[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] xen/arm: Warn user on cpu errata 832075
commit 6e2ee3dfd660d9fde96243da7d565244b4d2f164 Author: Bertrand Marquis <bertrand.marquis@xxxxxxx> AuthorDate: Mon Oct 26 16:21:33 2020 +0000 Commit: Stefano Stabellini <sstabellini@xxxxxxxxxx> CommitDate: Thu Oct 29 14:09:38 2020 -0700 xen/arm: Warn user on cpu errata 832075 When a Cortex A57 processor is affected by CPU errata 832075, a guest not implementing the workaround for it could deadlock the system. Add a warning during boot informing the user that only trusted guests should be executed on the system. An equivalent warning is already given to the user by KVM on cores affected by this errata. Also taint the hypervisor as unsecure when this errata applies and mention Cortex A57 r0p0 - r1p2 as not security supported in SUPPORT.md Signed-off-by: Bertrand Marquis <bertrand.marquis@xxxxxxx> Reviewed-by: Julien Grall <jgrall@xxxxxxxxxx> [fix SUPPORT.md style, 3 printk lines instead of 4] Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx> --- SUPPORT.md | 3 +++ xen/arch/arm/cpuerrata.c | 12 ++++++++++++ 2 files changed, 15 insertions(+) diff --git a/SUPPORT.md b/SUPPORT.md index 5fbe5fc444..88d4bc7384 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -38,6 +38,9 @@ supported in this document. ### ARM v8 Status: Supported + Status, Cortex A57 r0p0-r1p1: Supported, not security supported + +For the Cortex A57 r0p0 - r1p1, see Errata 832075. ## Host hardware support diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 0430069a84..6731d873e8 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -503,6 +503,18 @@ void check_local_cpu_errata(void) void __init enable_errata_workarounds(void) { enable_cpu_capabilities(arm_errata); + +#ifdef CONFIG_ARM64_ERRATUM_832075 + if ( cpus_have_cap(ARM64_WORKAROUND_DEVICE_LOAD_ACQUIRE) ) + { + printk_once("**** This CPU is affected by the errata 832075. ****\n" + "**** Guests without CPU erratum workarounds can deadlock the system! ****\n" + "**** Only trusted guests should be used. ****\n"); + + /* Taint the machine has being insecure */ + add_taint(TAINT_MACHINE_UNSECURE); + } +#endif } static int cpu_errata_callback(struct notifier_block *nfb, -- generated by git-patchbot for /home/xen/git/xen.git#master
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |