[PATCH v4 5/6] arm: Invalidate icache on prefetch abort outside of user... | linux-arm-kernel

[PATCH v4 0/6] 32bit ARM branch predictor hardening · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 1/6] arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 2/6] arm: Invalidate BTB on prefetch abort outside of user mapping on Cortex A8, A9, A12 and A17 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 3/6] arm: KVM: Invalidate BTB on guest exit for Cortex-A12/A17 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 3/6] arm: KVM: Invalidate BTB on guest exit for Cortex-A12/A17 · robin.murphy@arm.com (Robin Murphy) · 2018-02-01
[PATCH v4 3/6] arm: KVM: Invalidate BTB on guest exit for Cortex-A12/A17 · robin.murphy@arm.com (Robin Murphy) · 2018-02-01
[PATCH v4 4/6] arm: Add icache invalidation on switch_mm for Cortex-A15 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 4/6] arm: Add icache invalidation on switch_mm for Cortex-A15 · Christoffer Dall <hidden> · 2018-02-05
[PATCH v4 4/6] arm: Add icache invalidation on switch_mm for Cortex-A15 · Marc Zyngier <hidden> · 2018-02-05
[PATCH v4 5/6] arm: Invalidate icache on prefetch abort outside of user mapping on Cortex-A15 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 6/6] arm: KVM: Invalidate icache on guest exit for Cortex-A15 · Marc Zyngier <hidden> · 2018-02-01
[PATCH v4 6/6] arm: KVM: Invalidate icache on guest exit for Cortex-A15 · robin.murphy@arm.com (Robin Murphy) · 2018-02-01
[PATCH v4 0/6] 32bit ARM branch predictor hardening · f.fainelli@gmail.com (Florian Fainelli) · 2018-02-04
[PATCH v4 0/6] 32bit ARM branch predictor hardening · Marc Zyngier <hidden> · 2018-02-04
[PATCH v4 0/6] 32bit ARM branch predictor hardening · Christoffer Dall <hidden> · 2018-02-05
[PATCH v4 0/6] 32bit ARM branch predictor hardening · Marc Zyngier <hidden> · 2018-02-05
[PATCH v4 0/6] 32bit ARM branch predictor hardening · andre.przywara@arm.com (Andre Przywara) · 2018-02-05

STALE3053d

[PATCH v4 5/6] arm: Invalidate icache on prefetch abort outside of user mapping on Cortex-A15

From: Marc Zyngier <hidden>
Date: 2018-02-01 11:07:37
Subsystem: arm port, the rest · Maintainers: Russell King, Linus Torvalds

In order to prevent aliasing attacks on the branch predictor,
invalidate the icache on Cortex-A15, which has the side effect
of invalidating the BTB. This requires ACTLR[0] to be set to 1
(secure operation).

Signed-off-by: Marc Zyngier <redacted>
---
 arch/arm/include/asm/cp15.h | 1 +
 arch/arm/mm/fault.c         | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/arch/arm/include/asm/cp15.h b/arch/arm/include/asm/cp15.h
index 9e900ae855aa..07e27f212dc7 100644
--- a/arch/arm/include/asm/cp15.h
+++ b/arch/arm/include/asm/cp15.h

@@ -66,6 +66,7 @@
 #define write_sysreg(v, ...)		__write_sysreg(v, __VA_ARGS__)
 
 #define BPIALL				__ACCESS_CP15(c7, 0, c5, 6)
+#define ICIALLU				__ACCESS_CP15(c7, 0, c5, 0)
 
 extern unsigned long cr_alignment;	/* defined in entry-armv.S */

diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
index 2f945c994e25..1b05b4b3e761 100644
--- a/arch/arm/mm/fault.c
+++ b/arch/arm/mm/fault.c

@@ -410,6 +410,10 @@ do_pabt_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
 		case ARM_CPU_PART_CORTEX_A17:
 			write_sysreg(0, BPIALL);
 			break;
+
+		case ARM_CPU_PART_CORTEX_A15:
+			write_sysreg(0, ICIALLU);
+			break;
 		}
 	}
 #endif

-- 
2.14.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help