Re: Re: [PATCH] ARM: OMAP2+: Add support for thumb mode on DT bootedN900

From: Ivaylo Dimitrov
Date: Wed Feb 05 2014 - 15:31:07 EST


Hi,

On 5.02.2014 19:17, Sebastian Reichel wrote:
Hi,

On Wed, Feb 05, 2014 at 05:38:54PM +0100, Pali Rohár wrote:
I assumed, that the workaround is not needed for this device type.

That rx51 secure call must not be called on non secure devices (e.g.
qemu), because it cause kernel crash. So I thought that kernel should
write something like secure call is disabled on that device types.
Kernel code for errata 430973 will update ibe bit for non secure
devices.

Do you see any advantage in having that message?


AIUI it will appear only when booting the kernel in "qemu -m rx51...", I am not aware of any other non-secure device manifesting itself as RX51. So there is little advantage of having that additional message IMO.

I just added the warning for missing CONFIG_ARM_ERRATA_430973,
because its very likely a misconfigured kernel.

Yes, it can be misconfigured kernel, but if you do not have any thumb
binary (like stock Maemo 5 system), then it is safe and OK.

I think running this kernel may also be a potential security
problem. If I understand it right the ARM core is left in an
unstable state when you run Thumb code, so this may result in
funny effects in the kernel?

-- Sebastian


In theory having that workaround disabled might be a security problem, but honestly, knowing its nature I don't think it is easily exploitable, if at all. The final result when bitten by it is a SIGILL, but in userspace, not in the kernel(assuming the kernel is ARM), and userspace runs in totally different mode (nonsecure, nonprivileged) compared to the kernel(nonsecure, privileged) and IIRC every mode has its own set of stack, registers etc. BTW I don't think the kernel itself can be thumb2-compiled for cores with that errata, but I might wrong. Also, as Pali noted, the problem appears if and only if there is an userspace binary containing thumb2 code. If all of the userspace is pure ARM, there is no problem. And as the errata workaround has its drawbacks (BTB is cleared on every context switch which affects performance), one might want to not have it enabled. Maybe that warning should be spit only if CONFIG_THUMB2_KERNEL (or whatever the option was) is enabled. Though if that option is enabled I'd rather #error during compile time if errata workaround is not enabled, instead of printing a warning while booting a system that will crash in a matter of seconds.

Ivo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/