Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751565AbeAHRUE (ORCPT + 1 other); Mon, 8 Jan 2018 12:20:04 -0500 Received: from mail-sn1nam02on0088.outbound.protection.outlook.com ([104.47.36.88]:32170 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750710AbeAHRT7 (ORCPT ); Mon, 8 Jan 2018 12:19:59 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Jayachandran.Nair@cavium.com; Date: Mon, 8 Jan 2018 09:19:43 -0800 From: Jayachandran C To: Will Deacon Cc: marc.zyngier@arm.com, linux-arm-kernel@lists.infradead.org, lorenzo.pieralisi@arm.com, ard.biesheuvel@linaro.org, catalin.marinas@arm.com, linux-kernel@vger.kernel.org, labbott@redhat.com, christoffer.dall@linaro.org Subject: Re: [PATCH 2/2] arm64: Branch predictor hardening for Cavium ThunderX2 Message-ID: <20180108171943.GA180149@jc-sabre> References: <20180108063115.GA163286@jc-sabre> <1515394416-166994-1-git-send-email-jnair@caviumnetworks.com> <1515394416-166994-2-git-send-email-jnair@caviumnetworks.com> <20180108164651.GQ25869@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180108164651.GQ25869@arm.com> User-Agent: Mutt/1.5.24 (2015-08-30) X-Originating-IP: [50.233.148.156] X-ClientProxiedBy: MWHPR01CA0026.prod.exchangelabs.com (10.172.172.140) To BLUPR0701MB1057.namprd07.prod.outlook.com (10.160.34.154) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: fd0f6bf9-5f52-4616-3c5d-08d556bc0961 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020);SRVR:BLUPR0701MB1057; X-Microsoft-Exchange-Diagnostics: 1;BLUPR0701MB1057;3:xBAf1z/xbfkvc7z6RGkU8BGmtsLoVJKAKYuucUJMwSvYGNdjhVvcmuNBSe6Hcu9d8jzY0K8MtDPdtLcOI0L7uszOBjrvfiw3cxdev2LLn1b6jBSRlTZD2u3/CYKffDgNU4IVxXMcJV4ScJNds3G3hj9YRtcIrOZh0tXH4XSs4EZZPS7xwG+hUbYedS3TrfcyXkc+g8Fo8Et0r9Mv0l6fCtEGkPP92Blt7IxVPC9lijJ34anYwbSmAKjXE1wTP1Ks;25:yRG6zikTjWUKXotevPCn9rzE7cXMDLJE+CENHAe8ZRj9kTq9tH+tb6HbF594N/QZvwBWtNDvV4ejjHuPgdx5hPqd8fqJsgxIOU/mYcNXASgRAeiD3wYUxS20kHkkgUuv3KJeIY/i5sbXO88864yXoO43jKQk0pcvICJoCEzCYpKNzCIUAB3S+3Bi9kCrGOMNxgeN1uUFiI0QNb83CH58zdVqnmAmiTlyJbwF3v16gwmjE6cg1G3aEOJvggiYkqvBs9+e3ncNlQ+HxEgRM4js33c9nvUlGK/gQZLef/9OBFavssuEBxp9sOqXzlfS7OGrTYq0Llas24NP1VtOqmSX0g==;31:wtO/quBr1ZwA0iacEdJrlcnLM4JEPskLhJoivODaqVOiTf+n9Gn2slBIIdZgkHcXyYRKE+Wmwo8YdvajSbkqbyA3OshmisJKlRbvOdbML8MGyZ3/s/jXKSNHvZoV/mGGMQb3gKfr+OhwCNousmI0WlOgm/QNTyCgLsmaSYo3+0skiWojfXW33VTyUkITJ3BhlRht1deQO32QHPikpDbLiAxNITEESMri238H6vMTSTk= X-MS-TrafficTypeDiagnostic: BLUPR0701MB1057: X-Microsoft-Exchange-Diagnostics: 1;BLUPR0701MB1057;20:GYxBLZhdUPhnXUaB8DreAA5/IPIvzzgUEPRzmIz4DtHWEKNBcVqKDccJO9kCkYBZALAIbg1XAZRBgFEpQYkkTq1biVIRCBnaw8VR01DP/rNRz/BZ9FNAF/1bnz9H5WYPzeRIJ1RqKSWfigI4l/d4q0zO05PdBZWQOUCG1Er6EzeBlJHJJ9FQdqmB1owSPoayf6Zeu9ttykQZF8K9rLxwd4Dn541dAhdaIitjNIShpTYZaA1gebHV7DqC8fnbv/pV/ESN3Y73YmhnFEjllkuWRCvVMQ73Tncah+vrkVrfECts/CdTQGySMrXFXmRNSO6/KyHZzzJ6nkHcT5vTGz1hvkXCmk3hLjKEuugJfWRulcXWdzvz+QxKU24xSHpDILh6ysdEQpMsBXIA4uh1e1zf+qD5uDcDwBpv7aBl5TbNUR1qkd+uw4w66Mg8xuJEmS3rt9fGRvzK0YjgRqgXjPffjtfDECOrvvIkKseDCnOWXPMt8bYy1voxxwmlbmGvFU45VB7CqqevUgnXxYjeWPvh255ZyZ3Om2me6RhCQdUnjmJo1ozPo+R6DG51mLXEPCItUWq+WaHqqxRQvnjQmagAqqHywZAbBK/+onwXhZqdAsc=;4:P+NevDTlTsrZZfHjzAQmCNqAp2AvayHzqBdNdSPuMQ1EeY2VpyHR8tRLk/3rOgLlQAhGdTqjoI58kejlxQYA952TnxuAYKiOgr+9kEc0LQvUY/Ayci+KkeSDCb3DVqHnyCevQR7k436w9pxBNW1/JR+XxgiNrwPUupUf+tTvv4TDo5R8gnY0V2P+yIhNazynU8FcysDFFL5mQS5/0cAEGZ4DqiBwUuTTBgnObpjuzOTiSkydCAMOYswVLcqdXsES813K7cfikY07gQpSBafR7DCy41X1DepQTUG49MgZ1unOP+9J4+V2sb03c74tRASu X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(20558992708506); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(93006095)(10201501046)(3002001)(3231023)(944501075)(6041268)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(6072148)(201708071742011);SRVR:BLUPR0701MB1057;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:BLUPR0701MB1057; X-Forefront-PRVS: 054642504A X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(39850400004)(366004)(39380400002)(396003)(376002)(346002)(24454002)(199004)(189003)(47776003)(8936002)(3846002)(7736002)(66066001)(386003)(87496004)(25786009)(59450400001)(4326008)(76176011)(33896004)(72206003)(478600001)(52116002)(2906002)(81166006)(229853002)(6116002)(1076002)(23726003)(16526018)(316002)(53936002)(33716001)(6666003)(106356001)(81156014)(58126008)(2950100002)(42882006)(6916009)(8676002)(83506002)(16586007)(93886005)(6246003)(50466002)(33656002)(305945005)(55016002)(6496006)(575784001)(97736004)(9686003)(105586002)(68736007)(5660300001)(18370500001)(107986001);DIR:OUT;SFP:1101;SCL:1;SRVR:BLUPR0701MB1057;H:jc-sabre;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;BLUPR0701MB1057;23:vxSfiaoc/e41QTO//sBTcnCQ12clCxA/4cxD9Pu?= =?us-ascii?Q?iWEFJzIFFIkqHnlzgnxa8DVEXpTtNlaIN5M0CJRyGVbBxS9vGErgB2BmKWDf?= =?us-ascii?Q?3QFyqleqoHW5y4VHrgRW4Nh5OT8BdYKBKDM8cnS+vCIDk96KBL2zN8RdowTF?= =?us-ascii?Q?KZhh3mquvULoHEsDOHecrgeH+C2NTiaFldfPovI6HjP9t+y3fmyavGF3vFOa?= =?us-ascii?Q?rJdeirJCQbDM3Mgh0kVdKvj9GwBiwZibrRoAQkKyYmBTvYXg0Rt6I4tbNsD5?= =?us-ascii?Q?oNc9ux8FybLBbEAsLJMS8HS66S2oUXpKj5gh6KbD1poW9grbMftFmuONL5Sp?= =?us-ascii?Q?hQELw/fbz2WJNQhSpPbFUq+k09/iW6t/XSnhI5ziMZAX/mi9XOr4NC4HabfX?= =?us-ascii?Q?/E46H2eqHXgReWnjc9SVP9+sOinTB+1AMqSd2qFHWIJ6mwcLkGav6MrndCmj?= =?us-ascii?Q?qk4NdEJpnQ4lIGp7UUCoPYVgBWwkOQcQWamBomz0ChZf+0fXGYU73wmPBRpl?= =?us-ascii?Q?vCPF0UpJn9xN6XJiQcIPWiXZNxWBKWr33d4BZSfbxoDO6qJFdXp2bSuhLWq9?= =?us-ascii?Q?GEIR/M2xqswC+V7OSIdhsPcPpQRwJbFEZFTO3wL/MMOdpjK2U5HcKs6gXEE1?= =?us-ascii?Q?rK8SOTvWgvJN6EB3nFEtX2s+aStEyspxFOobcAo2uzQOC1mCm9/rAbeO29Df?= =?us-ascii?Q?i6nrAl9x02ASAR/15NbjSJpbAtmtct0ZDEhvHyfMUdFdnPKfvrGbkYuWVl1l?= =?us-ascii?Q?SwsqqVrgk3tGcF74/YXrlHOdHKASGEl9IfuQIWfErwOwe4J9U6w80FrsY3mp?= =?us-ascii?Q?d7qzwYJv7OzHpm/3Levl/eTH7T6ClV7+pvfuF1mMcbalZD4P0SBVQKGeercU?= =?us-ascii?Q?Zupm8wm01SWJ+l0oENIgyN9+aJJywGDnPR/BpZnRU0B08IkYcwGWGJJnL0CE?= =?us-ascii?Q?y9xto7kLTPL/cXeCdi70MWdWXHWTq6eE2c+DtfvMYzFwYG6Q+b2DYf7YHK+5?= =?us-ascii?Q?s+l+nrvEYtShcA1ONM4y1OX07bLuwGH7mWUdfzmzBovcyc3iyREOzhp5gsIZ?= =?us-ascii?Q?f+DQR2XyrxSyEVUA/Tw0eclcFA5EZVpDlXMXRCd3Tqhm1IfMf5hctguWRp1w?= =?us-ascii?Q?bbISS/DU5GH4FkDVajH+WMTV341UOZJbTRfnXR54FGxgdY+gSWGDC8XQiGCi?= =?us-ascii?Q?01Xv/S00pNXhJsrmF7W1dtT1qU+Uhc9u7rTjNQVvJbS7p7Q6qNa5fpHFdAB3?= =?us-ascii?Q?VBmhNAvr7zOQdeWrdFR144H99vVWkZJCBfDUx5/DMX9t5e5KIRKGEbBM87M7?= =?us-ascii?Q?MGAl7GuEfvYI2yRDPdTN8UJP9+U/AgmO/RBXDGd/bSMoIAyizuRm2D1rKchN?= =?us-ascii?Q?S7QD3ZQ=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;BLUPR0701MB1057;6:th1qCQYlVrecowLN1F4Sp7VkzJ3+GmWF5GUzH0gWm/boibJ6jgi3Z6R44EnGanwXz6/yHWLAvR/HalvH+d/3dwY5z5aEmlDsJwEXzljWnYujN6HfRjXZEoIwgSMVjUt3RG7CuqTcRMiFMowFMSvp12Dds/CQ452wW8/WqofbLWbLSq+PScweefQnGSjwExGWwxYkvuI6JSOrxigTp4vORoMF42QLz7lx9qtiOdhoE9ejJUiL4A4U1V4wqz5aGuri5TTWXq5RDlp36y8BxRmQKNTBLUcmIhEFhF75fQMepIMnjb9VQu1qeHhAhqOYBwa6r9GLS96RZy8s8UcymhmJwkE4se21AJuAQKz3Tdl2yLc=;5:D/mOjz10uQqYm348BDRJbDBL8wVmLLD0m32nyK/kYNaHade80rw0QXBl4h+UScURRE36obMDJwVd3MJh1q/RM+7ESdfiyehcCdMEMDDExwvNbQZMUnnlBjZiDW1k/l1a1/0/45oz4gafchg6XQ3SSVEKcFa3/9SJ6hPOFXlrYVw=;24:JGulmssofi8HcchhexgYoJOUBAalts/m7DXUCHH96KuGW0l3iYX+1jPWsFCkyP7n7D/KKqWuW0Up70zIhaWtR/xjIJP0pOT/1o4s9EhGD5s=;7:+Kl2OcEe2zSAyEQuC6sKhkJdEhPr6odXzD8xjY8RFsuv8DtZ4SQ34JHCA3SuRk6EG1YQ0hlUlIE6Bp0+uRTauhbl4TqHaYWnfJ+WgcCk0MJ0ACQOZMr7OVndfg3qMqEsDQYrYtpp6pCx2JSZplreepS6+HrsvR4Ik8mHg3V5eBT6zhaancszgqS0Usjyy+I90Sfnt5cDD+rizEvMRerYbVWi3Dnxu4RxlEBKNyfJHO7OBG2z3dNcP2B/1E8uT1Vm SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jan 2018 17:19:54.3375 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fd0f6bf9-5f52-4616-3c5d-08d556bc0961 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0701MB1057 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Mon, Jan 08, 2018 at 04:46:52PM +0000, Will Deacon wrote: > On Sun, Jan 07, 2018 at 10:53:36PM -0800, Jayachandran C wrote: > > Use PSCI based mitigation for speculative execution attacks targeting > > the branch predictor. The approach is similar to the one used for > > Cortex-A CPUs, but in case of ThunderX2 we add another SMC call to > > test if the firmware supports the capability. > > > > If the secure firmware has been updated with the mitigation code to > > invalidate the branch target buffer, we use the PSCI version call to > > invoke it. > > > > Signed-off-by: Jayachandran C > > --- > > arch/arm64/kernel/cpu_errata.c | 38 ++++++++++++++++++++++++++++++++++++++ > > 1 file changed, 38 insertions(+) > > > > diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c > > index cb0fb37..abceb5d 100644 > > --- a/arch/arm64/kernel/cpu_errata.c > > +++ b/arch/arm64/kernel/cpu_errata.c > > @@ -124,6 +124,7 @@ static void install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry, > > __install_bp_hardening_cb(fn, hyp_vecs_start, hyp_vecs_end); > > } > > > > +#include > > #include > > > > static int enable_psci_bp_hardening(void *data) > > @@ -138,6 +139,33 @@ static int enable_psci_bp_hardening(void *data) > > > > return 0; > > } > > + > > +#define CAVIUM_TX2_SIP_SMC_CALL 0xC200FF00 > > +#define CAVIUM_TX2_BTB_HARDEN_CAP 0xB0A0 > > + > > +static int enable_tx2_psci_bp_hardening(void *data) > > +{ > > + const struct arm64_cpu_capabilities *entry = data; > > + struct arm_smccc_res res; > > + > > + if (!entry->matches(entry, SCOPE_LOCAL_CPU)) > > + return; > > + > > + arm_smccc_smc(CAVIUM_TX2_SIP_SMC_CALL, CAVIUM_TX2_BTB_HARDEN_CAP, 0, 0, 0, 0, 0, 0, &res); > > One thing to be aware of here is that if somebody configures qemu to emulate > a TX2, this may actually disappear into EL3 and not return. You're better > off sticking with PSCI GET_VERSION in terms of portability, but it's your > call -- I'd expect you to deal with any breakage reports on the list due > to the SMC above. Fair? I don't like having a custom SMC here either. But Overloading PSCI get version is the problem as I wrote earlier - there is no way to check if the firmware implements BTB hardening with overloading. There is a good chance that users with old firmware will just fail without any warning. Is there a reason for overloading PSCI get version? Allocating a new standard SMC number would make checking for existance and usage much simpler. I did not quite understand the possible issue in qemu, unimplemented SMC calls are expected to return an error code. What am I missing here? > > > + if (res.a0 != 0) { > > + pr_warn("Error: CONFIG_HARDEN_BRANCH_PREDICTOR enabled, but firmware does not support it\n"); > > + return 0; > > + } > > Please don't print this here; see below. > > > + if (res.a1 == 1 && psci_ops.get_version) { > > + pr_info("CPU%d: Branch predictor hardening enabled\n", smp_processor_id()); > > If you want to print a message, please put it in the capability structure > .desc field. Thanks, will fix this in the next rev. JC.