[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-next v2 0/2] xen/arm: Mitigate straight-line speculation


  • To: Julien Grall <julien@xxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Mon, 15 Mar 2021 13:32:37 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JGhOE4Py5arD3lbQI3F0gQPD07n7M5jkSpK9CzuCtLQ=; b=dpjFS3ld6yhaES4stluOHypoWcdYcsiANtz4K+NxsKSO5QiirtQYdgY1Xt/DroLMkTLrwHXlG6oNmHwCa/hqg6biSTLW+yyqqpfOW6k4XOL/N3PACz1TO1ySwEJFYF1iTACEh+xGLyHhNbuQH8gHGuhATwnzhV/uGz9NeTIunkjcNnUhy2pDTvHK9dPE2vGdTgLzuu0EWl/tRUAR3F/b2Ghk29ZP4oJ2KZjCM5YfU/KGLm4d6sDph59iEZrLWoaQb5kSMuAPIKRH80tqdhXKmdyW1zFD+WB4zgN2y98PWAtPJ97U5rbgpXHpppqVLm5AaBZBkZEo65XCCSBzSRW39Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=egNvqjpc1yPJ0lGEsLawvu4XzXlZBVzsrSiyXZwesa9MPflPjehvn4YViQqyx1A+ZtsZZ8/N90Pho7vHhlDBEBHKpyNevGCqYOY++9yTnhgEj6srqPTwzDsCsK84tWOoTKBMDwEuOCqq+fDkhvFf5tLRJ2NGaAXJMiIc8Lb3+sC6GLNWJTTiJ3J35NBWRs0lRnXaqXUCtFLSdw+jzBIAZ8AQHfzC9ZKIqiBk7aS30w54H/7x1MavPALE4JLCm6vYb8obX3kAv9WR97r2eU7TNpgFolKjxag4VL1D+dYsvYbPz3UmU/nuOzeVLBAfXMRklN2PyYPY3Js7m3PGdjCugQ==
  • Authentication-results-original: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Mon, 15 Mar 2021 13:32:59 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHXGCLVbl4hty1bX0WFvkxXr3KxFaqFDwwA
  • Thread-topic: [PATCH for-next v2 0/2] xen/arm: Mitigate straight-line speculation

Hi Julien,

> On 13 Mar 2021, at 16:06, Julien Grall <julien@xxxxxxx> wrote:
> 
> From: Julien Grall <jgrall@xxxxxxxxxx>
> 
> Hi all,
> 
> Last year, Arm released a whitepaper about a new category of speculation.
> (see [1] and [2]). In short, a processor may be able to speculate past
> some of the unconditional control flow instructions (e.g eret, smc, br).
> 
> In some of the cases, the registers will contain values controlled by
> the guest. While there is no known gadget afterwards, we still want to
> prevent any leakage in the future.
> 
> The mitigation is planned in two parts:
>   1) Arm provided patches for both GCC and LLVM to add speculation barrier
>   and remove problematic code sequence.
>   2) Inspection of assembly code and call to higher level (e.g smc in our 
> case).
> 
> I still haven't looked at 1) and how to mitigate properly Arm32 (see
> patch #1) and SMC call. So this issue is not fully addressed.
> 
> Note that the ERET instruction was already addressed as part of XSA-312.

On my tests, this serie is breaking the arm64 build:
| aarch64-poky-linux-ld 
--sysroot=/home/bermar01/Development/xen-dev/build/profile-fvp-base.prj/tmp/work/fvp_base-poky-linux/xen/4.15+git1-r0/recipe-sysroot
         -EL  --fix-cortex-a53-843419 --fix-cortex-a53-843419 -r -o built_in.o 
memcpy.o memcmp.o memmove.o memset.o memchr.o clear_page.o bitops.o 
find_next_bit.o strchr.o strcmp.o strlen.o strncmp.o strnlen.o strrchr.o
| arm64/head.S: Assembler messages:
| arm64/head.S:305: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Boot CPU booting -\r\n")'
| arm64/head.S:331: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Ready -\r\n")'
| arm64/head.S:365: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
CPU ")'
| make[6]: Leaving directory 
'/home/bermar01/Development/xen-dev/build/profile-fvp-base.prj/tmp/work/fvp_base-poky-linux/xen/4.15+git1-r0/local-xen/xen/xen/arch/arm/arm64/lib'
| arm64/head.S:367: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, " 
booting -\r\n")'
| arm64/head.S:398: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Ready -\r\n")'
| arm64/head.S:412: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Current EL ")'
| arm64/head.S:415: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, " 
-\r\n")'
| arm64/head.S:424: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Xen must be entered in NS EL2 mode -\r\n")'
| arm64/head.S:425: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Please update the bootloader -\r\n")'
| arm64/head.S:441: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Zero BSS -\r\n")'
| arm64/head.S:459: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Initialize CPU -\r\n")'
| arm64/head.S:654: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Unable to build boot page tables - virt and phys addresses clash. -\r\n")'
| arm64/head.S:666: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Turning on paging -\r\n")'
| arm64/head.S:800: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
Boot failed -\r\n")'
| arm64/head.S:848: Error: unknown mnemonic `rodata_str' -- `rodata_str(98, "- 
UART enabled -\r\n")'
| {standard input}: Error: local label `"98" (instance number 1 of a fb label)' 
is not defined
| 
/home/bermar01/Development/xen-dev/build/profile-fvp-base.prj/tmp/work/fvp_base-poky-linux/xen/4.15+git1-r0/local-xen/xen/xen/Rules.mk:204:
 recipe for target 'arm64/head.o' failed

This was done adding your 2 patches on top of current staging.

Cheers
Bertrand

> 
> Cheers,
> 
> [1] 
> https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
> [2] 
> https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
> 
> Julien Grall (2):
>  xen/arm: Include asm/asm-offsets.h and asm/macros.h on every assembly
>    files
>  xen/arm64: Place a speculation barrier following an ret instruction
> 
> xen/arch/arm/Makefile                |  2 +-
> xen/arch/arm/arm32/entry.S           |  2 +-
> xen/arch/arm/arm32/head.S            |  1 -
> xen/arch/arm/arm32/lib/lib1funcs.S   |  1 +
> xen/arch/arm/arm32/proc-v7.S         |  1 -
> xen/arch/arm/arm64/debug-cadence.inc |  1 -
> xen/arch/arm/arm64/debug-pl011.inc   |  2 --
> xen/arch/arm/arm64/entry.S           |  2 --
> xen/arch/arm/arm64/head.S            |  2 --
> xen/arch/arm/arm64/smc.S             |  3 ---
> xen/include/asm-arm/arm64/macros.h   |  6 ++++++
> xen/include/asm-arm/config.h         |  6 ++++++
> xen/include/asm-arm/macros.h         | 18 +++++++++---------
> 13 files changed, 24 insertions(+), 23 deletions(-)
> 
> -- 
> 2.17.1
> 




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.