Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cf4ca60c authored by Marc Zyngier's avatar Marc Zyngier Committed by Isaac J. Manjarres
Browse files

arm64: Add ARCH_WORKAROUND_2 probing 



As for Spectre variant-2, we rely on SMCCC 1.1 to provide the
discovery mechanism for detecting the SSBD mitigation.

A new capability is also allocated for that purpose, and a
config option.

Change-Id: Ibf7a217bb6ecf796e50f79c2681de094f1caaa8e
Reviewed-by: default avatarJulien Grall <julien.grall@arm.com>
Reviewed-by: default avatarMark Rutland <mark.rutland@arm.com>
Acked-by: default avatarWill Deacon <will.deacon@arm.com>
Reviewed-by: default avatarSuzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Git-commit: a725e3dda1813ed306734823ac4c65ca04e38500
Git-repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git


[isaacm@codeaurora.org: Move inclusion of psci header and
 arm-smccc header to beginning of source to not break
 compilation, and use correct capability numbers and
 structure fields. Also, disable SSBD mitigation for
 the time being.]
Signed-off-by: default avatarIsaac J. Manjarres <isaacm@codeaurora.org>
parent 5bd92949

arch/arm64/Kconfig

+8 −0
Original line number Diff line number Diff line
@@ -942,6 +942,14 @@ config PRINT_VMEMLAYOUT 


	  If unsure, say N.



config ARM64_SSBD

	bool "Speculative Store Bypass Disable" if EXPERT

	help

	  This enables mitigation of the bypassing of previous stores

	  by speculative loads.



	  If unsure, say Y.



menuconfig ARMV8_DEPRECATED

	bool "Emulate deprecated/obsolete ARMv8 instructions"

	depends on COMPAT

arch/arm64/include/asm/cpucaps.h

+2 −1
Original line number Diff line number Diff line
@@ -44,7 +44,8 @@ 
#define ARM64_HARDEN_BRANCH_PREDICTOR		24

#define ARM64_HARDEN_BP_POST_GUEST_EXIT		25

#define ARM64_HW_DBM				26

#define ARM64_SSBD				27



#define ARM64_NCAPS				27

#define ARM64_NCAPS				28



#endif /* __ASM_CPUCAPS_H */

arch/arm64/kernel/cpu_errata.c

+71 −2
Original line number Diff line number Diff line
@@ -16,7 +16,9 @@ 
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

 */



#include <linux/arm-smccc.h>

#include <linux/types.h>

#include <linux/psci.h>

#include <asm/cpu.h>

#include <asm/cputype.h>

#include <asm/cpufeature.h>
@@ -148,8 +150,6 @@ static void install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry, 
}



#include <uapi/linux/psci.h>

#include <linux/arm-smccc.h>

#include <linux/psci.h>



static void call_smc_arch_workaround_1(void)

{
@@ -230,6 +230,67 @@ static int qcom_enable_link_stack_sanitization(void *data) 


#ifdef CONFIG_ARM64_SSBD

DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required);



static void arm64_set_ssbd_mitigation(bool state)

{

	switch (psci_ops.conduit) {

	case PSCI_CONDUIT_HVC:

		arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_2, state, NULL);

		break;



	case PSCI_CONDUIT_SMC:

		arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_2, state, NULL);

		break;



	default:

		WARN_ON_ONCE(1);

		break;

	}

}



static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,

				    int scope)

{

	struct arm_smccc_res res;

	bool supported = true;



	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());



	if (psci_ops.smccc_version == SMCCC_VERSION_1_0)

		return false;



	/*

	 * The probe function return value is either negative

	 * (unsupported or mitigated), positive (unaffected), or zero

	 * (requires mitigation). We only need to do anything in the

	 * last case.

	 */

	switch (psci_ops.conduit) {

	case PSCI_CONDUIT_HVC:

		arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,

				  ARM_SMCCC_ARCH_WORKAROUND_2, &res);

		if ((int)res.a0 != 0)

			supported = false;

		break;



	case PSCI_CONDUIT_SMC:

		arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,

				  ARM_SMCCC_ARCH_WORKAROUND_2, &res);

		if ((int)res.a0 != 0)

			supported = false;

		break;



	default:

		supported = false;

	}



	if (supported) {

		__this_cpu_write(arm64_ssbd_callback_required, 1);

		arm64_set_ssbd_mitigation(true);

	}



	return supported;

}

#endif /* CONFIG_ARM64_SSBD */



#define MIDR_RANGE(model, min, max) \
@@ -429,6 +490,14 @@ const struct arm64_cpu_capabilities arm64_errata[] = { 
		MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2),

		.enable = enable_smccc_arch_workaround_1,

	},

#endif

#ifdef CONFIG_ARM64_SSBD

	{

		.desc = "Speculative Store Bypass Disable",

		.def_scope = SCOPE_LOCAL_CPU,

		.capability = ARM64_SSBD,

		.matches = has_ssbd_mitigation,

	},

#endif

	{

	}