Received: by 10.223.176.5 with SMTP id f5csp4269732wra;
        Tue, 30 Jan 2018 04:53:36 -0800 (PST)
X-Google-Smtp-Source: AH8x225Khk4cVlIdtqWVu3jASYKEVbXzhkeonzep2w2xqWOvH2ckJLYAPdE3Az9/x7f+FaTLiE/t
X-Received: by 10.101.81.68 with SMTP id g4mr22837178pgq.276.1517316816623;
        Tue, 30 Jan 2018 04:53:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517316816; cv=none;
        d=google.com; s=arc-20160816;
        b=YCBfT6/7Z66UxQ408lCZdhcfqN0/tKFYfYer/NFyK3VDGLX6Y1lMXonSoKcfGH1EOE
         GRXJswScVLy/DE8hEWhyFvn/B2FDqvpgWa1Qf2VZy80Ppb7xFwpPGm11sZJeQIItLLrQ
         d7w4uCuyZzFecXesOz8JHL564AElSx6RUevDxtDPiJRMcpsZZcssa0BqyTwGUvDmfakD
         We4I7p4rt8kbQLpML1dXfTpPOHEhYJ8s4gzbOpkElCOS3apNCpZzrfrGHl7n6jBt2CLB
         Sa/CS4RQp04W97oXOec2KmKTzBcnqZ67uU98/7QFpP8UL7ro3HV+Q8e0T2e5yTXUcc8j
         EfqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=OEdAIcgvyoVoSu79Fdvwmdjhb80qZKPyXGT7HZv+RBM=;
        b=dKOOKLH4bJhv4rmUp4SMbh1U2MKP9DdcC/+ZRT2J4d4d0E37PCsDt06EOkKDqbvB2V
         1lxnDvtrDi3DpkO+H9FeH1gyyeq0e28KutYFXePbIvC7CuqC0BDVbe84yFvpszc4cra9
         ggFB2ZI9kaPYSDydN3dAR+La/fkQkRRuqxuQ9lesSzfWmNR6Cl4s+zxPHrnnH5LScaQq
         r22EoqPZS2mPsAZYrxhbQmpwuuGLWewCmGezqNkYbjEhquWVNWqfFAJXdPYFdkoZ4+jo
         k2c1k9s9o6vG/a7F3AyM58mAsYqrfLXFCyunH0Kqo7QyFqtuiX8aEDCohI/ulnCEcUiu
         PYdw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t130si1904380pgc.236.2018.01.30.04.53.21;
        Tue, 30 Jan 2018 04:53:36 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751842AbeA3Mik (ORCPT <rfc822;yingkeliu@gmail.com> + 99 others);
        Tue, 30 Jan 2018 07:38:40 -0500
Received: from foss.arm.com ([217.140.101.70]:53188 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751451AbeA3Mij (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 30 Jan 2018 07:38:39 -0500
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 54C0F1435;
        Tue, 30 Jan 2018 04:38:39 -0800 (PST)
Received: from [10.1.210.88] (e110467-lin.cambridge.arm.com [10.1.210.88])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3E5633F41F;
        Tue, 30 Jan 2018 04:38:37 -0800 (PST)
Subject: Re: [PATCH v2 10/16] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP
 hardening support
To:     Marc Zyngier <marc.zyngier@arm.com>, linux-kernel@vger.kernel.org,
        linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu
Cc:     Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        Peter Maydell <peter.maydell@linaro.org>,
        Christoffer Dall <christoffer.dall@linaro.org>,
        Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>,
        Mark Rutland <mark.rutland@arm.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Jon Masters <jcm@redhat.com>
References: <20180129174559.1866-1-marc.zyngier@arm.com>
 <20180129174559.1866-11-marc.zyngier@arm.com>
From:   Robin Murphy <robin.murphy@arm.com>
Message-ID: <748db3f9-bf6c-17d6-ff92-e814ec06aa20@arm.com>
Date:   Tue, 30 Jan 2018 12:38:35 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20180129174559.1866-11-marc.zyngier@arm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 29/01/18 17:45, Marc Zyngier wrote:
> A new feature of SMCCC 1.1 is that it offers firmware-based CPU
> workarounds. In particular, SMCCC_ARCH_WORKAROUND_1 provides
> BP hardening for CVE-2017-5715.
> 
> If the host has some mitigation for this issue, report that
> we deal with it using SMCCC_ARCH_WORKAROUND_1, as we apply the
> host workaround on every guest exit.
> 
> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
> ---
>   include/linux/arm-smccc.h |  5 +++++
>   virt/kvm/arm/psci.c       | 17 +++++++++++++++--
>   2 files changed, 20 insertions(+), 2 deletions(-)
> 
> diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
> index dc68aa5a7261..e1ef944ef1da 100644
> --- a/include/linux/arm-smccc.h
> +++ b/include/linux/arm-smccc.h
> @@ -73,6 +73,11 @@
>   			   ARM_SMCCC_SMC_32,				\
>   			   0, 1)
>   
> +#define ARM_SMCCC_ARCH_WORKAROUND_1					\
> +	ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,				\
> +			   ARM_SMCCC_SMC_32,				\
> +			   0, 0x8000)
> +
>   #ifndef __ASSEMBLY__
>   
>   #include <linux/linkage.h>
> diff --git a/virt/kvm/arm/psci.c b/virt/kvm/arm/psci.c
> index a021b62ed762..5677d16abc71 100644
> --- a/virt/kvm/arm/psci.c
> +++ b/virt/kvm/arm/psci.c
> @@ -407,14 +407,27 @@ static int kvm_psci_call(struct kvm_vcpu *vcpu)
>   int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>   {
>   	u32 func_id = smccc_get_function(vcpu);
> -	u32 val;
> +	u32 val, feature;
>   
>   	switch (func_id) {
>   	case ARM_SMCCC_VERSION_FUNC_ID:
>   		val = ARM_SMCCC_VERSION_1_1;
>   		break;
>   	case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
> -		val = -1;	/* Nothing supported yet */

Conceptually, might it still make sense to initialise val to 
NOT_SUPPORTED here, then overwrite it if and when a feature actually is 
present? It would in this case save a few lines as well, but I know 
multiple assignment can be one of those religious issues, so I'm not too 
fussed either way.

Robin.

> +		feature = smccc_get_arg1(vcpu);
> +		switch(feature) {
> +#ifdef CONFIG_ARM64
> +		case ARM_SMCCC_ARCH_WORKAROUND_1:
> +			if (cpus_have_const_cap(ARM64_HARDEN_BRANCH_PREDICTOR))
> +				val = 0;
> +			else
> +				val = -1;
> +			break;
> +#endif
> +		default:
> +			val = -1;
> +			break;
> +		}
>   		break;
>   	default:
>   		return kvm_psci_call(vcpu);
>