Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp2440713imj; Mon, 11 Feb 2019 02:58:48 -0800 (PST) X-Google-Smtp-Source: AHgI3Ia/0sO6l63NP+5eLQU6XS6TovPW/9qi5+z1S7xrvQ+TP/XRntGbMNpvXijoQfJmVSdu7MNl X-Received: by 2002:a62:4d45:: with SMTP id a66mr17520943pfb.52.1549882728853; Mon, 11 Feb 2019 02:58:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549882728; cv=none; d=google.com; s=arc-20160816; b=fCq5y8lQAYUusFdAF3HGYTfHV9ousJ14hMgy7XnMALMDemWJDsfVp2AzvWm3khyu6X Ev7dAFEOtbFbXK7QsRNMmzqqLpjQXrA4cxcZkskP/fL6GdvUY6NjlQh4zXKr8oVYRi4o ffbLtSGwKtAzLJzvkqrjQxBVG9JSVXT9+fQn/Zc0kB9Og4aLLnzV5vLTVskSbaIJOMI8 +CPqwTfsUB7/RCG8PARVwX/iECnq90XXpaflekudo3pJyE59tUtYdweUrFZ8+JQr8+fA Y4RM2m1Fc3KwzzJcLrOLQnOw9PbyuvxVLWrI7Fu/O3+5JyOaJcaOk0NYVwpVDYsXWqGl H0bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=fhR/KThpLL1K2GhNW+L5gfan1aeRjCg1XDc+7YqH/ho=; b=wivj8WMcZPHAmbWwA7cNRIGizMNTZPKrTsVLNygO1jm7fgtcNS9y85a8/dDHKDte+Y OwvN3TLYu9iJgzxs0TbWFkBNQNvuebWGayQyKXYUbXUK3/NVL5cyvniUA73DUOyUWL9H f4H+RG4o6d5NW0B1QKEvlfL+PyIKQfjZZbIkEfH47gqpIGPaYaLFn35QN5F/J6URREFZ WO+nFoJorG4hlYPkSUbW7UWAPBxrjxyIyoL7oS+Dg1Yb+iJ8+/bXf6JdWQNKQciNzIfs sOrAdipvtrre8P7f7LvZ2wkBV4OdGUZAeYeK81B15kgHZD6Xrml2Wa3KBeOsm0RlgHJB 3oGA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j1si9300301pff.42.2019.02.11.02.58.32; Mon, 11 Feb 2019 02:58:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727123AbfBKK6A (ORCPT + 99 others); Mon, 11 Feb 2019 05:58:00 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:45590 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726045AbfBKK6A (ORCPT ); Mon, 11 Feb 2019 05:58:00 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C153EA78; Mon, 11 Feb 2019 02:57:59 -0800 (PST) Received: from fuggles.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 8DC9B3F557; Mon, 11 Feb 2019 02:57:58 -0800 (PST) Date: Mon, 11 Feb 2019 10:57:55 +0000 From: Will Deacon To: AngeloGioacchino Del Regno Cc: Jens Axboe , Catalin Marinas , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org Subject: Re: [PATCH] arm64/io: Don't use WZR in writel Message-ID: <20190211105755.GB30880@fuggles.cambridge.arm.com> References: <68b71c15f32341468a868f6418e4fcb375bc49ba.camel@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <68b71c15f32341468a868f6418e4fcb375bc49ba.camel@gmail.com> User-Agent: Mutt/1.11.1+86 (6f28e57d73f2) () Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Feb 09, 2019 at 07:34:53PM +0100, AngeloGioacchino Del Regno wrote: > From 33fb6d036de273bb71ac1c67d7a91b7a5148e659 Mon Sep 17 00:00:00 2001 > From: "Angelo G. Del Regno" > Date: Sat, 9 Feb 2019 18:56:46 +0100 > Subject: [PATCH] arm64/io: Don't use WZR in writel > > This is a partial revert of commit ee5e41b5f21a > ("arm64/io: Allow I/O writes to use {W,X}ZR") > > When we try to use the zero register directly on some SoCs, > their security will make them freeze due to a firmware bug. > This behavior is seen with the arm-smmu driver freezing on > TLBI and TLBSYNC on MSM8996, MSM8998, SDM630, SDM660. Hmm, this sounds very fragile. I hope they're not trapping and emulating MMIO accesses and treating the zero register as the stack pointer... Wouldn't this also be triggerable from userspace by mmap()ing either /dev/mem or e.g. a PCI bar via sysfs? > Allocating a temporary register to store the zero for the > write actually solves the issue on these SoCs. I don't think this catches all MMIO accesses, so I think we need to understand more about the actual issue here. For example, is it only the SMMU that causes this problem? Also, any workaround should be specific to the broken SoCs. Will