[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening

[PATCH v2 00/14] ARM Spectre variant 2 fixes · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-21
[PATCH 01/14] ARM: add CPU part numbers for Cortex A73, A75 and Brahma B15 · Russell King <hidden> · 2018-05-21
[PATCH 02/14] ARM: bugs: prepare processor bug infrastructure · Russell King <hidden> · 2018-05-21
[PATCH 03/14] ARM: bugs: hook processor bug checking into SMP and suspend paths · Russell King <hidden> · 2018-05-21
[PATCH 03/14] ARM: bugs: hook processor bug checking into SMP and suspend paths · f.fainelli@gmail.com (Florian Fainelli) · 2018-05-24
[PATCH 03/14] ARM: bugs: hook processor bug checking into SMP and suspend paths · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-25
[PATCH 03/14] ARM: bugs: hook processor bug checking into SMP and suspend paths · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-25
[PATCH 04/14] ARM: bugs: add support for per-processor bug checking · Russell King <hidden> · 2018-05-21
[PATCH 05/14] ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre · Russell King <hidden> · 2018-05-21
[PATCH 06/14] ARM: spectre-v2: harden branch predictor on context switches · Russell King <hidden> · 2018-05-21
[PATCH 06/14] ARM: spectre-v2: harden branch predictor on context switches · f.fainelli@gmail.com (Florian Fainelli) · 2018-05-22
[PATCH 06/14] ARM: spectre-v2: harden branch predictor on context switches · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-22
[PATCH 06/14] ARM: spectre-v2: harden branch predictor on context switches · tony@atomide.com (Tony Lindgren) · 2018-05-22
[PATCH 07/14] ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit · Russell King <hidden> · 2018-05-21
[PATCH 07/14] ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit · tony@atomide.com (Tony Lindgren) · 2018-05-22
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · Russell King <hidden> · 2018-05-21
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · Marc Zyngier <hidden> · 2018-05-22
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-22
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-22
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · f.fainelli@gmail.com (Florian Fainelli) · 2018-05-22
[PATCH 08/14] ARM: spectre-v2: harden user aborts in kernel space · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-22
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · Russell King <hidden> · 2018-05-21
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · Marc Zyngier <hidden> · 2018-05-22
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-22
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · Marc Zyngier <hidden> · 2018-05-23
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-23
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · Marc Zyngier <hidden> · 2018-05-24
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-24
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · Marc Zyngier <hidden> · 2018-05-24
[PATCH 09/14] ARM: spectre-v2: add PSCI based hardening · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-24
[PATCH 10/14] ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 · Russell King <hidden> · 2018-05-21
[PATCH 11/14] ARM: KVM: invalidate icache on guest exit for Cortex-A15 · Russell King <hidden> · 2018-05-21
[PATCH 12/14] ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 · Russell King <hidden> · 2018-05-21
[PATCH 12/14] ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 · f.fainelli@gmail.com (Florian Fainelli) · 2018-05-22
[PATCH 13/14] ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling · Russell King <hidden> · 2018-05-21
[PATCH 13/14] ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling · Marc Zyngier <hidden> · 2018-05-23
[PATCH 14/14] ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1 · Russell King <hidden> · 2018-05-21
[PATCH v2 00/14] ARM Spectre variant 2 fixes · f.fainelli@gmail.com (Florian Fainelli) · 2018-05-24
[PATCH v2 00/14] ARM Spectre variant 2 fixes · linux@armlinux.org.uk (Russell King - ARM Linux) · 2018-05-25

STALE2956d

From: linux@armlinux.org.uk (Russell King - ARM Linux)
Date: 2018-05-24 13:04:07
Also in: kvmarm

On Thu, May 24, 2018 at 01:49:51PM +0100, Marc Zyngier wrote:

On 24/05/18 13:30, Russell King - ARM Linux wrote:

quoted

On Thu, May 24, 2018 at 01:03:50PM +0100, Marc Zyngier wrote:

quoted

On 23/05/18 20:45, Russell King - ARM Linux wrote:

quoted

On Tue, May 22, 2018 at 06:24:13PM +0100, Marc Zyngier wrote:

quoted

On 21/05/18 12:45, Russell King wrote:

quoted

+#ifdef CONFIG_ARM_PSCI
+	if (psci_ops.smccc_version != SMCCC_VERSION_1_0) {
+		struct arm_smccc_res res;
+
+		switch (psci_ops.conduit) {
+		case PSCI_CONDUIT_HVC:
+			arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
+					  ARM_SMCCC_ARCH_WORKAROUND_1, &res);
+			if ((int)res.a0 < 0)
+				break;

I just realised that there is a small, but significant difference
between this and the arm64 version: On arm64, we have a table of
vulnerable implementations, and we try the mitigation on a per-cpu
basis. Here, you entirely rely on the firmware to discover whether the
CPU needs mitigation or not. You then need to check for a return value
of 1, which indicates that although the mitigation is implemented, it is
not required on this particular CPU.

Okay, so digging further into the documentation seems to suggest that we
only need to check the firmware for A72 and A57 CPUs, and given this
statement:

"Arm recommends that the caller only call this on PEs for which a
 firmware based mitigation of CVE-2017-5715 is required, or where
 a local workaround is infeasible."

it seems that the right answer is to ignore the PSCI based methods when
we have anything but these CPUs.  Do you agree?

For CPUs that are produced by ARM, I agree. I don't know about CPUs
produced by ARM licensees though, so I'd rather use the opposite logic:
Use the firmware unless the CPU is one of those that can be easily
mitigated at EL1 (or isn't affected).

The "or isn't affected" is the difficult bit - I guess we could match
on the CPU vendor field though, and just reject all ARM CPUs that
aren't explicitly listed as having a problem.

That seems sensible. ARM has published an exhaustive status for all its
cores, which we can trust. For architecture licensees, I'm not aware of
such a list, but I'd expect them to communicate one if they were affected.

It's not that simple - there's an exhaustive list for those affected
cores, but it says that cores which aren't listed are unaffected.

If we want to explicitly list each core, we need a complete list of
both affected and unaffected cores to ensure that none are missed.

-- 
RMK's Patch system: http://www.armlinux.org.uk/developer/patches/
FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up
According to speedtest.net: 8.21Mbps down 510kbps up

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help