[PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1

[PATCH 00/14] arm64 SSBD (aka Spectre-v4) mitigation · Marc Zyngier <hidden> · 2018-05-22
[PATCH 01/14] arm/arm64: smccc: Add SMCCC-specific return codes · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 01/14] arm/arm64: smccc: Add SMCCC-specific return codes · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 05/14] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Randy Dunlap <hidden> · 2018-05-22
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-05-24
[PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Dominik Brodowski <linux@dominikbrodowski.net> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Will Deacon <hidden> · 2018-05-24
[PATCH 12/14] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 12/14] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 14/14] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 14/14] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 13/14] arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 13/14] arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 11/14] arm64: KVM: Add HYP per-cpu accessors · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 11/14] arm64: KVM: Add HYP per-cpu accessors · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Will Deacon <hidden> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-24
[PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Suzuki K Poulose <Suzuki.Poulose@arm.com> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Will Deacon <hidden> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Suzuki K Poulose <Suzuki.Poulose@arm.com> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Robin Murphy <robin.murphy@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Marc Zyngier <hidden> · 2018-05-24

From: Marc Zyngier <hidden>
Date: 2018-05-24 11:28:15
Also in: kvmarm, lkml

On 24/05/18 12:23, Mark Rutland wrote:

On Thu, May 24, 2018 at 12:00:58PM +0100, Mark Rutland wrote:

quoted

On Tue, May 22, 2018 at 04:06:36PM +0100, Marc Zyngier wrote:

quoted

In order for the kernel to protect itself, let's call the SSBD mitigation
implemented by the higher exception level (either hypervisor or firmware)
on each transition between userspace and kernel.

We must take the PSCI conduit into account in order to target the
right exception level, hence the introduction of a runtime patching
callback.

Signed-off-by: Marc Zyngier <redacted>
---
 arch/arm64/kernel/cpu_errata.c | 18 ++++++++++++++++++
 arch/arm64/kernel/entry.S      | 22 ++++++++++++++++++++++
 include/linux/arm-smccc.h      |  5 +++++
 3 files changed, 45 insertions(+)

diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index a900befadfe8..46b3aafb631a 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c

@@ -232,6 +232,24 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry)
 }
 #endif	/* CONFIG_HARDEN_BRANCH_PREDICTOR */
 
+#ifdef CONFIG_ARM64_SSBD
+void __init arm64_update_smccc_conduit(struct alt_instr *alt,
+				       __le32 *origptr, __le32 *updptr,
+				       int nr_inst)
+{
+	u32 insn;
+
+	BUG_ON(nr_inst != 1);
+
+	if (psci_ops.conduit == PSCI_CONDUIT_HVC)
+		insn = aarch64_insn_get_hvc_value();
+	else
+		insn = aarch64_insn_get_smc_value();

Shouldn't this also handle the case where there is no conduit?

Due to the config symbol not being defined yet, and various other fixups
in later patches, this is actually benign.

However, if you make this:

	switch (psci_ops.conduit) {
	case PSCI_CONDUIT_NONE:
		return;
	case PSCI_CONDUIT_HVC:
		insn = aarch64_insn_get_hvc_value();
		break;
	case PSCI_CONDUIT_SMC:
		insn = aarch64_insn_get_smc_value();
		break;
	}

... then we won't even bother patching the nop in the default case
regardless, which is nicer, IMO.

Yup, looks better to me too. I'll fold that in.

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny...

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help