Xen project Mailing List

Re: [Xen-devel] [PATCH] xen/arm: Relax ARM_SMCCC_ARCH_WORKAROUND_1 discovery

To: Julien Grall <julien.grall@xxxxxxx>

From: Stefano Stabellini <sstabellini@xxxxxxxxxx>

Date: Fri, 16 Mar 2018 13:27:43 -0700 (PDT)

Authentication-results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org

Authentication-results: mail.kernel.org; spf=none smtp.mailfrom=sstabellini@xxxxxxxxxx

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, sstabellini@xxxxxxxxxx, andre.przywara@xxxxxxx

Delivery-date: Fri, 16 Mar 2018 20:27:50 +0000

Dmarc-filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5867821742

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, 12 Mar 2018, julien.grall@xxxxxxx wrote: > From: Julien Grall <julien.grall@xxxxxxx> > > A recent update to the ARM SMCCC_ARCH_WORKAROUND_1 specification (see [1]) > allows firmware to return a non zero, positive value, to describe that > although the mitigation is implemented at the higher exception level, > the CPU on which the call is made is not affected. > > Relax the check on the return value from ARM_WORKAROUND_1 so that we > only error out if the returned value is negative. > > [1] https://developer.arm.com/support/security-update/downloads > "Firmware interfaces for mitigating CVE-2017-5715 System Software on Arm > Systems" > > Signed-off-by: Julien Grall <julien.grall@xxxxxxx> Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx> > --- > This patch should be backported as part of XSA-254. > > There are potential more optimization to do as part of this > relaxation. For instance, we dropping the CPU ID recognition and > only look ad the SMCCC. Indeed there are. I assume more patches will be coming? > --- > xen/arch/arm/cpuerrata.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c > index 4eb1567589..1baa20654b 100644 > --- a/xen/arch/arm/cpuerrata.c > +++ b/xen/arch/arm/cpuerrata.c > @@ -168,7 +168,8 @@ static int enable_smccc_arch_workaround_1(void *data) > > arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID, > ARM_SMCCC_ARCH_WORKAROUND_1_FID, &res); > - if ( res.a0 != ARM_SMCCC_SUCCESS ) > + /* The return value is in the lower 32-bits. */ > + if ( (int)res.a0 < 0 ) > goto warn; > > return !install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start, > -- > 2.11.0 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.