Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp1082141rwb;
        Thu, 18 Aug 2022 18:47:43 -0700 (PDT)
X-Google-Smtp-Source: AA6agR68QEdmN+ZDjzlAWTngvYf6JilFx38WtAeTv6w7fVPwpHEWCTAASvCNnVNVe3Ev+1UOSkNB
X-Received: by 2002:a17:90b:1b45:b0:1f5:753d:82bc with SMTP id nv5-20020a17090b1b4500b001f5753d82bcmr11454260pjb.68.1660873663477;
        Thu, 18 Aug 2022 18:47:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1660873663; cv=none;
        d=google.com; s=arc-20160816;
        b=uRI9FcG1VxewrGnpKnV/Rh5LtEMMfvkZBN+LdcNcZiqlG2Nymt07x3YSFxVwMK3HUc
         WZ0hi8ePlJryQo0Vv7ykOJsKIeIABaXhGJ6adAqItRH/vsXa+VGTHTnDUQRpGnO/1U45
         6Mm2YzgVekZuDoNJuMBOMd3SHwLq68jKZmXDDPmZmkamygUUDWB5MnvDzry5o9y+6Bgl
         enn2y19C8HsKCb41MHeLsWdB9MAb6wAt2YtrsP0HlW+BTu9atvAHgTfwoDinvDCwFjgR
         VKokLlw4TQFyJmHbMQDqjkI/yVhOS88wNt5dUpwthd1GlqunClVnHs5isuwLq8+NUAy7
         Sajg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date
         :dkim-signature;
        bh=oZFtvhwwLycAg9JyRv4nQ5Y9An2VOnZjO51MLHku7jw=;
        b=ydmQnsQXe+IoCe4WH7HoSy2ZTKBIVf4PikXbsX3d2sMMNlo5VxWjekGHRwf8hSzhZu
         8Bc6UyvL/26ouCBOTIRqtgW7V39aM/Iox6fo+2mVf1F/ax3J46/hS7rN1/tqZg+hswb1
         4RnFEEmyCjgUVhGue8/pXrvcSLtG49GavQ6tjycYMb1+ybc8vbvQRLKMvZLTx9qVoxW3
         lxJRlRp1QqWIGEzfOSdGstEua2yGTSv2ypor998WV+2tXqr8l5q9CBxvHYqEsjhCKHpf
         QP1Xm5JgJuGZnU5foj/xulcBnN3HXxGYuLoKHj6vHR4Ud1rwVh1B0Ygn1jnz83ux0+rz
         Wf/Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=qWGzRc+q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id d3-20020a056a0024c300b005360a215cd5si783310pfv.18.2022.08.18.18.47.32;
        Thu, 18 Aug 2022 18:47:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=qWGzRc+q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S242805AbiHSBfl (ORCPT <rfc822;andreqb@gmail.com> + 99 others);
        Thu, 18 Aug 2022 21:35:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51784 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S242028AbiHSBfk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 18 Aug 2022 21:35:40 -0400
Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6964C77552
        for <linux-kernel@vger.kernel.org>; Thu, 18 Aug 2022 18:35:39 -0700 (PDT)
Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-333b218f2cbso54238767b3.0
        for <linux-kernel@vger.kernel.org>; Thu, 18 Aug 2022 18:35:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:mime-version:message-id:date:from:to:cc;
        bh=oZFtvhwwLycAg9JyRv4nQ5Y9An2VOnZjO51MLHku7jw=;
        b=qWGzRc+qtsOIR7eIcMor/2en6BehPZakmRgIKsISqzKA4aylG3Bx9uK0d24R2TG9qj
         2l0T9Y30KER+NWerKlR32bTm5EW+BZbJHwTH7TJRKdeJWlFcCc0FLSkdjX2SomsKjOcH
         0qYwnOvPFBMcOqejrGxRVIzBVO8+86pfHGfKtCibKY2fVZcd8IGDdgmmZ7LP8rFTuymE
         iPipzJFLfO2oYU9mkFwK4ny7HT05ckPyX4QjdduOyGDhX3X7Ufk/AJUGIi1xy00CTTyg
         aqxQ4ylzEF7doA7Bts+CqAGEpUm9o5ycEkamvu58rCQdJkZvscIY1i9nnJKFCXizcONg
         H7ag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:mime-version:message-id:date:x-gm-message-state
         :from:to:cc;
        bh=oZFtvhwwLycAg9JyRv4nQ5Y9An2VOnZjO51MLHku7jw=;
        b=Ts4pOOMcWFvB+clu+Khjn6lsys+VnrBeqhpvv7JRXtNMunq4At29dGrFRdh3tedjzH
         bnIjMm+tt5ddKXlY8aN52AewJxgKztirUefb46RLI0SSmoCTbnGMDHi3RAKiCNHx3Efy
         T0DfiFXn0oUstK0nB5SbPpM8zmS/DWUriGVhhHCSlGJy66/5SssCg2R7diAziPgllbvn
         /chKkMHhLk862LYvAkMP91Ua1SbzCAOdDERRFOFN4WKGF6gzh5vxXU5DDdbyyjYe/X15
         16u06Sp1oNmtMUgByrRgH5RazbGD0gAVzon4IAjyA5JT9GpnLgZIFZNzcvOkPjC1dFsD
         YiwA==
X-Gm-Message-State: ACgBeo3M5CAXzupMwJSyVfKCjic62XoFegMo/6EuYxv0iNZJeIGGS8S3
        OhGa/JZQXNy39ORWS2s4QefXDPI=
X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:c686:ab0e:7472:becb])
 (user=pcc job=sendgmr) by 2002:a25:c3c6:0:b0:67b:5458:c19b with SMTP id
 t189-20020a25c3c6000000b0067b5458c19bmr5361708ybf.408.1660872938706; Thu, 18
 Aug 2022 18:35:38 -0700 (PDT)
Date:   Thu, 18 Aug 2022 18:35:26 -0700
Message-Id: <20220819013526.2682765-1-pcc@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.37.1.595.g718a3a8f04-goog
Subject: [PATCH] arm64: mte: move register initialization to C
From:   Peter Collingbourne <pcc@google.com>
To:     Catalin Marinas <catalin.marinas@arm.com>
Cc:     Peter Collingbourne <pcc@google.com>,
        Evgenii Stepanov <eugenis@google.com>,
        Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
        Vincenzo Frascino <vincenzo.frascino@arm.com>,
        Andrey Konovalov <andreyknvl@gmail.com>,
        Mark Brown <broonie@kernel.org>,
        Linux ARM <linux-arm-kernel@lists.infradead.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

If FEAT_MTE2 is disabled via the arm64.nomte command line argument on a
CPU that claims to support FEAT_MTE2, the kernel will use Tagged Normal
in the MAIR. If we interpret arm64.nomte to mean that the CPU does not
in fact implement FEAT_MTE2, setting the system register like this may
lead to UNSPECIFIED behavior. Fix it by arranging for MAIR to be set
in the C function cpu_enable_mte which is called based on the sanitized
version of the system register.

There is no need for the rest of the MTE-related system register
initialization to happen from assembly, with the exception of TCR_EL1,
which must be set to include at least TBI1 because the secondary CPUs
access KASan-allocated data structures early. Therefore, make the TCR_EL1
initialization unconditional and move the rest of the initialization to
cpu_enable_mte so that we no longer have a dependency on the unsanitized
ID register value.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://linux-review.googlesource.com/id/I2c7df6bd4ea2dfc59376a8b9b5d3562b015c7198
---
 arch/arm64/kernel/cpufeature.c | 39 +++++++++++++++++++++++++++++++
 arch/arm64/mm/proc.S           | 42 ++--------------------------------
 2 files changed, 41 insertions(+), 40 deletions(-)

diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 907401e4fffb..3554ff869f4b 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -2030,8 +2030,47 @@ static void bti_enable(const struct arm64_cpu_capabilities *__unused)
 #ifdef CONFIG_ARM64_MTE
 static void cpu_enable_mte(struct arm64_cpu_capabilities const *cap)
 {
+	u64 rgsr;
+
 	sysreg_clear_set(sctlr_el1, 0, SCTLR_ELx_ATA | SCTLR_EL1_ATA0);
+
+	/*
+	 * CnP must be enabled only after the MAIR_EL1 register has been set
+	 * up. Inconsistent MAIR_EL1 between CPUs sharing the same TLB may
+	 * lead to the wrong memory type being used for a brief window during
+	 * CPU power-up.
+	 *
+	 * CnP is not a boot feature so MTE gets enabled before CnP, but let's
+	 * make sure that is the case.
+	 */
+	BUG_ON(read_sysreg(ttbr0_el1) & TTBR_CNP_BIT);
+	BUG_ON(read_sysreg(ttbr1_el1) & TTBR_CNP_BIT);
+
+	/* Normal Tagged memory type at the corresponding MAIR index */
+	sysreg_clear_set(
+		mair_el1, MAIR_ATTRIDX(MAIR_ATTR_MASK, MT_NORMAL_TAGGED),
+		MAIR_ATTRIDX(MAIR_ATTR_NORMAL_TAGGED, MT_NORMAL_TAGGED));
+
+	write_sysreg_s(KERNEL_GCR_EL1, SYS_GCR_EL1);
+
+	/*
+	 * If GCR_EL1.RRND=1 is implemented the same way as RRND=0, then
+	 * RGSR_EL1.SEED must be non-zero for IRG to produce
+	 * pseudorandom numbers. As RGSR_EL1 is UNKNOWN out of reset, we
+	 * must initialize it.
+	 */
+	rgsr = (read_sysreg(CNTVCT_EL0) << SYS_RGSR_EL1_SEED_SHIFT) &
+	       SYS_RGSR_EL1_SEED_MASK;
+	if (rgsr == 0)
+		rgsr = 1 << SYS_RGSR_EL1_SEED_SHIFT;
+	write_sysreg_s(rgsr, SYS_RGSR_EL1);
+
+	/* clear any pending tag check faults in TFSR*_EL1 */
+	write_sysreg_s(0, SYS_TFSR_EL1);
+	write_sysreg_s(0, SYS_TFSRE0_EL1);
+
 	isb();
+	local_flush_tlb_all();
 
 	/*
 	 * Clear the tags in the zero page. This needs to be done via the
diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S
index 7837a69524c5..6f01f5a54cc2 100644
--- a/arch/arm64/mm/proc.S
+++ b/arch/arm64/mm/proc.S
@@ -58,7 +58,7 @@
 
 /*
  * Default MAIR_EL1. MT_NORMAL_TAGGED is initially mapped as Normal memory and
- * changed during __cpu_setup to Normal Tagged if the system supports MTE.
+ * changed during cpu_enable_mte to Normal Tagged if the system supports MTE.
  */
 #define MAIR_EL1_SET							\
 	(MAIR_ATTRIDX(MAIR_ATTR_DEVICE_nGnRnE, MT_DEVICE_nGnRnE) |	\
@@ -426,46 +426,8 @@ SYM_FUNC_START(__cpu_setup)
 	mov_q	mair, MAIR_EL1_SET
 	mov_q	tcr, TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \
 			TCR_TG_FLAGS | TCR_KASLR_FLAGS | TCR_ASID16 | \
-			TCR_TBI0 | TCR_A1 | TCR_KASAN_SW_FLAGS
+			TCR_TBI0 | TCR_A1 | TCR_KASAN_SW_FLAGS | TCR_MTE_FLAGS
 
-#ifdef CONFIG_ARM64_MTE
-	/*
-	 * Update MAIR_EL1, GCR_EL1 and TFSR*_EL1 if MTE is supported
-	 * (ID_AA64PFR1_EL1[11:8] > 1).
-	 */
-	mrs	x10, ID_AA64PFR1_EL1
-	ubfx	x10, x10, #ID_AA64PFR1_MTE_SHIFT, #4
-	cmp	x10, #ID_AA64PFR1_MTE
-	b.lt	1f
-
-	/* Normal Tagged memory type at the corresponding MAIR index */
-	mov	x10, #MAIR_ATTR_NORMAL_TAGGED
-	bfi	mair, x10, #(8 *  MT_NORMAL_TAGGED), #8
-
-	mov	x10, #KERNEL_GCR_EL1
-	msr_s	SYS_GCR_EL1, x10
-
-	/*
-	 * If GCR_EL1.RRND=1 is implemented the same way as RRND=0, then
-	 * RGSR_EL1.SEED must be non-zero for IRG to produce
-	 * pseudorandom numbers. As RGSR_EL1 is UNKNOWN out of reset, we
-	 * must initialize it.
-	 */
-	mrs	x10, CNTVCT_EL0
-	ands	x10, x10, #SYS_RGSR_EL1_SEED_MASK
-	csinc	x10, x10, xzr, ne
-	lsl	x10, x10, #SYS_RGSR_EL1_SEED_SHIFT
-	msr_s	SYS_RGSR_EL1, x10
-
-	/* clear any pending tag check faults in TFSR*_EL1 */
-	msr_s	SYS_TFSR_EL1, xzr
-	msr_s	SYS_TFSRE0_EL1, xzr
-
-	/* set the TCR_EL1 bits */
-	mov_q	x10, TCR_MTE_FLAGS
-	orr	tcr, tcr, x10
-1:
-#endif
 	tcr_clear_errata_bits tcr, x9, x5
 
 #ifdef CONFIG_ARM64_VA_BITS_52
-- 
2.37.1.595.g718a3a8f04-goog