[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH v3 10/17] xen/arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
On 21/02/18 16:07, Andre Przywara wrote:
Hi,
Hi Andre,
On 15/02/18 15:02, Julien Grall wrote:
Add the detection and runtime code for ARM_SMCCC_ARCH_WORKAROUND_1.
Signed-off-by: Julien Grall <julien.grall@xxxxxxx>
---
Changes in v3:
- Add the missing call to smc #0.
Changes in v2:
- Patch added
---
xen/arch/arm/arm64/bpi.S | 13 +++++++++++++
xen/arch/arm/cpuerrata.c | 32 +++++++++++++++++++++++++++++++-
xen/include/asm-arm/smccc.h | 1 +
3 files changed, 45 insertions(+), 1 deletion(-)
diff --git a/xen/arch/arm/arm64/bpi.S b/xen/arch/arm/arm64/bpi.S
index 4b7f1dc21f..981fb83a88 100644
--- a/xen/arch/arm/arm64/bpi.S
+++ b/xen/arch/arm/arm64/bpi.S
@@ -16,6 +16,8 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#include <asm/smccc.h>
+
.macro ventry target
.rept 31
nop
@@ -81,6 +83,17 @@ ENTRY(__psci_hyp_bp_inval_start)
add sp, sp, #(8 * 18)
ENTRY(__psci_hyp_bp_inval_end)
+ENTRY(__smccc_workaround_1_smc_start)
+ sub sp, sp, #(8 * 4)
+ stp x2, x3, [sp, #(8 * 0)]
+ stp x0, x1, [sp, #(8 * 2)]
+ mov w0, #ARM_SMCCC_ARCH_WORKAROUND_1_FID
+ smc #0
+ ldp x2, x3, [sp, #(8 * 0)]
+ ldp x0, x1, [sp, #(8 * 2)]
I was expecting the restore to *mirror* the saving order, so x0, x1
first, then x2, x3. The code you have is correct, but somewhat
surprising. I wonder if you could just swap those two lines.
Or even better: you swap the store commands above, so that they match
what a push sequence would look like (higher addresses first).
I will choose this solution.
+ add sp, sp, #(8 * 4)
+ENTRY(__smccc_workaround_1_smc_end)
+
/*
* Local variables:
* mode: ASM
diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c
index 8d5f8d372a..dec9074422 100644
--- a/xen/arch/arm/cpuerrata.c
+++ b/xen/arch/arm/cpuerrata.c
@@ -147,6 +147,34 @@ install_bp_hardening_vec(const struct arm_cpu_capabilities
*entry,
return ret;
}
+extern char __smccc_workaround_1_smc_start[], __smccc_workaround_1_smc_end[];
+
+static bool
+check_smccc_arch_workaround_1(const struct arm_cpu_capabilities *entry)
+{
+ struct arm_smccc_res res;
+
+ /*
+ * Enable callbacks are called on every CPU based on the
+ * capabilities. So double-check whether the CPU matches the
+ * entry.
+ */
+ if ( !entry->matches(entry) )
+ return false;
+
+ if ( smccc_ver < SMCCC_VERSION(1, 1) )
+ return false;
+
I guess we are calling the actual workaround function here to ultimately
know if that is implemented? And we know that this function isn't
harmful to call in any case?
What do you mean? This is very similar to what we do in
enable_psci_bp_hardening. Except here we say the platform does not have
SMCCC 1.1, so fallback to another solution.
Can you add a comment stating this here?
Stating what? It is clear enough that you can't call arm_smccc_1_1_smc
if the SMCCC version is not 1.1 (or later).
Otherwise it's slightly
confusing to see the actual call in the function actually called check_
and installing the workaround.
Please see the follow-up patch. The current naming makes sense because
we will fallback the PSCI one if not working.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
