[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v3 10/17] xen/arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
On Thu, 15 Feb 2018, Julien Grall wrote: > Add the detection and runtime code for ARM_SMCCC_ARCH_WORKAROUND_1. > > Signed-off-by: Julien Grall <julien.grall@xxxxxxx> > > --- > Changes in v3: > - Add the missing call to smc #0. > > Changes in v2: > - Patch added > --- > xen/arch/arm/arm64/bpi.S | 13 +++++++++++++ > xen/arch/arm/cpuerrata.c | 32 +++++++++++++++++++++++++++++++- > xen/include/asm-arm/smccc.h | 1 + > 3 files changed, 45 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/arm64/bpi.S b/xen/arch/arm/arm64/bpi.S > index 4b7f1dc21f..981fb83a88 100644 > --- a/xen/arch/arm/arm64/bpi.S > +++ b/xen/arch/arm/arm64/bpi.S > @@ -16,6 +16,8 @@ > * along with this program. If not, see <http://www.gnu.org/licenses/>. > */ > > +#include <asm/smccc.h> > + > .macro ventry target > .rept 31 > nop > @@ -81,6 +83,17 @@ ENTRY(__psci_hyp_bp_inval_start) > add sp, sp, #(8 * 18) > ENTRY(__psci_hyp_bp_inval_end) > > +ENTRY(__smccc_workaround_1_smc_start) > + sub sp, sp, #(8 * 4) > + stp x2, x3, [sp, #(8 * 0)] > + stp x0, x1, [sp, #(8 * 2)] > + mov w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID > + smc #0 > + ldp x2, x3, [sp, #(8 * 0)] > + ldp x0, x1, [sp, #(8 * 2)] > + add sp, sp, #(8 * 4) > +ENTRY(__smccc_workaround_1_smc_end) > + > /* > * Local variables: > * mode: ASM > diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c > index 8d5f8d372a..dec9074422 100644 > --- a/xen/arch/arm/cpuerrata.c > +++ b/xen/arch/arm/cpuerrata.c > @@ -147,6 +147,34 @@ install_bp_hardening_vec(const struct > arm_cpu_capabilities *entry, > return ret; > } > > +extern char __smccc_workaround_1_smc_start[], __smccc_workaround_1_smc_end[]; > + > +static bool > +check_smccc_arch_workaround_1(const struct arm_cpu_capabilities *entry) > +{ > + struct arm_smccc_res res; > + > + /* > + * Enable callbacks are called on every CPU based on the > + * capabilities. So double-check whether the CPU matches the > + * entry. > + */ > + if ( !entry->matches(entry) ) > + return false; I think this should be return true? > + if ( smccc_ver < SMCCC_VERSION(1, 1) ) > + return false; > + > + arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, > + ARM_SMCCC_ARCH_WORKAROUND_1_FID, &res); > + if ( res.a0 != ARM_SMCCC_SUCCESS ) > + return false; > + > + return install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start, > + __smccc_workaround_1_smc_end, > + "call ARM_SMCCC_ARCH_WORKAROUND_1"); > +} > + > extern char __psci_hyp_bp_inval_start[], __psci_hyp_bp_inval_end[]; > > static int enable_psci_bp_hardening(void *data) > @@ -154,12 +182,14 @@ static int enable_psci_bp_hardening(void *data) > bool ret = true; > static bool warned = false; > > + if ( check_smccc_arch_workaround_1(data) ) > + return 0; > /* > * The mitigation is using PSCI version function to invalidate the > * branch predictor. This function is only available with PSCI 0.2 > * and later. > */ > - if ( psci_ver >= PSCI_VERSION(0, 2) ) > + else if ( psci_ver >= PSCI_VERSION(0, 2) ) > ret = install_bp_hardening_vec(data, __psci_hyp_bp_inval_start, > __psci_hyp_bp_inval_end, > "call PSCI get version"); > diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h > index 154772b728..8342cc33fe 100644 > --- a/xen/include/asm-arm/smccc.h > +++ b/xen/include/asm-arm/smccc.h > @@ -261,6 +261,7 @@ struct arm_smccc_res { > /* SMCCC error codes */ > #define ARM_SMCCC_ERR_UNKNOWN_FUNCTION (-1) > #define ARM_SMCCC_NOT_SUPPORTED (-1) > +#define ARM_SMCCC_SUCCESS (0) > > /* SMCCC function identifier range which is reserved for existing APIs */ > #define ARM_SMCCC_RESERVED_RANGE_START 0x0 > -- > 2.11.0 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |