From: Mark Rutland <mark.rutland@arm.com>
To: stable@vger.kernel.org
Cc: mark.brown@linaro.org, ard.biesheuvel@linaro.org,
marc.zyngier@arm.com, will.deacon@arm.com,
catalin.marinas@arm.com, ghackmann@google.com,
shankerd@codeaurora.org
Subject: [PATCH v4.9.y 02/42] arm64: Implement array_index_mask_nospec()
Date: Thu, 12 Apr 2018 12:10:58 +0100 [thread overview]
Message-ID: <20180412111138.40990-3-mark.rutland@arm.com> (raw)
In-Reply-To: <20180412111138.40990-1-mark.rutland@arm.com>
From: Robin Murphy <robin.murphy@arm.com>
commit 022620eed3d0bc4bf2027326f599f5ad71c2ea3f upstream.
Provide an optimised, assembly implementation of array_index_mask_nospec()
for arm64 so that the compiler is not in a position to transform the code
in ways which affect its ability to inhibit speculation (e.g. by introducing
conditional branches).
This is similar to the sequence used by x86, modulo architectural differences
in the carry/borrow flags.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Mark Rutland <mark.rutland@arm.com> [v4.9 backport]
---
arch/arm64/include/asm/barrier.h | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/arch/arm64/include/asm/barrier.h b/arch/arm64/include/asm/barrier.h
index c68fdc5707ed..0b0755c961ac 100644
--- a/arch/arm64/include/asm/barrier.h
+++ b/arch/arm64/include/asm/barrier.h
@@ -40,6 +40,27 @@
#define dma_rmb() dmb(oshld)
#define dma_wmb() dmb(oshst)
+/*
+ * Generate a mask for array_index__nospec() that is ~0UL when 0 <= idx < sz
+ * and 0 otherwise.
+ */
+#define array_index_mask_nospec array_index_mask_nospec
+static inline unsigned long array_index_mask_nospec(unsigned long idx,
+ unsigned long sz)
+{
+ unsigned long mask;
+
+ asm volatile(
+ " cmp %1, %2\n"
+ " sbc %0, xzr, xzr\n"
+ : "=r" (mask)
+ : "r" (idx), "Ir" (sz)
+ : "cc");
+
+ csdb();
+ return mask;
+}
+
#define __smp_mb() dmb(ish)
#define __smp_rmb() dmb(ishld)
#define __smp_wmb() dmb(ishst)
--
2.11.0
next prev parent reply other threads:[~2018-04-12 11:11 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-12 11:10 [PATCH v4.9.y 00/42] arm64 spectre patches Mark Rutland
2018-04-12 11:10 ` [PATCH v4.9.y 01/42] arm64: barrier: Add CSDB macros to control data-value prediction Mark Rutland
2018-04-12 11:10 ` Mark Rutland [this message]
2018-04-12 11:10 ` [PATCH v4.9.y 03/42] arm64: move TASK_* definitions to <asm/processor.h> Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 04/42] arm64: Make USER_DS an inclusive limit Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 05/42] arm64: Use pointer masking to limit uaccess speculation Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 06/42] arm64: entry: Ensure branch through syscall table is bounded under speculation Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 07/42] arm64: uaccess: Prevent speculative use of the current addr_limit Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 08/42] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 09/42] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 10/42] arm64: futex: Mask __user pointers prior to dereference Mark Rutland
2018-04-17 12:10 ` Greg KH
2018-04-18 10:56 ` Mark Rutland
2018-04-19 7:02 ` Greg KH
2018-04-12 11:11 ` [PATCH v4.9.y 11/42] arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 12/42] arm64: Run enable method for errata work arounds on late CPUs Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 13/42] arm64: cpufeature: Pass capability structure to ->enable callback Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 14/42] drivers/firmware: Expose psci_get_version through psci_ops structure Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 15/42] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 16/42] arm64: Move post_ttbr_update_workaround to C code Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 17/42] arm64: Add skeleton to harden the branch predictor against aliasing attacks Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 18/42] arm64: Move BP hardening to check_and_switch_context Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 19/42] mm: Introduce lm_alias Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 20/42] arm64: KVM: Use per-CPU vector when BP hardening is enabled Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 21/42] arm64: entry: Apply BP hardening for high-priority synchronous exceptions Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 22/42] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 23/42] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 24/42] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 25/42] arm64: Implement branch predictor hardening for affected Cortex-A CPUs Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 26/42] arm64: Branch predictor hardening for Cavium ThunderX2 Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 27/42] arm64: KVM: Increment PC after handling an SMC trap Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 28/42] arm/arm64: KVM: Consolidate the PSCI include files Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 29/42] arm/arm64: KVM: Add PSCI_VERSION helper Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 30/42] arm/arm64: KVM: Add smccc accessors to PSCI code Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 31/42] arm/arm64: KVM: Implement PSCI 1.0 support Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 32/42] arm/arm64: KVM: Advertise SMCCC v1.1 Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 33/42] arm64: KVM: Make PSCI_VERSION a fast path Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 34/42] arm/arm64: KVM: Turn kvm_psci_version into a static inline Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 35/42] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 36/42] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 37/42] firmware/psci: Expose PSCI conduit Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 38/42] firmware/psci: Expose SMCCC version through psci_ops Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 39/42] arm/arm64: smccc: Make function identifiers an unsigned quantity Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 40/42] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 41/42] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support Mark Rutland
2018-04-12 11:11 ` [PATCH v4.9.y 42/42] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround Mark Rutland
2018-04-12 16:39 ` [PATCH v4.9.y 00/42] arm64 spectre patches Greg Hackmann
2018-04-17 12:15 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180412111138.40990-3-mark.rutland@arm.com \
--to=mark.rutland@arm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=ghackmann@google.com \
--cc=marc.zyngier@arm.com \
--cc=mark.brown@linaro.org \
--cc=shankerd@codeaurora.org \
--cc=stable@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.