* [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873
@ 2018-09-27 16:15 Marc Zyngier
2018-09-27 16:15 ` [PATCH 1/7] arm64: Add decoding macros for CP15_32 and CP15_64 traps Marc Zyngier
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
Early revisions of Cortex-A76 suffer from erratum 1188873 which reads
"MRC read following MRRC read of specific Generic Timer in AArch32
might give incorrect result" (see [1], registration required...).
The workaround is to trap all EL0 accesses to the virtual timer (as
well as CNTFRQ_EL0) and emulate it at EL1 (EL2 if running VHE). This
results in some infrastructure for handling AArch32 CP15 traps at EL1,
with all the joy of handling conditional instructions and IT
advance... A lot of that code comes from KVM, and could potentially be
shared. Most of these patches were posted as part of a different
series about a year ago[2]
[1] https://silver.arm.com/download/Documentation/BX500-DA-10008-r0p0-00rel0/Arm_Cortex-A76_MP052_Software_Developer_Errata_Notice_v9.pdf
[2] http://lists.infradead.org/pipermail/linux-arm-kernel/2017-July/520426.html
Marc Zyngier (7):
arm64: Add decoding macros for CP15_32 and CP15_64 traps
arm64: compat: Add separate CP15 trapping hook
arm64: compat: Add condition code checks and IT advance
arm64: compat: Add cp15_32 and cp15_64 handler arrays
arm64: compat: Add CNTVCT trap handler
arm64: compat: Add CNTFRQ trap handler
arm64: arch_timer: Add workaround for ARM erratum 1188873
arch/arm64/Kconfig | 12 +++
arch/arm64/include/asm/cpucaps.h | 3 +-
arch/arm64/include/asm/cputype.h | 2 +
arch/arm64/include/asm/esr.h | 58 ++++++++++
arch/arm64/kernel/cpu_errata.c | 8 ++
arch/arm64/kernel/entry.S | 15 ++-
arch/arm64/kernel/traps.c | 155 +++++++++++++++++++++++++++
drivers/clocksource/arm_arch_timer.c | 15 +++
8 files changed, 265 insertions(+), 3 deletions(-)
--
2.19.0
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/7] arm64: Add decoding macros for CP15_32 and CP15_64 traps
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 2/7] arm64: compat: Add separate CP15 trapping hook Marc Zyngier
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
So far, we don't have anything to help decoding ESR_ELx when dealing
with ESR_ELx_EC_CP15_{32,64}. As we're about to handle some of those,
let's add some useful macros.
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/include/asm/esr.h | 52 ++++++++++++++++++++++++++++++++++++
1 file changed, 52 insertions(+)
diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h
index ce70c3ffb993..bfd27753a59d 100644
--- a/arch/arm64/include/asm/esr.h
+++ b/arch/arm64/include/asm/esr.h
@@ -249,6 +249,58 @@
#define ESR_ELx_FP_EXC_TFV (UL(1) << 23)
+/*
+ * ISS field definitions for CP15 accesses
+ */
+#define ESR_ELx_CP15_32_ISS_DIR_MASK 0x1
+#define ESR_ELx_CP15_32_ISS_DIR_READ 0x1
+#define ESR_ELx_CP15_32_ISS_DIR_WRITE 0x0
+
+#define ESR_ELx_CP15_32_ISS_RT_SHIFT 5
+#define ESR_ELx_CP15_32_ISS_RT_MASK (UL(0x1f) << ESR_ELx_CP15_32_ISS_RT_SHIFT)
+#define ESR_ELx_CP15_32_ISS_CRM_SHIFT 1
+#define ESR_ELx_CP15_32_ISS_CRM_MASK (UL(0xf) << ESR_ELx_CP15_32_ISS_CRM_SHIFT)
+#define ESR_ELx_CP15_32_ISS_CRN_SHIFT 10
+#define ESR_ELx_CP15_32_ISS_CRN_MASK (UL(0xf) << ESR_ELx_CP15_32_ISS_CRN_SHIFT)
+#define ESR_ELx_CP15_32_ISS_OP1_SHIFT 14
+#define ESR_ELx_CP15_32_ISS_OP1_MASK (UL(0x7) << ESR_ELx_CP15_32_ISS_OP1_SHIFT)
+#define ESR_ELx_CP15_32_ISS_OP2_SHIFT 17
+#define ESR_ELx_CP15_32_ISS_OP2_MASK (UL(0x7) << ESR_ELx_CP15_32_ISS_OP2_SHIFT)
+
+#define ESR_ELx_CP15_32_ISS_SYS_MASK (ESR_ELx_CP15_32_ISS_OP1_MASK | \
+ ESR_ELx_CP15_32_ISS_OP2_MASK | \
+ ESR_ELx_CP15_32_ISS_CRN_MASK | \
+ ESR_ELx_CP15_32_ISS_CRM_MASK | \
+ ESR_ELx_CP15_32_ISS_DIR_MASK)
+#define ESR_ELx_CP15_32_ISS_SYS_VAL(op1, op2, crn, crm) \
+ (((op1) << ESR_ELx_CP15_32_ISS_OP1_SHIFT) | \
+ ((op2) << ESR_ELx_CP15_32_ISS_OP2_SHIFT) | \
+ ((crn) << ESR_ELx_CP15_32_ISS_CRN_SHIFT) | \
+ ((crm) << ESR_ELx_CP15_32_ISS_CRM_SHIFT))
+
+#define ESR_ELx_CP15_64_ISS_DIR_MASK 0x1
+#define ESR_ELx_CP15_64_ISS_DIR_READ 0x1
+#define ESR_ELx_CP15_64_ISS_DIR_WRITE 0x0
+
+#define ESR_ELx_CP15_64_ISS_RT_SHIFT 5
+#define ESR_ELx_CP15_64_ISS_RT_MASK (UL(0x1f) << ESR_ELx_CP15_64_ISS_RT_SHIFT)
+
+#define ESR_ELx_CP15_64_ISS_RT2_SHIFT 10
+#define ESR_ELx_CP15_64_ISS_RT2_MASK (UL(0x1f) << ESR_ELx_CP15_64_ISS_RT2_SHIFT)
+
+#define ESR_ELx_CP15_64_ISS_OP1_SHIFT 16
+#define ESR_ELx_CP15_64_ISS_OP1_MASK (UL(0xf) << ESR_ELx_CP15_64_ISS_OP1_SHIFT)
+#define ESR_ELx_CP15_64_ISS_CRM_SHIFT 1
+#define ESR_ELx_CP15_64_ISS_CRM_MASK (UL(0xf) << ESR_ELx_CP15_64_ISS_CRM_SHIFT)
+
+#define ESR_ELx_CP15_64_ISS_SYS_VAL(op1, crm) \
+ (((op1) << ESR_ELx_CP15_64_ISS_OP1_SHIFT) | \
+ ((crm) << ESR_ELx_CP15_64_ISS_CRM_SHIFT))
+
+#define ESR_ELx_CP15_64_ISS_SYS_MASK (ESR_ELx_CP15_64_ISS_OP1_MASK | \
+ ESR_ELx_CP15_64_ISS_CRM_MASK | \
+ ESR_ELx_CP15_64_ISS_DIR_MASK)
+
#ifndef __ASSEMBLY__
#include <asm/types.h>
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/7] arm64: compat: Add separate CP15 trapping hook
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
2018-09-27 16:15 ` [PATCH 1/7] arm64: Add decoding macros for CP15_32 and CP15_64 traps Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 3/7] arm64: compat: Add condition code checks and IT advance Marc Zyngier
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
Instead of directly generating an UNDEF when trapping a CP15 access,
let's add a new entry point to that effect (which only generates an
UNDEF for now).
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/kernel/entry.S | 15 +++++++++++++--
arch/arm64/kernel/traps.c | 13 +++++++++++++
2 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 09dbea221a27..53f805cad602 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -697,9 +697,9 @@ el0_sync_compat:
cmp x24, #ESR_ELx_EC_UNKNOWN // unknown exception in EL0
b.eq el0_undef
cmp x24, #ESR_ELx_EC_CP15_32 // CP15 MRC/MCR trap
- b.eq el0_undef
+ b.eq el0_cp15
cmp x24, #ESR_ELx_EC_CP15_64 // CP15 MRRC/MCRR trap
- b.eq el0_undef
+ b.eq el0_cp15
cmp x24, #ESR_ELx_EC_CP14_MR // CP14 MRC/MCR trap
b.eq el0_undef
cmp x24, #ESR_ELx_EC_CP14_LS // CP14 LDC/STC trap
@@ -722,6 +722,17 @@ el0_irq_compat:
el0_error_compat:
kernel_entry 0, 32
b el0_error_naked
+
+el0_cp15:
+ /*
+ * Trapped CP15 (MRC, MCR, MRRC, MCRR) instructions
+ */
+ enable_daif
+ ct_user_exit
+ mov x0, x25
+ mov x1, sp
+ bl do_cp15instr
+ b ret_to_user
#endif
el0_da:
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index 039e9ff379cc..7607283c1ef1 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -529,6 +529,19 @@ static struct sys64_hook sys64_hooks[] = {
{},
};
+
+#ifdef CONFIG_COMPAT
+asmlinkage void __exception do_cp15instr(unsigned int esr, struct pt_regs *regs)
+{
+ /*
+ * New cp15 instructions may previously have been undefined at
+ * EL0. Fall back to our usual undefined instruction handler
+ * so that we handle these consistently.
+ */
+ do_undefinstr(regs);
+}
+#endif
+
asmlinkage void __exception do_sysinstr(unsigned int esr, struct pt_regs *regs)
{
struct sys64_hook *hook;
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/7] arm64: compat: Add condition code checks and IT advance
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
2018-09-27 16:15 ` [PATCH 1/7] arm64: Add decoding macros for CP15_32 and CP15_64 traps Marc Zyngier
2018-09-27 16:15 ` [PATCH 2/7] arm64: compat: Add separate CP15 trapping hook Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 4/7] arm64: compat: Add cp15_32 and cp15_64 handler arrays Marc Zyngier
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
Here's a /really nice/ part of the architecture: a CP15 access is
allowed to trap even if it fails its condition check, and SW must
handle it. This includes decoding the IT state if this happens in
am IT block. As a consequence, SW must also deal with advancing
the IT state machine.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/kernel/traps.c | 85 +++++++++++++++++++++++++++++++++++++++
1 file changed, 85 insertions(+)
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index 7607283c1ef1..db036a097672 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -531,8 +531,93 @@ static struct sys64_hook sys64_hooks[] = {
#ifdef CONFIG_COMPAT
+#define PSTATE_IT_1_0_SHIFT 25
+#define PSTATE_IT_1_0_MASK (0x3 << PSTATE_IT_1_0_SHIFT)
+#define PSTATE_IT_7_2_SHIFT 10
+#define PSTATE_IT_7_2_MASK (0x3f << PSTATE_IT_7_2_SHIFT)
+
+static u32 compat_get_it_state(struct pt_regs *regs)
+{
+ u32 it, pstate = regs->pstate;
+
+ it = (pstate & PSTATE_IT_1_0_MASK) >> PSTATE_IT_1_0_SHIFT;
+ it |= ((pstate & PSTATE_IT_7_2_MASK) >> PSTATE_IT_7_2_SHIFT) << 2;
+
+ return it;
+}
+
+static void compat_set_it_state(struct pt_regs *regs, u32 it)
+{
+ u32 pstate_it;
+
+ pstate_it = (it << PSTATE_IT_1_0_SHIFT) & PSTATE_IT_1_0_MASK;
+ pstate_it |= ((it >> 2) << PSTATE_IT_7_2_SHIFT) & PSTATE_IT_7_2_MASK;
+
+ regs->pstate &= ~PSR_AA32_IT_MASK;
+ regs->pstate |= pstate_it;
+}
+
+static bool cp15_cond_valid(unsigned int esr, struct pt_regs *regs)
+{
+ int cond;
+
+ /* Only a T32 instruction can trap without CV being set */
+ if (!(esr & ESR_ELx_CV)) {
+ u32 it;
+
+ it = compat_get_it_state(regs);
+ if (!it)
+ return true;
+
+ cond = it >> 4;
+ } else {
+ cond = (esr & ESR_ELx_COND_MASK) >> ESR_ELx_COND_SHIFT;
+ }
+
+ return aarch32_opcode_cond_checks[cond](regs->pstate);
+}
+
+static void advance_itstate(struct pt_regs *regs)
+{
+ u32 it;
+
+ /* ARM mode */
+ if (!(regs->pstate & PSR_AA32_T_BIT) ||
+ !(regs->pstate & PSR_AA32_IT_MASK))
+ return;
+
+ it = compat_get_it_state(regs);
+
+ /*
+ * If this is the last instruction of the block, wipe the IT
+ * state. Otherwise advance it.
+ */
+ if (!(it & 7))
+ it = 0;
+ else
+ it = (it & 0xe0) | ((it << 1) & 0x1f);
+
+ compat_set_it_state(regs, it);
+}
+
+static void arm64_compat_skip_faulting_instruction(struct pt_regs *regs,
+ unsigned int sz)
+{
+ advance_itstate(regs);
+ arm64_skip_faulting_instruction(regs, sz);
+}
+
asmlinkage void __exception do_cp15instr(unsigned int esr, struct pt_regs *regs)
{
+ if (!cp15_cond_valid(esr, regs)) {
+ /*
+ * There is no T16 variant of a CP access, so we
+ * always advance PC by 4 bytes.
+ */
+ arm64_compat_skip_faulting_instruction(regs, 4);
+ return;
+ }
+
/*
* New cp15 instructions may previously have been undefined at
* EL0. Fall back to our usual undefined instruction handler
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 4/7] arm64: compat: Add cp15_32 and cp15_64 handler arrays
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
` (2 preceding siblings ...)
2018-09-27 16:15 ` [PATCH 3/7] arm64: compat: Add condition code checks and IT advance Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 5/7] arm64: compat: Add CNTVCT trap handler Marc Zyngier
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
We're now ready to start handling CP15 access. Let's add (empty)
arrays for both 32 and 64bit accessors, and the code that deals
with them.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/kernel/traps.c | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index db036a097672..2920a8f30158 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -607,8 +607,18 @@ static void arm64_compat_skip_faulting_instruction(struct pt_regs *regs,
arm64_skip_faulting_instruction(regs, sz);
}
+static struct sys64_hook cp15_32_hooks[] = {
+ {},
+};
+
+static struct sys64_hook cp15_64_hooks[] = {
+ {},
+};
+
asmlinkage void __exception do_cp15instr(unsigned int esr, struct pt_regs *regs)
{
+ struct sys64_hook *hook, *hook_base;
+
if (!cp15_cond_valid(esr, regs)) {
/*
* There is no T16 variant of a CP access, so we
@@ -618,6 +628,24 @@ asmlinkage void __exception do_cp15instr(unsigned int esr, struct pt_regs *regs)
return;
}
+ switch (ESR_ELx_EC(esr)) {
+ case ESR_ELx_EC_CP15_32:
+ hook_base = cp15_32_hooks;
+ break;
+ case ESR_ELx_EC_CP15_64:
+ hook_base = cp15_64_hooks;
+ break;
+ default:
+ do_undefinstr(regs);
+ return;
+ }
+
+ for (hook = hook_base; hook->handler; hook++)
+ if ((hook->esr_mask & esr) == hook->esr_val) {
+ hook->handler(esr, regs);
+ return;
+ }
+
/*
* New cp15 instructions may previously have been undefined at
* EL0. Fall back to our usual undefined instruction handler
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 5/7] arm64: compat: Add CNTVCT trap handler
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
` (3 preceding siblings ...)
2018-09-27 16:15 ` [PATCH 4/7] arm64: compat: Add cp15_32 and cp15_64 handler arrays Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 6/7] arm64: compat: Add CNTFRQ " Marc Zyngier
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
Since people seem to make a point in breaking the userspace visible
counter, we have no choice but to trap the access. We already do this
for 64bit userspace, but this is lacking for compat. Let's provide
the required handler.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/include/asm/esr.h | 3 +++
arch/arm64/kernel/traps.c | 16 ++++++++++++++++
2 files changed, 19 insertions(+)
diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h
index bfd27753a59d..67faae88f953 100644
--- a/arch/arm64/include/asm/esr.h
+++ b/arch/arm64/include/asm/esr.h
@@ -301,6 +301,9 @@
ESR_ELx_CP15_64_ISS_CRM_MASK | \
ESR_ELx_CP15_64_ISS_DIR_MASK)
+#define ESR_ELx_CP15_64_ISS_SYS_CNTVCT (ESR_ELx_CP15_64_ISS_SYS_VAL(1, 14) | \
+ ESR_ELx_CP15_64_ISS_DIR_READ)
+
#ifndef __ASSEMBLY__
#include <asm/types.h>
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index 2920a8f30158..cc0ad028caf3 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -611,7 +611,23 @@ static struct sys64_hook cp15_32_hooks[] = {
{},
};
+static void compat_cntvct_read_handler(unsigned int esr, struct pt_regs *regs)
+{
+ int rt = (esr & ESR_ELx_CP15_64_ISS_RT_MASK) >> ESR_ELx_CP15_64_ISS_RT_SHIFT;
+ int rt2 = (esr & ESR_ELx_CP15_64_ISS_RT2_MASK) >> ESR_ELx_CP15_64_ISS_RT2_SHIFT;
+ u64 val = arch_counter_get_cntvct();
+
+ pt_regs_write_reg(regs, rt, lower_32_bits(val));
+ pt_regs_write_reg(regs, rt2, upper_32_bits(val));
+ arm64_compat_skip_faulting_instruction(regs, 4);
+}
+
static struct sys64_hook cp15_64_hooks[] = {
+ {
+ .esr_mask = ESR_ELx_CP15_64_ISS_SYS_MASK,
+ .esr_val = ESR_ELx_CP15_64_ISS_SYS_CNTVCT,
+ .handler = compat_cntvct_read_handler,
+ },
{},
};
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 6/7] arm64: compat: Add CNTFRQ trap handler
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
` (4 preceding siblings ...)
2018-09-27 16:15 ` [PATCH 5/7] arm64: compat: Add CNTVCT trap handler Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-09-27 16:15 ` [PATCH 7/7] arm64: arch_timer: Add workaround for ARM erratum 1188873 Marc Zyngier
2018-10-01 12:39 ` [PATCH 0/7] arm64: Workaround for Cortex-A76 " Catalin Marinas
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
Just like CNTVCT, we need to handle userspace trapping into the
kernel if we're decided that the timer wasn't fit for purpose...
64bit userspace is already dealt with, but we're missing the
equivalent compat handling.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/include/asm/esr.h | 3 +++
arch/arm64/kernel/traps.c | 13 +++++++++++++
2 files changed, 16 insertions(+)
diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h
index 67faae88f953..6c764616b2a2 100644
--- a/arch/arm64/include/asm/esr.h
+++ b/arch/arm64/include/asm/esr.h
@@ -304,6 +304,9 @@
#define ESR_ELx_CP15_64_ISS_SYS_CNTVCT (ESR_ELx_CP15_64_ISS_SYS_VAL(1, 14) | \
ESR_ELx_CP15_64_ISS_DIR_READ)
+#define ESR_ELx_CP15_32_ISS_SYS_CNTFRQ (ESR_ELx_CP15_32_ISS_SYS_VAL(0, 0, 14, 0) |\
+ ESR_ELx_CP15_32_ISS_DIR_READ)
+
#ifndef __ASSEMBLY__
#include <asm/types.h>
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index cc0ad028caf3..923468c585a6 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -607,7 +607,20 @@ static void arm64_compat_skip_faulting_instruction(struct pt_regs *regs,
arm64_skip_faulting_instruction(regs, sz);
}
+static void compat_cntfrq_read_handler(unsigned int esr, struct pt_regs *regs)
+{
+ int reg = (esr & ESR_ELx_CP15_32_ISS_RT_MASK) >> ESR_ELx_CP15_32_ISS_RT_SHIFT;
+
+ pt_regs_write_reg(regs, reg, arch_timer_get_rate());
+ arm64_compat_skip_faulting_instruction(regs, 4);
+}
+
static struct sys64_hook cp15_32_hooks[] = {
+ {
+ .esr_mask = ESR_ELx_CP15_32_ISS_SYS_MASK,
+ .esr_val = ESR_ELx_CP15_32_ISS_SYS_CNTFRQ,
+ .handler = compat_cntfrq_read_handler,
+ },
{},
};
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 7/7] arm64: arch_timer: Add workaround for ARM erratum 1188873
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
` (5 preceding siblings ...)
2018-09-27 16:15 ` [PATCH 6/7] arm64: compat: Add CNTFRQ " Marc Zyngier
@ 2018-09-27 16:15 ` Marc Zyngier
2018-10-01 12:39 ` [PATCH 0/7] arm64: Workaround for Cortex-A76 " Catalin Marinas
7 siblings, 0 replies; 9+ messages in thread
From: Marc Zyngier @ 2018-09-27 16:15 UTC (permalink / raw)
To: linux-arm-kernel
When running on Cortex-A76, a timer access from an AArch32 EL0
task may end up with a corrupted value or register. The workaround for
this is to trap these accesses at EL1/EL2 and execute them there.
This only affects versions r0p0, r1p0 and r2p0 of the CPU.
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
arch/arm64/Kconfig | 12 ++++++++++++
arch/arm64/include/asm/cpucaps.h | 3 ++-
arch/arm64/include/asm/cputype.h | 2 ++
arch/arm64/kernel/cpu_errata.c | 8 ++++++++
drivers/clocksource/arm_arch_timer.c | 15 +++++++++++++++
5 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 1b1a0e95c751..28766066f31b 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -479,6 +479,18 @@ config ARM64_ERRATUM_1024718
If unsure, say Y.
+config ARM64_ERRATUM_1188873
+ bool "Cortex-A76: MRC read following MRRC read of specific Generic Timer in AArch32 might give incorrect result"
+ default y
+ help
+ This option adds work arounds for ARM Cortex-A76 erratum 1188873
+
+ Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could cause
+ register corruption when accessing the timer registers from
+ AArch32 userspace.
+
+ If unsure, say Y.
+
config CAVIUM_ERRATUM_22375
bool "Cavium erratum 22375, 24313"
default y
diff --git a/arch/arm64/include/asm/cpucaps.h b/arch/arm64/include/asm/cpucaps.h
index ae1f70450fb2..3575331dea7b 100644
--- a/arch/arm64/include/asm/cpucaps.h
+++ b/arch/arm64/include/asm/cpucaps.h
@@ -51,7 +51,8 @@
#define ARM64_SSBD 30
#define ARM64_MISMATCHED_CACHE_TYPE 31
#define ARM64_HAS_STAGE2_FWB 32
+#define ARM64_WORKAROUND_1188873 33
-#define ARM64_NCAPS 33
+#define ARM64_NCAPS 34
#endif /* __ASM_CPUCAPS_H */
diff --git a/arch/arm64/include/asm/cputype.h b/arch/arm64/include/asm/cputype.h
index ea690b3562af..12f93e4d2452 100644
--- a/arch/arm64/include/asm/cputype.h
+++ b/arch/arm64/include/asm/cputype.h
@@ -86,6 +86,7 @@
#define ARM_CPU_PART_CORTEX_A75 0xD0A
#define ARM_CPU_PART_CORTEX_A35 0xD04
#define ARM_CPU_PART_CORTEX_A55 0xD05
+#define ARM_CPU_PART_CORTEX_A76 0xD0B
#define APM_CPU_PART_POTENZA 0x000
@@ -110,6 +111,7 @@
#define MIDR_CORTEX_A75 MIDR_CPU_MODEL(ARM_CPU_IMP_ARM, ARM_CPU_PART_CORTEX_A75)
#define MIDR_CORTEX_A35 MIDR_CPU_MODEL(ARM_CPU_IMP_ARM, ARM_CPU_PART_CORTEX_A35)
#define MIDR_CORTEX_A55 MIDR_CPU_MODEL(ARM_CPU_IMP_ARM, ARM_CPU_PART_CORTEX_A55)
+#define MIDR_CORTEX_A76 MIDR_CPU_MODEL(ARM_CPU_IMP_ARM, ARM_CPU_PART_CORTEX_A76)
#define MIDR_THUNDERX MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX)
#define MIDR_THUNDERX_81XX MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX_81XX)
#define MIDR_THUNDERX_83XX MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX_83XX)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index dec10898d688..16c102d96e6d 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -679,6 +679,14 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
.type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
.matches = has_ssbd_mitigation,
},
+#endif
+#ifdef CONFIG_ARM64_ERRATUM_1188873
+ {
+ /* Cortex-A76 r0p0 to r2p0 */
+ .desc = "ARM erratum 1188873",
+ .capability = ARM64_WORKAROUND_1188873,
+ ERRATA_MIDR_RANGE(MIDR_CORTEX_A76, 0, 0, 2, 0),
+ },
#endif
{
}
diff --git a/drivers/clocksource/arm_arch_timer.c b/drivers/clocksource/arm_arch_timer.c
index d8c7f5750cdb..9a7d4dc00b6e 100644
--- a/drivers/clocksource/arm_arch_timer.c
+++ b/drivers/clocksource/arm_arch_timer.c
@@ -319,6 +319,13 @@ static u64 notrace arm64_858921_read_cntvct_el0(void)
}
#endif
+#ifdef CONFIG_ARM64_ERRATUM_1188873
+static u64 notrace arm64_1188873_read_cntvct_el0(void)
+{
+ return read_sysreg(cntvct_el0);
+}
+#endif
+
#ifdef CONFIG_ARM_ARCH_TIMER_OOL_WORKAROUND
DEFINE_PER_CPU(const struct arch_timer_erratum_workaround *, timer_unstable_counter_workaround);
EXPORT_SYMBOL_GPL(timer_unstable_counter_workaround);
@@ -408,6 +415,14 @@ static const struct arch_timer_erratum_workaround ool_workarounds[] = {
.read_cntvct_el0 = arm64_858921_read_cntvct_el0,
},
#endif
+#ifdef CONFIG_ARM64_ERRATUM_1188873
+ {
+ .match_type = ate_match_local_cap_id,
+ .id = (void *)ARM64_WORKAROUND_1188873,
+ .desc = "ARM erratum 1188873",
+ .read_cntvct_el0 = arm64_1188873_read_cntvct_el0,
+ },
+#endif
};
typedef bool (*ate_match_fn_t)(const struct arch_timer_erratum_workaround *,
--
2.19.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
` (6 preceding siblings ...)
2018-09-27 16:15 ` [PATCH 7/7] arm64: arch_timer: Add workaround for ARM erratum 1188873 Marc Zyngier
@ 2018-10-01 12:39 ` Catalin Marinas
7 siblings, 0 replies; 9+ messages in thread
From: Catalin Marinas @ 2018-10-01 12:39 UTC (permalink / raw)
To: linux-arm-kernel
On Thu, Sep 27, 2018 at 05:15:27PM +0100, Marc Zyngier wrote:
> Marc Zyngier (7):
> arm64: Add decoding macros for CP15_32 and CP15_64 traps
> arm64: compat: Add separate CP15 trapping hook
> arm64: compat: Add condition code checks and IT advance
> arm64: compat: Add cp15_32 and cp15_64 handler arrays
> arm64: compat: Add CNTVCT trap handler
> arm64: compat: Add CNTFRQ trap handler
> arm64: arch_timer: Add workaround for ARM erratum 1188873
Queued for 4.20. Thanks.
--
Catalin
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-10-01 12:39 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-27 16:15 [PATCH 0/7] arm64: Workaround for Cortex-A76 erratum 1188873 Marc Zyngier
2018-09-27 16:15 ` [PATCH 1/7] arm64: Add decoding macros for CP15_32 and CP15_64 traps Marc Zyngier
2018-09-27 16:15 ` [PATCH 2/7] arm64: compat: Add separate CP15 trapping hook Marc Zyngier
2018-09-27 16:15 ` [PATCH 3/7] arm64: compat: Add condition code checks and IT advance Marc Zyngier
2018-09-27 16:15 ` [PATCH 4/7] arm64: compat: Add cp15_32 and cp15_64 handler arrays Marc Zyngier
2018-09-27 16:15 ` [PATCH 5/7] arm64: compat: Add CNTVCT trap handler Marc Zyngier
2018-09-27 16:15 ` [PATCH 6/7] arm64: compat: Add CNTFRQ " Marc Zyngier
2018-09-27 16:15 ` [PATCH 7/7] arm64: arch_timer: Add workaround for ARM erratum 1188873 Marc Zyngier
2018-10-01 12:39 ` [PATCH 0/7] arm64: Workaround for Cortex-A76 " Catalin Marinas
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.