Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit be331630 authored by Marc Zyngier's avatar Marc Zyngier Committed by Greg Kroah-Hartman
Browse files

arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 



commit 8e2906245f1e3b0d027169d9f2e55ce0548cb96e upstream.

In order for the kernel to protect itself, let's call the SSBD mitigation
implemented by the higher exception level (either hypervisor or firmware)
on each transition between userspace and kernel.

We must take the PSCI conduit into account in order to target the
right exception level, hence the introduction of a runtime patching
callback.

Reviewed-by: default avatarMark Rutland <mark.rutland@arm.com>
Reviewed-by: default avatarJulien Grall <julien.grall@arm.com>
Acked-by: default avatarWill Deacon <will.deacon@arm.com>
Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent d1b5c195

arch/arm64/kernel/cpu_errata.c

+24 −0
Original line number Diff line number Diff line
@@ -187,6 +187,30 @@ static int enable_smccc_arch_workaround_1(void *data) 
}

#endif	/* CONFIG_HARDEN_BRANCH_PREDICTOR */



#ifdef CONFIG_ARM64_SSBD

void __init arm64_update_smccc_conduit(struct alt_instr *alt,

				       __le32 *origptr, __le32 *updptr,

				       int nr_inst)

{

	u32 insn;



	BUG_ON(nr_inst != 1);



	switch (psci_ops.conduit) {

	case PSCI_CONDUIT_HVC:

		insn = aarch64_insn_get_hvc_value();

		break;

	case PSCI_CONDUIT_SMC:

		insn = aarch64_insn_get_smc_value();

		break;

	default:

		return;

	}



	*updptr = cpu_to_le32(insn);

}

#endif	/* CONFIG_ARM64_SSBD */



#define MIDR_RANGE(model, min, max) \

	.def_scope = SCOPE_LOCAL_CPU, \

	.matches = is_affected_midr_range, \

arch/arm64/kernel/entry.S

+22 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ 
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

 */



#include <linux/arm-smccc.h>

#include <linux/init.h>

#include <linux/linkage.h>
@@ -95,6 +96,18 @@ alternative_else_nop_endif 
	add	\dst, \dst, #(\sym - .entry.tramp.text)

	.endm



	// This macro corrupts x0-x3. It is the caller's duty

	// to save/restore them if required.

	.macro	apply_ssbd, state

#ifdef CONFIG_ARM64_SSBD

	mov	w0, #ARM_SMCCC_ARCH_WORKAROUND_2

	mov	w1, #\state

alternative_cb	arm64_update_smccc_conduit

	nop					// Patched to SMC/HVC #0

alternative_cb_end

#endif

	.endm



	.macro	kernel_entry, el, regsize = 64

	.if	\regsize == 32

	mov	w0, w0				// zero upper 32 bits of x0
@@ -122,6 +135,13 @@ alternative_else_nop_endif 
	ldr	x19, [tsk, #TI_FLAGS]		// since we can unmask debug

	disable_step_tsk x19, x20		// exceptions when scheduling.



	apply_ssbd 1



#ifdef CONFIG_ARM64_SSBD

	ldp	x0, x1, [sp, #16 * 0]

	ldp	x2, x3, [sp, #16 * 1]

#endif



	mov	x29, xzr			// fp pointed to user-space

	.else

	add	x21, sp, #S_FRAME_SIZE
@@ -190,6 +210,8 @@ alternative_if ARM64_WORKAROUND_845719 
alternative_else_nop_endif

#endif

3:

	apply_ssbd 0



	.endif

	msr	elr_el1, x21			// set up the return data

	msr	spsr_el1, x22

include/linux/arm-smccc.h

+5 −0
Original line number Diff line number Diff line
@@ -80,6 +80,11 @@ 
			   ARM_SMCCC_SMC_32,				\

			   0, 0x8000)



#define ARM_SMCCC_ARCH_WORKAROUND_2					\

	ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,				\

			   ARM_SMCCC_SMC_32,				\

			   0, 0x7fff)



#ifndef __ASSEMBLY__



#include <linux/linkage.h>