this */ case SMCCC_RET_NOT_REQUIRED: pr_info_once("%s mitigation not required\n", entry->desc); ssbd_state = ARM64_SSBD_MITIGATED; return false; case SMCCC_RET_SUCCESS: + __ssb_safe = false; required = true; break; @@ -434,6 +448,8 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, default: WARN_ON(1); + if (!this_cpu_safe) + __ssb_safe = false; return false; } @@ -474,6 +490,14 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, return required; } +/* known invulnerable cores */ +static const struct midr_range arm64_ssb_cpus[] = { + MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A53), + MIDR_ALL_VERSIONS(MIDR_CORTEX_A55), + {}, +}; + static void __maybe_unused cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) { @@ -769,6 +793,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = { .capability = ARM64_SSBD, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = has_ssbd_mitigation, + .midr_range_list = arm64_ssb_cpus, }, #ifdef CONFIG_ARM64_ERRATUM_1188873 { @@ -807,3 +832,20 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, return sprintf(buf, "Vulnerable\n"); } + +ssize_t cpu_show_spec_store_bypass(struct device *dev, + struct device_attribute *attr, char *buf) +{ + if (__ssb_safe) + return sprintf(buf, "Not affected\n"); + + switch (ssbd_state) { + case ARM64_SSBD_KERNEL: + case ARM64_SSBD_FORCE_ENABLE: + if (IS_ENABLED(CONFIG_ARM64_SSBD)) + return sprintf(buf, + "Mitigation: Speculative Store Bypass disabled via prctl\n"); + } + + return sprintf(buf, "Vulnerable\n"); +} From patchwork Mon Apr 15 21:21:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162274 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418253jan; Mon, 15 Apr 2019 14:21:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqwSiucrj5i4lV0I3ZdpYpJcszemSGxCf5JeIGAeOTd4pkpRq7C38T1ZNZ9rhFmHDI8yLTR9 X-Received: by 2002:a63:5a4b:: with SMTP id k11mr37694746pgm.119.1555363311414; Mon, 15 Apr 2019 14:21:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363311; cv=none; d=google.com; s=arc-20160816; b=B6YIuA9aH//bCmLT3dWI63QO9b0TRGzjqS6SG5jMfHM4jaLQC7WB/sJi8+sJBv8fO5 W+TdT0pZaaWpbzl3N9L7d+wsqKcIN0ilVG0jjwXy8jx8Gh5F6XgRAoPbkX101kqkp2Oz kek6v6/F8JrXxYNAba0vFNxoteykmtd6Am0wn8bih8cJsSjTqWArOKc/SduEWMWtRMek DC1GP97HrhTeqqsDruVOJEw+2dM/qcB8LRBKjnD2VCNtzf/73LDN4RKA1A1J9+b03Z11 StAgkGFOPQgdNKe4jczPNvSwKQHtGsWE6hNt+jt6vG4xAcDbVr2HyuY9otaqj0pNm0tO FnAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=0845eMM+JUdB6xRyCHRa3XSXP/YqZLXGOWQ2raqbAS0=; b=qSJSkrEY05imrEo/ek0JfyUYLzV/ZdVdkn5JRKOxqm0cS2W6ifxfXKPLOL0kbQp4qe BgH4OZ+QfRlbcRsQdVBTKVUn6t640TlHYwVJiuGgO6QKkp2Nj1yXs0ektK1caJTRJlsY r3Mie5awTSaJ/kHvGYcaqXP40y9uGNWwZUNOXail0d5bLNCKFrPwNkx/y4R6AqmUIGol RUOlztkUrw23u3cT3W4GwMXKRfbIpSqZFZW2QTFYtL85+zro8ZXxjylsxLj76+I1Cl5o CoqHyuqK+wuln9SodE/AaP19+K57he1HtNrBNDdaLx033t17t1Rgxl7EaJ67ngZtGpOB kDhA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x9si39124931pgx.212.2019.04.15.14.21.51; Mon, 15 Apr 2019 14:21:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728104AbfDOVVt (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:49 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:42972 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728081AbfDOVVp (ORCPT ); Mon, 15 Apr 2019 17:21:45 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9BAF81715; Mon, 15 Apr 2019 14:21:45 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E24063F721; Mon, 15 Apr 2019 14:21:44 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Mian Yousaf Kaukab , Jeremy Linton , Andre Przywara Subject: [v8 10/10] arm64: enable generic CPU vulnerabilites support Date: Mon, 15 Apr 2019 16:21:29 -0500 Message-Id: <20190415212129.1112-11-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190415212129.1112-1-jeremy.linton@arm.com> References: <20190415212129.1112-1-jeremy.linton@arm.com> MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mian Yousaf Kaukab Enable CPU vulnerabilty show functions for spectre_v1, spectre_v2, meltdown and store-bypass. Signed-off-by: Mian Yousaf Kaukab Signed-off-by: Jeremy Linton Reviewed-by: Andre Przywara Reviewed-by: Catalin Marinas Tested-by: Stefan Wahren --- arch/arm64/Kconfig | 1 + 1 file changed, 1 insertion(+) -- 2.20.1 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 7e34b9eba5de..6a7b7d4e0e90 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -90,6 +90,7 @@ config ARM64 select GENERIC_CLOCKEVENTS select GENERIC_CLOCKEVENTS_BROADCAST select GENERIC_CPU_AUTOPROBE + select GENERIC_CPU_VULNERABILITIES select GENERIC_EARLY_IOREMAP select GENERIC_IDLE_POLL_SETUP select GENERIC_IRQ_MULTI_HANDLER