CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Nathan Chancellor]

[-- Attachment #1: Type: text/plain, Size: 1224 bytes --]

Hi Russell,

Apologies if this has already been reported, I did not see anything when
sifting through lore.kernel.org and I can still reproduce this with
current mainline (1db333d9a51f).

I noticed a QEMU boot failure with multi_v7_defconfig with
CONFIG_THUMB2_KERNEL=y in our continuous integration [1]. It does not
appear to be compiler specific, as it reproduces with a bunch of
different clang versions and GCC 11.2.0 (I didn't try other GCC
versions).

At commit 04e91b732476 ("ARM: early traps initialisation"), everything
boots fine.

At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
sections"), there is no output from QEMU at all.

At commit b9baf5c8c5c3 ("ARM: Spectre-BHB workaround"), there is some
output but the boot still hangs before init. I have included a log of
the output of QEMU at this revision along with the command line I am
using, which comes from [2]. If I disable CONFIG_HARDEN_BRANCH_HISTORY,
the kernel boots.

If there is any further information I can provide or patches I can try,
I am happy to do so.

[1]: https://github.com/ClangBuiltLinux/continuous-integration2/runs/5496036256?check_suite_focus=true
[2]: https://github.com/ClangBuiltLinux/boot-utils

Cheers,
Nathan

[-- Attachment #2: boot.log --]
[-- Type: text/plain, Size: 3896 bytes --]

+ timeout --foreground 1m stdbuf -oL -eL qemu-system-arm -initrd /home/nathan/cbl/github/boot-utils-ro/images/arm/rootfs.cpio -append 'console=ttyAMA0 earlycon' -machine virt -no-reboot -display none -kernel /home/nathan/cbl/src/linux/arch/arm/boot/zImage -m 512m -nodefaults -serial mon:stdio
[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 5.16.0-00004-gb9baf5c8c5c3 (nathan@dev-arch.thelio-3990X) (arm-none-eabi-gcc (Arch Repository) 11.2.0, GNU ld (GNU Binutils) 2.37) #1 SMP Thu Mar 10 12:03:57 MST 2022
[    0.000000] CPU: ARMv7 Processor [412fc0f1] revision 1 (ARMv7), cr=50c5387d
[    0.000000] CPU: div instructions available: patching division code
[    0.000000] CPU: PIPT / VIPT nonaliasing data cache, PIPT instruction cache
[    0.000000] OF: fdt: Machine model: linux,dummy-virt
[    0.000000] earlycon: pl11 at MMIO 0x09000000 (options '')
[    0.000000] printk: bootconsole [pl11] enabled
[    0.000000] Memory policy: Data cache writealloc
[    0.000000] efi: UEFI not found.
[    0.000000] cma: Reserved 64 MiB at 0x5c000000
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000]   Normal   empty
[    0.000000]   HighMem  empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000] psci: probing for conduit method from DT.
[    0.000000] psci: PSCIv1.1 detected in firmware.
[    0.000000] psci: Using standard PSCI v0.2 function IDs
[    0.000000] psci: Trusted OS migration not required
[    0.000000] psci: SMC Calling Convention v1.0
[    0.000000] percpu: Embedded 16 pages/cpu s33996 r8192 d23348 u65536
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 130048
[    0.000000] Kernel command line: console=ttyAMA0 earlycon
[    0.000000] Dentry cache hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    0.000000] Inode-cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 428336K/524288K available (10240K kernel code, 2268K rwdata, 5524K rodata, 2048K init, 392K bss, 30416K reserved, 65536K cma-reserved, 0K highmem)
[    0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] trace event string verifier disabled
[    0.000000] rcu: Hierarchical RCU implementation.
[    0.000000] rcu: 	RCU event tracing is enabled.
[    0.000000] rcu: 	RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=1.
[    0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[    0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[    0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16
[    0.000000] GICv2m: range[mem 0x08020000-0x08020fff], SPI[80:143]
[    0.000000] random: get_random_bytes called from _etext+0x600c95/0x67d464 with crng_init=0
[    0.000000] arch_timer: cp15 timer(s) running at 62.50MHz (virt).
[    0.000000] clocksource: arch_sys_counter: mask: 0x1ffffffffffffff max_cycles: 0x1cd42e208c, max_idle_ns: 881590405314 ns
[    0.000114] sched_clock: 57 bits at 62MHz, resolution 16ns, wraps every 4398046511096ns
[    0.000363] Switching to timer-based delay loop, resolution 16ns
[    0.002953] Console: colour dummy device 80x30
[    0.004065] Calibrating delay loop (skipped), value calculated using timer frequency.. 125.00 BogoMIPS (lpj=625000)
[    0.004331] pid_max: default: 32768 minimum: 301
[    0.005091] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.005239] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
qemu-system-arm: terminating on signal 15 from pid 511549 (timeout)
+ RET=124
+ set +x

CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Nathan Chancellor]

[-- Attachment #1: Type: text/plain, Size: 1224 bytes --]

Hi Russell,

Apologies if this has already been reported, I did not see anything when
sifting through lore.kernel.org and I can still reproduce this with
current mainline (1db333d9a51f).

I noticed a QEMU boot failure with multi_v7_defconfig with
CONFIG_THUMB2_KERNEL=y in our continuous integration [1]. It does not
appear to be compiler specific, as it reproduces with a bunch of
different clang versions and GCC 11.2.0 (I didn't try other GCC
versions).

At commit 04e91b732476 ("ARM: early traps initialisation"), everything
boots fine.

At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
sections"), there is no output from QEMU at all.

At commit b9baf5c8c5c3 ("ARM: Spectre-BHB workaround"), there is some
output but the boot still hangs before init. I have included a log of
the output of QEMU at this revision along with the command line I am
using, which comes from [2]. If I disable CONFIG_HARDEN_BRANCH_HISTORY,
the kernel boots.

If there is any further information I can provide or patches I can try,
I am happy to do so.

[1]: https://github.com/ClangBuiltLinux/continuous-integration2/runs/5496036256?check_suite_focus=true
[2]: https://github.com/ClangBuiltLinux/boot-utils

Cheers,
Nathan

[-- Attachment #2: boot.log --]
[-- Type: text/plain, Size: 3896 bytes --]

+ timeout --foreground 1m stdbuf -oL -eL qemu-system-arm -initrd /home/nathan/cbl/github/boot-utils-ro/images/arm/rootfs.cpio -append 'console=ttyAMA0 earlycon' -machine virt -no-reboot -display none -kernel /home/nathan/cbl/src/linux/arch/arm/boot/zImage -m 512m -nodefaults -serial mon:stdio
[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 5.16.0-00004-gb9baf5c8c5c3 (nathan@dev-arch.thelio-3990X) (arm-none-eabi-gcc (Arch Repository) 11.2.0, GNU ld (GNU Binutils) 2.37) #1 SMP Thu Mar 10 12:03:57 MST 2022
[    0.000000] CPU: ARMv7 Processor [412fc0f1] revision 1 (ARMv7), cr=50c5387d
[    0.000000] CPU: div instructions available: patching division code
[    0.000000] CPU: PIPT / VIPT nonaliasing data cache, PIPT instruction cache
[    0.000000] OF: fdt: Machine model: linux,dummy-virt
[    0.000000] earlycon: pl11 at MMIO 0x09000000 (options '')
[    0.000000] printk: bootconsole [pl11] enabled
[    0.000000] Memory policy: Data cache writealloc
[    0.000000] efi: UEFI not found.
[    0.000000] cma: Reserved 64 MiB at 0x5c000000
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000]   Normal   empty
[    0.000000]   HighMem  empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000005fffffff]
[    0.000000] psci: probing for conduit method from DT.
[    0.000000] psci: PSCIv1.1 detected in firmware.
[    0.000000] psci: Using standard PSCI v0.2 function IDs
[    0.000000] psci: Trusted OS migration not required
[    0.000000] psci: SMC Calling Convention v1.0
[    0.000000] percpu: Embedded 16 pages/cpu s33996 r8192 d23348 u65536
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 130048
[    0.000000] Kernel command line: console=ttyAMA0 earlycon
[    0.000000] Dentry cache hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    0.000000] Inode-cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 428336K/524288K available (10240K kernel code, 2268K rwdata, 5524K rodata, 2048K init, 392K bss, 30416K reserved, 65536K cma-reserved, 0K highmem)
[    0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] trace event string verifier disabled
[    0.000000] rcu: Hierarchical RCU implementation.
[    0.000000] rcu: 	RCU event tracing is enabled.
[    0.000000] rcu: 	RCU restricting CPUs from NR_CPUS=16 to nr_cpu_ids=1.
[    0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[    0.000000] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[    0.000000] NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16
[    0.000000] GICv2m: range[mem 0x08020000-0x08020fff], SPI[80:143]
[    0.000000] random: get_random_bytes called from _etext+0x600c95/0x67d464 with crng_init=0
[    0.000000] arch_timer: cp15 timer(s) running at 62.50MHz (virt).
[    0.000000] clocksource: arch_sys_counter: mask: 0x1ffffffffffffff max_cycles: 0x1cd42e208c, max_idle_ns: 881590405314 ns
[    0.000114] sched_clock: 57 bits at 62MHz, resolution 16ns, wraps every 4398046511096ns
[    0.000363] Switching to timer-based delay loop, resolution 16ns
[    0.002953] Console: colour dummy device 80x30
[    0.004065] Calibrating delay loop (skipped), value calculated using timer frequency.. 125.00 BogoMIPS (lpj=625000)
[    0.004331] pid_max: default: 32768 minimum: 301
[    0.005091] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.005239] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
qemu-system-arm: terminating on signal 15 from pid 511549 (timeout)
+ RET=124
+ set +x

[-- Attachment #3: Type: text/plain, Size: 176 bytes --]

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

Hi Nathan, hi Russel,

I stumbled today over the same problem (no output on serial console
with v5.15.28-rt36). During `git bisect`, I had also some commits
where a few lines of output were visible.

At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
sections"), the system boots up to here:

start_kernel()
+--setup_arch()
   +--paging_init()
      +--devicemaps_init()
         +--eary_trap_init(vectors_base = 0xC7FFE000)
            +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
               +--__memcpy()

               copy_template.S:113 
               ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
               r1 = 0
              

With the final v5.15.28-rt36 I found out that the system boots fine
after disabling CONFIG_HARDEN_BRANCH_HISTORY.

Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
with a ARMv7 core. I have access to a JTAG debugger.

regards
Christian


On Thursday, 10 March 2022, 20:16:48 CET, Nathan Chancellor wrote:
> Hi Russell,
> 
> Apologies if this has already been reported, I did not see anything when
> sifting through lore.kernel.org and I can still reproduce this with
> current mainline (1db333d9a51f).
> 
> I noticed a QEMU boot failure with multi_v7_defconfig with
> CONFIG_THUMB2_KERNEL=y in our continuous integration [1]. It does not
> appear to be compiler specific, as it reproduces with a bunch of
> different clang versions and GCC 11.2.0 (I didn't try other GCC
> versions).
> 
> At commit 04e91b732476 ("ARM: early traps initialisation"), everything
> boots fine.
> 
> At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> sections"), there is no output from QEMU at all.
> 
> At commit b9baf5c8c5c3 ("ARM: Spectre-BHB workaround"), there is some
> output but the boot still hangs before init. I have included a log of
> the output of QEMU at this revision along with the command line I am
> using, which comes from [2]. If I disable CONFIG_HARDEN_BRANCH_HISTORY,
> the kernel boots.
> 
> If there is any further information I can provide or patches I can try,
> I am happy to do so.
> 
> [1]: https://github.com/ClangBuiltLinux/continuous-integration2/runs/5496036256?check_suite_focus=true
> [2]: https://github.com/ClangBuiltLinux/boot-utils
> 
> Cheers,
> Nathan
> 

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

Hi Nathan, hi Russel,

I stumbled today over the same problem (no output on serial console
with v5.15.28-rt36). During `git bisect`, I had also some commits
where a few lines of output were visible.

At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
sections"), the system boots up to here:

start_kernel()
+--setup_arch()
   +--paging_init()
      +--devicemaps_init()
         +--eary_trap_init(vectors_base = 0xC7FFE000)
            +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
               +--__memcpy()

               copy_template.S:113 
               ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
               r1 = 0
              

With the final v5.15.28-rt36 I found out that the system boots fine
after disabling CONFIG_HARDEN_BRANCH_HISTORY.

Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
with a ARMv7 core. I have access to a JTAG debugger.

regards
Christian


On Thursday, 10 March 2022, 20:16:48 CET, Nathan Chancellor wrote:
> Hi Russell,
> 
> Apologies if this has already been reported, I did not see anything when
> sifting through lore.kernel.org and I can still reproduce this with
> current mainline (1db333d9a51f).
> 
> I noticed a QEMU boot failure with multi_v7_defconfig with
> CONFIG_THUMB2_KERNEL=y in our continuous integration [1]. It does not
> appear to be compiler specific, as it reproduces with a bunch of
> different clang versions and GCC 11.2.0 (I didn't try other GCC
> versions).
> 
> At commit 04e91b732476 ("ARM: early traps initialisation"), everything
> boots fine.
> 
> At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> sections"), there is no output from QEMU at all.
> 
> At commit b9baf5c8c5c3 ("ARM: Spectre-BHB workaround"), there is some
> output but the boot still hangs before init. I have included a log of
> the output of QEMU at this revision along with the command line I am
> using, which comes from [2]. If I disable CONFIG_HARDEN_BRANCH_HISTORY,
> the kernel boots.
> 
> If there is any further information I can provide or patches I can try,
> I am happy to do so.
> 
> [1]: https://github.com/ClangBuiltLinux/continuous-integration2/runs/5496036256?check_suite_focus=true
> [2]: https://github.com/ClangBuiltLinux/boot-utils
> 
> Cheers,
> Nathan
> 





_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> Hi Nathan, hi Russel,
> 
> I stumbled today over the same problem (no output on serial console
> with v5.15.28-rt36). During `git bisect`, I had also some commits
> where a few lines of output were visible.
> 
> At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> sections"), the system boots up to here:
> 
> start_kernel()
> +--setup_arch()
>    +--paging_init()
>       +--devicemaps_init()
>          +--eary_trap_init(vectors_base = 0xC7FFE000)
>             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
>                +--__memcpy()
> 
>                copy_template.S:113
>                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
>                r1 = 0
> 
> 
> With the final v5.15.28-rt36 I found out that the system boots fine
> after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> 
> Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> with a ARMv7 core. I have access to a JTAG debugger.

I think this is already fixed in mainline. Commit:

6c7cb60bff7a ("ARM: fix Thumb2 regression")

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> Hi Nathan, hi Russel,
> 
> I stumbled today over the same problem (no output on serial console
> with v5.15.28-rt36). During `git bisect`, I had also some commits
> where a few lines of output were visible.
> 
> At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> sections"), the system boots up to here:
> 
> start_kernel()
> +--setup_arch()
>    +--paging_init()
>       +--devicemaps_init()
>          +--eary_trap_init(vectors_base = 0xC7FFE000)
>             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
>                +--__memcpy()
> 
>                copy_template.S:113
>                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
>                r1 = 0
> 
> 
> With the final v5.15.28-rt36 I found out that the system boots fine
> after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> 
> Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> with a ARMv7 core. I have access to a JTAG debugger.

I think this is already fixed in mainline. Commit:

6c7cb60bff7a ("ARM: fix Thumb2 regression")

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
<linux@armlinux.org.uk> wrote:
>
> On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > Hi Nathan, hi Russel,
> >
> > I stumbled today over the same problem (no output on serial console
> > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > where a few lines of output were visible.
> >
> > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > sections"), the system boots up to here:
> >
> > start_kernel()
> > +--setup_arch()
> >    +--paging_init()
> >       +--devicemaps_init()
> >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> >                +--__memcpy()
> >
> >                copy_template.S:113
> >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> >                r1 = 0
> >
> >
> > With the final v5.15.28-rt36 I found out that the system boots fine
> > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> >
> > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > with a ARMv7 core. I have access to a JTAG debugger.
>
> I think this is already fixed in mainline. Commit:
>
> 6c7cb60bff7a ("ARM: fix Thumb2 regression")
>

It's still broken - I sent a couple of patches on Monday, among which
one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
4', which produces a narrow encoding, and so it skips the subsequent
subs instruction and loops forever.

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
<linux@armlinux.org.uk> wrote:
>
> On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > Hi Nathan, hi Russel,
> >
> > I stumbled today over the same problem (no output on serial console
> > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > where a few lines of output were visible.
> >
> > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > sections"), the system boots up to here:
> >
> > start_kernel()
> > +--setup_arch()
> >    +--paging_init()
> >       +--devicemaps_init()
> >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> >                +--__memcpy()
> >
> >                copy_template.S:113
> >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> >                r1 = 0
> >
> >
> > With the final v5.15.28-rt36 I found out that the system boots fine
> > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> >
> > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > with a ARMv7 core. I have access to a JTAG debugger.
>
> I think this is already fixed in mainline. Commit:
>
> 6c7cb60bff7a ("ARM: fix Thumb2 regression")
>

It's still broken - I sent a couple of patches on Monday, among which
one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
4', which produces a narrow encoding, and so it skips the subsequent
subs instruction and loops forever.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> <linux@armlinux.org.uk> wrote:
> >
> > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > Hi Nathan, hi Russel,
> > >
> > > I stumbled today over the same problem (no output on serial console
> > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > where a few lines of output were visible.
> > >
> > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > sections"), the system boots up to here:
> > >
> > > start_kernel()
> > > +--setup_arch()
> > >    +--paging_init()
> > >       +--devicemaps_init()
> > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > >                +--__memcpy()
> > >
> > >                copy_template.S:113
> > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > >                r1 = 0
> > >
> > >
> > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > >
> > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > with a ARMv7 core. I have access to a JTAG debugger.
> >
> > I think this is already fixed in mainline. Commit:
> >
> > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> >
> 
> It's still broken - I sent a couple of patches on Monday, among which
> one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> 4', which produces a narrow encoding, and so it skips the subsequent
> subs instruction and loops forever.

And what's the current status? Sorry, I've way too much email from the
last 2.5 weeks to find it myself.

Thanks.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> <linux@armlinux.org.uk> wrote:
> >
> > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > Hi Nathan, hi Russel,
> > >
> > > I stumbled today over the same problem (no output on serial console
> > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > where a few lines of output were visible.
> > >
> > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > sections"), the system boots up to here:
> > >
> > > start_kernel()
> > > +--setup_arch()
> > >    +--paging_init()
> > >       +--devicemaps_init()
> > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > >                +--__memcpy()
> > >
> > >                copy_template.S:113
> > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > >                r1 = 0
> > >
> > >
> > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > >
> > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > with a ARMv7 core. I have access to a JTAG debugger.
> >
> > I think this is already fixed in mainline. Commit:
> >
> > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> >
> 
> It's still broken - I sent a couple of patches on Monday, among which
> one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> 4', which produces a narrow encoding, and so it skips the subsequent
> subs instruction and loops forever.

And what's the current status? Sorry, I've way too much email from the
last 2.5 weeks to find it myself.

Thanks.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
<linux@armlinux.org.uk> wrote:
>
> On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > <linux@armlinux.org.uk> wrote:
> > >
> > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > Hi Nathan, hi Russel,
> > > >
> > > > I stumbled today over the same problem (no output on serial console
> > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > where a few lines of output were visible.
> > > >
> > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > sections"), the system boots up to here:
> > > >
> > > > start_kernel()
> > > > +--setup_arch()
> > > >    +--paging_init()
> > > >       +--devicemaps_init()
> > > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > >                +--__memcpy()
> > > >
> > > >                copy_template.S:113
> > > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > >                r1 = 0
> > > >
> > > >
> > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > >
> > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > with a ARMv7 core. I have access to a JTAG debugger.
> > >
> > > I think this is already fixed in mainline. Commit:
> > >
> > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > >
> >
> > It's still broken - I sent a couple of patches on Monday, among which
> > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > 4', which produces a narrow encoding, and so it skips the subsequent
> > subs instruction and loops forever.
>
> And what's the current status? Sorry, I've way too much email from the
> last 2.5 weeks to find it myself.
>

https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/

Nobody bothered to respond yet, I can drop the first two in the patch
tracker if you like.

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
<linux@armlinux.org.uk> wrote:
>
> On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > <linux@armlinux.org.uk> wrote:
> > >
> > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > Hi Nathan, hi Russel,
> > > >
> > > > I stumbled today over the same problem (no output on serial console
> > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > where a few lines of output were visible.
> > > >
> > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > sections"), the system boots up to here:
> > > >
> > > > start_kernel()
> > > > +--setup_arch()
> > > >    +--paging_init()
> > > >       +--devicemaps_init()
> > > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > >                +--__memcpy()
> > > >
> > > >                copy_template.S:113
> > > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > >                r1 = 0
> > > >
> > > >
> > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > >
> > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > with a ARMv7 core. I have access to a JTAG debugger.
> > >
> > > I think this is already fixed in mainline. Commit:
> > >
> > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > >
> >
> > It's still broken - I sent a couple of patches on Monday, among which
> > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > 4', which produces a narrow encoding, and so it skips the subsequent
> > subs instruction and loops forever.
>
> And what's the current status? Sorry, I've way too much email from the
> last 2.5 weeks to find it myself.
>

https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/

Nobody bothered to respond yet, I can drop the first two in the patch
tracker if you like.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

On Wednesday, 30 March 2022, 18:45:18 CEST, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
> <linux@armlinux.org.uk> wrote:
> >
> > On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > > <linux@armlinux.org.uk> wrote:
> > > >
> > > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > > Hi Nathan, hi Russel,
> > > > >
> > > > > I stumbled today over the same problem (no output on serial console
> > > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > > where a few lines of output were visible.
> > > > >
> > > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > > sections"), the system boots up to here:
> > > > >
> > > > > start_kernel()
> > > > > +--setup_arch()
> > > > >    +--paging_init()
> > > > >       +--devicemaps_init()
> > > > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > > >                +--__memcpy()
> > > > >
> > > > >                copy_template.S:113
> > > > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > > >                r1 = 0
> > > > >
> > > > >
> > > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > > >
> > > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > > with a ARMv7 core. I have access to a JTAG debugger.
> > > >
> > > > I think this is already fixed in mainline. Commit:
> > > >
> > > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > > >
> > >
> > > It's still broken - I sent a couple of patches on Monday, among which
> > > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > > 4', which produces a narrow encoding, and so it skips the subsequent
> > > subs instruction and loops forever.
> >
> > And what's the current status? Sorry, I've way too much email from the
> > last 2.5 weeks to find it myself.
> >
> 
> https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/
> 
> Nobody bothered to respond yet, I can drop the first two in the patch
> tracker if you like.

I just switched to v5.15.31-rt38 which already includes
6c7cb60bff7a ("ARM: fix Thumb2 regression")

This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
applying the patch series from Ard, the system still boots fine. 

I haven't any understanding what these patches do. Is there anything I shall
test?

regards
Christian

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

On Wednesday, 30 March 2022, 18:45:18 CEST, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
> <linux@armlinux.org.uk> wrote:
> >
> > On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > > <linux@armlinux.org.uk> wrote:
> > > >
> > > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > > Hi Nathan, hi Russel,
> > > > >
> > > > > I stumbled today over the same problem (no output on serial console
> > > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > > where a few lines of output were visible.
> > > > >
> > > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > > sections"), the system boots up to here:
> > > > >
> > > > > start_kernel()
> > > > > +--setup_arch()
> > > > >    +--paging_init()
> > > > >       +--devicemaps_init()
> > > > >          +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > > >             +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > > >                +--__memcpy()
> > > > >
> > > > >                copy_template.S:113
> > > > >                ldr8w   r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > > >                r1 = 0
> > > > >
> > > > >
> > > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > > >
> > > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > > with a ARMv7 core. I have access to a JTAG debugger.
> > > >
> > > > I think this is already fixed in mainline. Commit:
> > > >
> > > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > > >
> > >
> > > It's still broken - I sent a couple of patches on Monday, among which
> > > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > > 4', which produces a narrow encoding, and so it skips the subsequent
> > > subs instruction and loops forever.
> >
> > And what's the current status? Sorry, I've way too much email from the
> > last 2.5 weeks to find it myself.
> >
> 
> https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/
> 
> Nobody bothered to respond yet, I can drop the first two in the patch
> tracker if you like.

I just switched to v5.15.31-rt38 which already includes
6c7cb60bff7a ("ARM: fix Thumb2 regression")

This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
applying the patch series from Ard, the system still boots fine. 

I haven't any understanding what these patches do. Is there anything I shall
test?

regards
Christian




_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 19:33, Christian Eggers <ceggers@arri.de> wrote:
>
> On Wednesday, 30 March 2022, 18:45:18 CEST, Ard Biesheuvel wrote:
> >
> On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
> > <linux@armlinux.org.uk> wrote:
> > >
> > > On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > > > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > > > <linux@armlinux.org.uk> wrote:
> > > > >
> > > > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > > > Hi Nathan, hi Russel,
> > > > > >
> > > > > > I stumbled today over the same problem (no output on serial console
> > > > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > > > where a few lines of output were visible.
> > > > > >
> > > > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > > > sections"), the system boots up to here:
> > > > > >
> > > > > > start_kernel()
> > > > > > +--setup_arch()
> > > > > > +--paging_init()
> > > > > > +--devicemaps_init()
> > > > > > +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > > > > +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > > > > +--__memcpy()
> > > > > >
> > > > > > copy_template.S:113
> > > > > > ldr8w r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > > > > r1 = 0
> > > > > >
> > > > > >
> > > > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > > > >
> > > > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > > > with a ARMv7 core. I have access to a JTAG debugger.
> > > > >
> > > > > I think this is already fixed in mainline. Commit:
> > > > >
> > > > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > > > >
> > > >
> > > > It's still broken - I sent a couple of patches on Monday, among which
> > > > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > > > 4', which produces a narrow encoding, and so it skips the subsequent
> > > > subs instruction and loops forever.
> > >
> > > And what's the current status? Sorry, I've way too much email from the
> > > last 2.5 weeks to find it myself.
> > >
> >
> > https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/
> >
> > Nobody bothered to respond yet, I can drop the first two in the patch
> > tracker if you like.
>
> I just switched to v5.15.31-rt38 which already includes
> 6c7cb60bff7a ("ARM: fix Thumb2 regression")
>
> This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
> applying the patch series from Ard, the system still boots fine.
>
> I haven't any understanding what these patches do. Is there anything I shall
> test?
>

Thanks for confirming. The first fix affects all Thumb2
configurations, my patch only affects Thumb2 configurations that
actually enable the loop8 mitigation for Spectre-BHB.

What type of CPU are you booting on?

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Ard Biesheuvel]

On Wed, 30 Mar 2022 at 19:33, Christian Eggers <ceggers@arri.de> wrote:
>
> On Wednesday, 30 March 2022, 18:45:18 CEST, Ard Biesheuvel wrote:
> >
> On Wed, 30 Mar 2022 at 18:37, Russell King (Oracle)
> > <linux@armlinux.org.uk> wrote:
> > >
> > > On Wed, Mar 30, 2022 at 06:34:25PM +0200, Ard Biesheuvel wrote:
> > > > On Wed, 30 Mar 2022 at 18:12, Russell King (Oracle)
> > > > <linux@armlinux.org.uk> wrote:
> > > > >
> > > > > On Tue, Mar 22, 2022 at 06:49:17PM +0100, Christian Eggers wrote:
> > > > > > Hi Nathan, hi Russel,
> > > > > >
> > > > > > I stumbled today over the same problem (no output on serial console
> > > > > > with v5.15.28-rt36). During `git bisect`, I had also some commits
> > > > > > where a few lines of output were visible.
> > > > > >
> > > > > > At commit 8d9d651ff227 ("ARM: use LOADADDR() to get load address of
> > > > > > sections"), the system boots up to here:
> > > > > >
> > > > > > start_kernel()
> > > > > > +--setup_arch()
> > > > > > +--paging_init()
> > > > > > +--devicemaps_init()
> > > > > > +--eary_trap_init(vectors_base = 0xC7FFE000)
> > > > > > +--copy_from_lma(vectors_base = 0xC7FFE000, __vectors_start=0x0, __vectors_end=0x20)
> > > > > > +--__memcpy()
> > > > > >
> > > > > > copy_template.S:113
> > > > > > ldr8w r1, r3, r4, r5, r6, r7, r8, ip, lr, abort=20f
> > > > > > r1 = 0
> > > > > >
> > > > > >
> > > > > > With the final v5.15.28-rt36 I found out that the system boots fine
> > > > > > after disabling CONFIG_HARDEN_BRANCH_HISTORY.
> > > > > >
> > > > > > Is there anything else I could analyze? My SoC system is a NXP i.MX6LL
> > > > > > with a ARMv7 core. I have access to a JTAG debugger.
> > > > >
> > > > > I think this is already fixed in mainline. Commit:
> > > > >
> > > > > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> > > > >
> > > >
> > > > It's still broken - I sent a couple of patches on Monday, among which
> > > > one to fix the boot issue with loop8 on Thumb2. The problem is 'b . +
> > > > 4', which produces a narrow encoding, and so it skips the subsequent
> > > > subs instruction and loops forever.
> > >
> > > And what's the current status? Sorry, I've way too much email from the
> > > last 2.5 weeks to find it myself.
> > >
> >
> > https://lore.kernel.org/linux-arm-kernel/20220328134714.205342-1-ardb@kernel.org/
> >
> > Nobody bothered to respond yet, I can drop the first two in the patch
> > tracker if you like.
>
> I just switched to v5.15.31-rt38 which already includes
> 6c7cb60bff7a ("ARM: fix Thumb2 regression")
>
> This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
> applying the patch series from Ard, the system still boots fine.
>
> I haven't any understanding what these patches do. Is there anything I shall
> test?
>

Thanks for confirming. The first fix affects all Thumb2
configurations, my patch only affects Thumb2 configurations that
actually enable the loop8 mitigation for Spectre-BHB.

What type of CPU are you booting on?

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

On Wednesday, 30 March 2022, 19:42:31 CEST, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 19:33, Christian Eggers <ceggers@arri.de> wrote:
> >
> > I just switched to v5.15.31-rt38 which already includes
> > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> >
> > This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
> > applying the patch series from Ard, the system still boots fine.
> >
> > I haven't any understanding what these patches do. Is there anything I shall
> > test?
> >
> 
> Thanks for confirming. The first fix affects all Thumb2
> configurations, my patch only affects Thumb2 configurations that
> actually enable the loop8 mitigation for Spectre-BHB.
> 
> What type of CPU are you booting on?
> 

NXP i.MX6ULL (ARM Cortex-A7).

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Christian Eggers]

On Wednesday, 30 March 2022, 19:42:31 CEST, Ard Biesheuvel wrote:
> On Wed, 30 Mar 2022 at 19:33, Christian Eggers <ceggers@arri.de> wrote:
> >
> > I just switched to v5.15.31-rt38 which already includes
> > 6c7cb60bff7a ("ARM: fix Thumb2 regression")
> >
> > This kernel boots fine now, even with CONFIG_HARDEN_BRANCH_HISTORY=y. After
> > applying the patch series from Ard, the system still boots fine.
> >
> > I haven't any understanding what these patches do. Is there anything I shall
> > test?
> >
> 
> Thanks for confirming. The first fix affects all Thumb2
> configurations, my patch only affects Thumb2 configurations that
> actually enable the loop8 mitigation for Spectre-BHB.
> 
> What type of CPU are you booting on?
> 

NXP i.MX6ULL (ARM Cortex-A7).




_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Wed, Mar 30, 2022 at 08:27:56PM +0200, Christian Eggers wrote:
> On Wednesday, 30 March 2022, 19:42:31 CEST, Ard Biesheuvel wrote:
> > Thanks for confirming. The first fix affects all Thumb2
> > configurations, my patch only affects Thumb2 configurations that
> > actually enable the loop8 mitigation for Spectre-BHB.
> > 
> > What type of CPU are you booting on?
> 
> NXP i.MX6ULL (ARM Cortex-A7).

As Cortex-A7 is not listed in Arm Ltd's table for speculative processor
vulnerabilities, the kernel doesn't implement any workarounds.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

Re: CONFIG_THUMB2_KERNEL=y boot failure after Spectre BHB fixes

[Russell King (Oracle)]

On Wed, Mar 30, 2022 at 08:27:56PM +0200, Christian Eggers wrote:
> On Wednesday, 30 March 2022, 19:42:31 CEST, Ard Biesheuvel wrote:
> > Thanks for confirming. The first fix affects all Thumb2
> > configurations, my patch only affects Thumb2 configurations that
> > actually enable the loop8 mitigation for Spectre-BHB.
> > 
> > What type of CPU are you booting on?
> 
> NXP i.MX6ULL (ARM Cortex-A7).

As Cortex-A7 is not listed in Arm Ltd's table for speculative processor
vulnerabilities, the kernel doesn't implement any workarounds.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel