Re: [PATCH v4 09/12] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2

From: Andre Przywara
Date: Thu Jan 31 2019 - 12:55:12 EST

Next message: Srinivas Kandagatla: "Re: [PATCH v4 3/5] misc: fastrpc: Add support for context Invoke method"
Previous message: Andre Przywara: "Re: [PATCH v4 08/12] arm64: Advertise mitigation of Spectre-v2, or lack thereof"
In reply to: Jeremy Linton: "[PATCH v4 09/12] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2"
Next in thread: Jeremy Linton: "[PATCH v4 07/12] arm64: add sysfs vulnerability show for meltdown"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 25 Jan 2019 12:07:08 -0600
Jeremy Linton <jeremy.linton@xxxxxxx> wrote:

> From: Marc Zyngier <marc.zyngier@xxxxxxx>
>
> The SMCCC ARCH_WORKAROUND_1 service can indicate that although the
> firmware knows about the Spectre-v2 mitigation, this particular
> CPU is not vulnerable, and it is thus not necessary to call
> the firmware on this CPU.
>
> Let's use this information to our benefit.
>
> Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx>
> Signed-off-by: Jeremy Linton <jeremy.linton@xxxxxxx>

Yes, I stumbled over this in the firmware spec as well:

Reviewed-by: Andre Przywara <andre.przywara@xxxxxxx>

Cheers,
Andre.

> ---
> arch/arm64/kernel/cpu_errata.c | 32 +++++++++++++++++++++++---------
> 1 file changed, 23 insertions(+), 9 deletions(-)
>
> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> index 4d23b4d4cfa8..024c83ffff99 100644
> --- a/arch/arm64/kernel/cpu_errata.c
> +++ b/arch/arm64/kernel/cpu_errata.c
> @@ -217,22 +217,36 @@ static int detect_harden_bp_fw(void)
> case PSCI_CONDUIT_HVC:
> arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
> ARM_SMCCC_ARCH_WORKAROUND_1, &res);
> - if ((int)res.a0 < 0)
> + switch ((int)res.a0) {
> + case 1:
> + /* Firmware says we're just fine */
> + return 0;
> + case 0:
> + cb = call_hvc_arch_workaround_1;
> + /* This is a guest, no need to patch KVM vectors */
> + smccc_start = NULL;
> + smccc_end = NULL;
> + break;
> + default:
> return -1;
> - cb = call_hvc_arch_workaround_1;
> - /* This is a guest, no need to patch KVM vectors */
> - smccc_start = NULL;
> - smccc_end = NULL;
> + }
> break;
>
> case PSCI_CONDUIT_SMC:
> arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
> ARM_SMCCC_ARCH_WORKAROUND_1, &res);
> - if ((int)res.a0 < 0)
> + switch ((int)res.a0) {
> + case 1:
> + /* Firmware says we're just fine */
> + return 0;
> + case 0:
> + cb = call_smc_arch_workaround_1;
> + smccc_start = __smccc_workaround_1_smc_start;
> + smccc_end = __smccc_workaround_1_smc_end;
> + break;
> + default:
> return -1;
> - cb = call_smc_arch_workaround_1;
> - smccc_start = __smccc_workaround_1_smc_start;
> - smccc_end = __smccc_workaround_1_smc_end;
> + }
> break;
>
> default:

Next message: Srinivas Kandagatla: "Re: [PATCH v4 3/5] misc: fastrpc: Add support for context Invoke method"
Previous message: Andre Przywara: "Re: [PATCH v4 08/12] arm64: Advertise mitigation of Spectre-v2, or lack thereof"
In reply to: Jeremy Linton: "[PATCH v4 09/12] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2"
Next in thread: Jeremy Linton: "[PATCH v4 07/12] arm64: add sysfs vulnerability show for meltdown"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]