Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor... | linux-arm-kernel

[PATCH v4.4 V2 00/43] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 01/43] arm64: barrier: Add CSDB macros to control data-value prediction · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 02/43] arm64: Implement array_index_mask_nospec() · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 03/43] arm64: move TASK_* definitions to <asm/processor.h> · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 04/43] arm64: Make USER_DS an inclusive limit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 05/43] arm64: Use pointer masking to limit uaccess speculation · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 06/43] arm64: entry: Ensure branch through syscall table is bounded under speculation · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 07/43] arm64: uaccess: Prevent speculative use of the current addr_limit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 08/43] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 09/43] mm/kasan: add API to check memory regions · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 10/43] arm64: kasan: instrument user memory access API · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 11/43] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
Re: [PATCH v4.4 V2 11/43] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user · Mark Rutland <mark.rutland@arm.com> · 2019-07-31
Re: [PATCH v4.4 V2 11/43] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
[PATCH v4.4 V2 12/43] arm64: cpufeature: Test 'matches' pointer to find the end of the list · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 13/43] arm64: cpufeature: Add scope for capability check · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 14/43] arm64: Introduce cpu_die_early · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 15/43] arm64: Move cpu_die_early to smp.c · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
Re: [PATCH v4.4 V2 15/43] arm64: Move cpu_die_early to smp.c · Mark Rutland <mark.rutland@arm.com> · 2019-07-31
Re: [PATCH v4.4 V2 15/43] arm64: Move cpu_die_early to smp.c · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
[PATCH v4.4 V2 16/43] arm64: Verify CPU errata work arounds on hotplugged CPU · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 17/43] arm64: errata: Calling enable functions for CPU errata too · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 18/43] arm64: Rearrange CPU errata workaround checks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 19/43] arm64: Run enable method for errata work arounds on late CPUs · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 20/43] arm64: cpufeature: Pass capability structure to ->enable callback · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 21/43] drivers/firmware: Expose psci_get_version through psci_ops structure · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 22/43] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 23/43] arm64: Move post_ttbr_update_workaround to C code · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Mark Rutland <mark.rutland@arm.com> · 2019-07-31
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Mark Rutland <mark.rutland@arm.com> · 2019-08-06
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-08
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-28
Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Mark Rutland <mark.rutland@arm.com> · 2019-08-28
[PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Julien Thierry <hidden> · 2019-07-31
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Julien Thierry <hidden> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Greg KH <hidden> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Will Deacon <will@kernel.org> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Greg KH <hidden> · 2019-08-01
Re: [PATCH v4.4 V2 25/43] arm64: Move BP hardening to check_and_switch_context · Julien Thierry <hidden> · 2019-08-01
[PATCH v4.4 V2 26/43] arm64: entry: Apply BP hardening for high-priority synchronous exceptions · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 27/43] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 28/43] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 29/43] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 30/43] arm64: Implement branch predictor hardening for affected Cortex-A CPUs · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 31/43] arm64: cputype info for Broadcom Vulcan · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 32/43] arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 33/43] arm64: Branch predictor hardening for Cavium ThunderX2 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 34/43] ARM: 8478/2: arm/arm64: add arm-smccc · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 35/43] arm/arm64: KVM: Advertise SMCCC v1.1 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 36/43] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 37/43] firmware/psci: Expose PSCI conduit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 38/43] firmware/psci: Expose SMCCC version through psci_ops · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 39/43] arm/arm64: smccc: Make function identifiers an unsigned quantity · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 40/43] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 41/43] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 42/43] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
[PATCH v4.4 V2 43/43] arm64: futex: Mask __user pointers prior to dereference · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-12
Re: [PATCH v4.4 V2 00/43] V4.4 backport of arm64 Spectre patches · Mark Rutland <mark.rutland@arm.com> · 2019-07-15
Re: [PATCH v4.4 V2 00/43] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-16
Re: [PATCH v4.4 V2 00/43] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-31
Re: [PATCH v4.4 V2 00/43] V4.4 backport of arm64 Spectre patches · Mark Rutland <mark.rutland@arm.com> · 2019-07-31

Re: [PATCH v4.4 V2 24/43] arm64: Add skeleton to harden the branch predictor against aliasing attacks

From: Viresh Kumar <viresh.kumar@linaro.org>
Date: 2019-08-01 05:20:15
Also in: stable

On 31-07-19, 17:45, Mark Rutland wrote:

On Fri, Jul 12, 2019 at 10:58:12AM +0530, Viresh Kumar wrote:

quoted

From: Will Deacon <redacted>

commit 0f15adbb2861ce6f75ccfc5a92b19eae0ef327d0 upstream.

Aliasing attacks against CPU branch predictors can allow an attacker to
redirect speculative control flow on some CPUs and potentially divulge
information from one context to another.

This patch adds initial skeleton code behind a new Kconfig option to
enable implementation-specific mitigations against these attacks for
CPUs that are affected.

Co-developed-by: Marc Zyngier <redacted>
Signed-off-by: Will Deacon <redacted>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
[ v4.4: Changes made according to 4.4 codebase ]
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

[...]

quoted

 /* id_aa64pfr0 */
+#define ID_AA64PFR0_CSV2_SHIFT		56

Note: CSV3 is bits 63-60,

quoted

diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 474b34243521..040a42d79990 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c

@@ -83,7 +83,8 @@ static struct arm64_ftr_bits ftr_id_aa64isar0[] = {
 };
 
 static struct arm64_ftr_bits ftr_id_aa64pfr0[] = {
-	ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 32, 0),
+	ARM64_FTR_BITS(FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_CSV2_SHIFT, 4, 0),
+	ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 28, 0),

This line should be:

	ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 24, 0),

... as it was in the v4.9 backbort, making it cover bits 55:32. As in
this patch, it covers 59:32, overlapping with CSV2.

Fixed thanks.

We also need to cater for bits 63:60. In the v4.9 backport, the meltdown
bits were applied first, so nothing special was necessary.

What's the plan w.r.t. meltdown mitigations and v4.4?

I haven't started looking at meltdown patches yet and so that will be
done at a later point of time, if at all done by me. I have been asked
to backport both Spectre and Meltdown though to 4.4.

-- 
viresh

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help