From patchwork Fri Sep 18 16:47:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 263782 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B234C43464 for ; Fri, 18 Sep 2020 16:47:43 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CEB2C207D3 for ; Fri, 18 Sep 2020 16:47:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447662; bh=w7vFsvPBq3nzYv8w4nyIwlksGEBrob9M68Pl7nTluJ0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=fHKfphmZFdpNBIHD/+ypBp7fdaCIB7dby8g/Ly5Lrh6lTBK8oAa5ZrsjuzYyEry9Y MnZx+ClHpegdapmCc7KfWpKMdrhxIsKbHlWE+iNa+nhsL9tpACLESXWShLCeT0UP1c GQeNcMtIBNkEn6NMpRWjsv6zx+c0S3pk/vhE5yoM= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726367AbgIRQrm (ORCPT ); Fri, 18 Sep 2020 12:47:42 -0400 Received: from mail.kernel.org ([198.145.29.99]:45498 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726361AbgIRQrm (ORCPT ); Fri, 18 Sep 2020 12:47:42 -0400 Received: from localhost.localdomain (236.31.169.217.in-addr.arpa [217.169.31.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A261220848; Fri, 18 Sep 2020 16:47:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447661; bh=w7vFsvPBq3nzYv8w4nyIwlksGEBrob9M68Pl7nTluJ0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=C0orgizZCadlf2Q7YJ34LL8hP4XfP7C/b4PsTMpeXNBINNhLMdkNu0BDVwoLmlGBb NRp+AVrFShsG3c/SZAnljMqqR/qs4HNIQLGZhwpuEhqGs4Omcs2DAkifdvN+mOJjkS bjsimz48AnhLZpnKmoJuPrqInU1NMtD4Uu8ghSpQ= From: Will Deacon To: linux-arm-kernel@lists.infradead.org Cc: Will Deacon , Catalin Marinas , Suzuki K Poulose , David Brazdil , Marc Zyngier , stable@vger.kernel.org Subject: [PATCH 01/19] arm64: Make use of ARCH_WORKAROUND_1 even when KVM is not enabled Date: Fri, 18 Sep 2020 17:47:11 +0100 Message-Id: <20200918164729.31994-2-will@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200918164729.31994-1-will@kernel.org> References: <20200918164729.31994-1-will@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Marc Zyngier We seem to be pretending that we don't have any firmware mitigation when KVM is not compiled in, which is not quite expected. Bring back the mitigation in this case. Fixes: 4db61fef16a1 ("arm64: kvm: Modernize __smccc_workaround_1_smc_start annotations") Cc: Signed-off-by: Marc Zyngier Signed-off-by: Will Deacon --- arch/arm64/kernel/cpu_errata.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index c332d49780dc..88966496806a 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -234,14 +234,17 @@ static int detect_harden_bp_fw(void) smccc_end = NULL; break; -#if IS_ENABLED(CONFIG_KVM) case SMCCC_CONDUIT_SMC: cb = call_smc_arch_workaround_1; +#if IS_ENABLED(CONFIG_KVM) smccc_start = __smccc_workaround_1_smc; smccc_end = __smccc_workaround_1_smc + __SMCCC_WORKAROUND_1_SMC_SZ; - break; +#else + smccc_start = NULL; + smccc_end = NULL; #endif + break; default: return -1; From patchwork Fri Sep 18 16:47:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 263781 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D5CAC43464 for ; Fri, 18 Sep 2020 16:47:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3BC5F207D3 for ; Fri, 18 Sep 2020 16:47:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447668; bh=VXUNsN1XPreMcAXiT3v9T3RtLBfrasyzA2EQatmr8a4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=CIeHfybORfq0U50cQGhKPQ4Kv/Re1sbY2GEqTf+dKlveB63slORww5RfzY8dR1Tfr ekH5DTKjPA+WiD2XbkBJ86R5Mj7VA+1z0xM8S+XfiW5mg7yQv83yujF+/hHUeQIHRf THg9pQJtKkZ5/0cOuf3r7XSTMJ5gp5RBmczf3sD8= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726411AbgIRQrs (ORCPT ); Fri, 18 Sep 2020 12:47:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:45548 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726361AbgIRQrr (ORCPT ); Fri, 18 Sep 2020 12:47:47 -0400 Received: from localhost.localdomain (236.31.169.217.in-addr.arpa [217.169.31.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5A67B208C3; Fri, 18 Sep 2020 16:47:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447663; bh=VXUNsN1XPreMcAXiT3v9T3RtLBfrasyzA2EQatmr8a4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=A3R+RtrTeNyLvYRPfnQuSboPEdz0WtQwIdjkykDtrG8SEAtWywh55dPZB34c8Cyc5 +gcXERCTQ1foIYqAc7nQUWQiR37QSEmEpa1g/EWCxMirjDhfkh8hL3FXV10L1PRJlT MEEbR8BgXPR+ssRtnJvNymBEdFQc36dNcIZrG0cg= From: Will Deacon To: linux-arm-kernel@lists.infradead.org Cc: Will Deacon , Catalin Marinas , Suzuki K Poulose , David Brazdil , Marc Zyngier , stable@vger.kernel.org Subject: [PATCH 02/19] arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs Date: Fri, 18 Sep 2020 17:47:12 +0100 Message-Id: <20200918164729.31994-3-will@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200918164729.31994-1-will@kernel.org> References: <20200918164729.31994-1-will@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Marc Zyngier Commit 73f381660959 ("arm64: Advertise mitigation of Spectre-v2, or lack thereof") changed the way we deal with ARCH_WORKAROUND_1, by moving most of the enabling code to the .matches() callback. This has the unfortunate effect that the workaround gets only enabled on the first affected CPU, and no other. In order to address this, forcefully call the .matches() callback from a .cpu_enable() callback, which brings us back to the original behaviour. Fixes: 73f381660959 ("arm64: Advertise mitigation of Spectre-v2, or lack thereof") Cc: Reviewed-by: Suzuki K Poulose Signed-off-by: Marc Zyngier Signed-off-by: Will Deacon --- arch/arm64/kernel/cpu_errata.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 88966496806a..3fe64bf5a58d 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -599,6 +599,12 @@ check_branch_predictor(const struct arm64_cpu_capabilities *entry, int scope) return (need_wa > 0); } +static void +cpu_enable_branch_predictor_hardening(const struct arm64_cpu_capabilities *cap) +{ + cap->matches(cap, SCOPE_LOCAL_CPU); +} + static const __maybe_unused struct midr_range tx2_family_cpus[] = { MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2), @@ -890,9 +896,11 @@ const struct arm64_cpu_capabilities arm64_errata[] = { }, #endif { + .desc = "Branch predictor hardening", .capability = ARM64_HARDEN_BRANCH_PREDICTOR, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = check_branch_predictor, + .cpu_enable = cpu_enable_branch_predictor_hardening, }, #ifdef CONFIG_RANDOMIZE_BASE { From patchwork Fri Sep 18 16:47:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 309520 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01827C43463 for ; Fri, 18 Sep 2020 16:47:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A95DD21707 for ; Fri, 18 Sep 2020 16:47:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447666; bh=VnFBFLM/bxUHYkVbv3AvobJFSpGK92kSpEjwef6cZHw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=Qw7OpKSQzcGC9Lvh99aXMY3yeQywCmEk09v29lfX8CpCzODxbl0qiSM/nsVxYnp89 uhezPgh9ADbsI+6w0hL6v/97YARuyXbmct2kio5exYb/+G+gpcRcc0qwx0bF7sI454 YshuxB7er97KgIop97E0p5Fgr6pz+F01PdM2n1ME= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726344AbgIRQrq (ORCPT ); Fri, 18 Sep 2020 12:47:46 -0400 Received: from mail.kernel.org ([198.145.29.99]:45604 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726361AbgIRQrq (ORCPT ); Fri, 18 Sep 2020 12:47:46 -0400 Received: from localhost.localdomain (236.31.169.217.in-addr.arpa [217.169.31.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1A646208DB; Fri, 18 Sep 2020 16:47:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600447665; bh=VnFBFLM/bxUHYkVbv3AvobJFSpGK92kSpEjwef6cZHw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eR9hlMHez9/i4zYJYljRvmue8ZJuWUcv0r3Sc5hsxbR8DGFxGBWFKnw2Hq+WcYSVx pri6ZZTdDDnU6m5dHu8i/RFZwqvoh4Ilp8igv+T9mmDlOSHdZLtqn6tyUOmhn6mYzN e4Ah+1LmYi/ZDCyZMPADDyeb08rn0Wy+cTvtKeuk= From: Will Deacon To: linux-arm-kernel@lists.infradead.org Cc: Will Deacon , Catalin Marinas , Suzuki K Poulose , David Brazdil , Marc Zyngier , stable@vger.kernel.org Subject: [PATCH 03/19] arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs Date: Fri, 18 Sep 2020 17:47:13 +0100 Message-Id: <20200918164729.31994-4-will@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200918164729.31994-1-will@kernel.org> References: <20200918164729.31994-1-will@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Marc Zyngier Commit 606f8e7b27bf ("arm64: capabilities: Use linear array for detection and verification") changed the way we deal with per-CPU errata by only calling the .matches() callback until one CPU is found to be affected. At this point, .matches() stop being called, and .cpu_enable() will be called on all CPUs. This breaks the ARCH_WORKAROUND_2 handling, as only a single CPU will be mitigated. In order to address this, forcefully call the .matches() callback from a .cpu_enable() callback, which brings us back to the original behaviour. Fixes: 606f8e7b27bf ("arm64: capabilities: Use linear array for detection and verification") Cc: Signed-off-by: Marc Zyngier Signed-off-by: Will Deacon Reviewed-by: Suzuki K Poulose --- arch/arm64/kernel/cpu_errata.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 3fe64bf5a58d..abfef5f3b5fd 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -457,6 +457,12 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, return required; } +static void cpu_enable_ssbd_mitigation(const struct arm64_cpu_capabilities *cap) +{ + if (ssbd_state != ARM64_SSBD_FORCE_DISABLE) + cap->matches(cap, SCOPE_LOCAL_CPU); +} + /* known invulnerable cores */ static const struct midr_range arm64_ssb_cpus[] = { MIDR_ALL_VERSIONS(MIDR_CORTEX_A35), @@ -914,6 +920,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = { .capability = ARM64_SSBD, .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, .matches = has_ssbd_mitigation, + .cpu_enable = cpu_enable_ssbd_mitigation, .midr_range_list = arm64_ssb_cpus, }, #ifdef CONFIG_ARM64_ERRATUM_1418040