From: Viresh Kumar <viresh.kumar@linaro.org>
To: linux-arm-kernel@lists.infradead.org,
Julien Thierry <Julien.Thierry@arm.com>
Cc: Mark Rutland <mark.rutland@arm.com>,
Marc Zyngier <marc.zyngier@arm.com>,
Viresh Kumar <viresh.kumar@linaro.org>,
Will Deacon <will.deacon@arm.com>,
stable@vger.kernel.org, mark.brown@arm.com,
Catalin Marinas <catalin.marinas@arm.com>,
Russell King <rmk+kernel@arm.linux.org.uk>
Subject: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches
Date: Fri, 14 Jun 2019 08:37:43 +0530 [thread overview]
Message-ID: <cover.1560480942.git.viresh.kumar@linaro.org> (raw)
Hello,
Here is an attempt to backport arm64 spectre patches to v4.4 stable
tree.
I have started this backport with Mark Rutland's backport of Spectre to
4.9 [1] and tried applying the upstream version of them over 4.4 and
resolved conflicts by checking how they have been resolved in 4.9.
I had to pick few extra upstream patches to avoid unnecessary conflicts
(upstream commit ids mentioned):
a842789837c0 arm64: remove duplicate macro __KERNEL__ check
64f8ebaf115b mm/kasan: add API to check memory regions
bffe1baff5d5 arm64: kasan: instrument user memory access API
92406f0cc9e3 arm64: cpufeature: Add scope for capability check
9eb8a2cdf65c arm64: cputype info for Broadcom Vulcan
0d90718871fe arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
98dd64f34f47 ARM: 8478/2: arm/arm64: add arm-smccc
I had to drop few patches as well as they weren't getting applied
properly due to missing files/features (upstream commit id mentioned):
93f339ef4175 arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
3c31fa5a06b4 arm64: Run enable method for errata work arounds on late CPUs
6840bdd73d07 arm64: KVM: Use per-CPU vector when BP hardening is enabled
90348689d500 arm64: KVM: Make PSCI_VERSION a fast path
Since v4.4 doesn't contain arch/arm/kvm/hyp/switch.c file, changes for
it are dropped from some of the patches. The commit log of specific
patches are updated with this information.
Also for commit id (from 4.9 stable):
c24c205d2528 arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
I have dropped arch/arm64/crypto/sha256-core.S and sha512-core.S files
as they weren't part of the upstream commit. Not sure why it was
included by Mark as the commit log doesn't provide any reasoning for it.
The patches in this series are pushed here [2].
This is only build/boot tested by me as I don't have access to the
required test-suite which can verify spectre mitigations.
@Julien: Can you please help reviewing / testing them ? Thanks.
--
viresh
[1] https://patches.linaro.org/cover/133195/ with top commit in 4.9 stable tree:
a3b292fe0560 arm64: futex: Mask __user pointers prior to dereference
[2] https://git.kernel.org/pub/scm/linux/kernel/git/vireshk/linux.git stable/v4.4.y/spectre
Andrey Ryabinin (1):
mm/kasan: add API to check memory regions
Catalin Marinas (1):
arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm
macro
Jayachandran C (3):
arm64: cputype info for Broadcom Vulcan
arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
arm64: Branch predictor hardening for Cavium ThunderX2
Jens Wiklander (1):
ARM: 8478/2: arm/arm64: add arm-smccc
Laura Abbott (1):
mm: Introduce lm_alias
Marc Zyngier (14):
arm64: Move post_ttbr_update_workaround to C code
arm64: Move BP hardening to check_and_switch_context
arm64: cpu_errata: Allow an erratum to be match for all revisions of a
core
arm64: KVM: Increment PC after handling an SMC trap
arm/arm64: KVM: Add PSCI_VERSION helper
arm/arm64: KVM: Add smccc accessors to PSCI code
arm/arm64: KVM: Implement PSCI 1.0 support
arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
firmware/psci: Expose PSCI conduit
firmware/psci: Expose SMCCC version through psci_ops
arm/arm64: smccc: Make function identifiers an unsigned quantity
arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
Mark Rutland (4):
arm/arm64: KVM: Consolidate the PSCI include files
arm/arm64: KVM: Advertise SMCCC v1.1
arm/arm64: KVM: Turn kvm_psci_version into a static inline
arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
Robin Murphy (3):
arm64: Implement array_index_mask_nospec()
arm64: Make USER_DS an inclusive limit
arm64: Use pointer masking to limit uaccess speculation
Suzuki K Poulose (1):
arm64: cpufeature: Add scope for capability check
Will Deacon (13):
arm64: barrier: Add CSDB macros to control data-value prediction
arm64: entry: Ensure branch through syscall table is bounded under
speculation
arm64: uaccess: Prevent speculative use of the current addr_limit
arm64: uaccess: Don't bother eliding access_ok checks in __{get,
put}_user
arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
arm64: cpufeature: Pass capability structure to ->enable callback
drivers/firmware: Expose psci_get_version through psci_ops structure
arm64: Add skeleton to harden the branch predictor against aliasing
attacks
arm64: entry: Apply BP hardening for high-priority synchronous
exceptions
arm64: entry: Apply BP hardening for suspicious interrupts from EL0
arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
arm64: Implement branch predictor hardening for affected Cortex-A CPUs
arm64: futex: Mask __user pointers prior to dereference
Yang Shi (1):
arm64: kasan: instrument user memory access API
Yury Norov (1):
arm64: move TASK_* definitions to <asm/processor.h>
zijun_hu (1):
arm64: remove duplicate macro __KERNEL__ check
MAINTAINERS | 14 ++
arch/arm/include/asm/kvm_host.h | 6 +
arch/arm/include/asm/kvm_psci.h | 27 ---
arch/arm/kvm/arm.c | 2 +-
arch/arm/kvm/handle_exit.c | 4 +-
arch/arm/kvm/psci.c | 143 ++++++++++++---
arch/arm64/Kconfig | 17 ++
arch/arm64/include/asm/assembler.h | 18 ++
arch/arm64/include/asm/barrier.h | 23 +++
arch/arm64/include/asm/cpufeature.h | 12 +-
arch/arm64/include/asm/cputype.h | 12 ++
arch/arm64/include/asm/futex.h | 9 +-
arch/arm64/include/asm/kvm_host.h | 5 +
arch/arm64/include/asm/kvm_psci.h | 27 ---
arch/arm64/include/asm/memory.h | 15 --
arch/arm64/include/asm/mmu.h | 39 ++++
arch/arm64/include/asm/processor.h | 26 ++-
arch/arm64/include/asm/sysreg.h | 2 +
arch/arm64/include/asm/uaccess.h | 175 ++++++++++++------
arch/arm64/kernel/Makefile | 5 +
arch/arm64/kernel/arm64ksyms.c | 8 +-
arch/arm64/kernel/bpi.S | 75 ++++++++
arch/arm64/kernel/cpu_errata.c | 185 ++++++++++++++++++-
arch/arm64/kernel/cpufeature.c | 112 ++++++------
arch/arm64/kernel/entry.S | 26 ++-
arch/arm64/kvm/handle_exit.c | 16 +-
arch/arm64/kvm/hyp.S | 20 ++-
arch/arm64/lib/clear_user.S | 6 +-
arch/arm64/lib/copy_from_user.S | 4 +-
arch/arm64/lib/copy_in_user.S | 4 +-
arch/arm64/lib/copy_to_user.S | 4 +-
arch/arm64/mm/context.c | 12 ++
arch/arm64/mm/fault.c | 31 ++++
arch/arm64/mm/proc.S | 12 +-
drivers/firmware/Kconfig | 3 +
drivers/firmware/psci.c | 58 +++++-
include/kvm/arm_psci.h | 51 ++++++
include/linux/arm-smccc.h | 267 ++++++++++++++++++++++++++++
include/linux/kasan-checks.h | 12 ++
include/linux/mm.h | 4 +
include/linux/psci.h | 14 ++
include/uapi/linux/psci.h | 3 +
mm/kasan/kasan.c | 12 ++
43 files changed, 1270 insertions(+), 250 deletions(-)
delete mode 100644 arch/arm/include/asm/kvm_psci.h
delete mode 100644 arch/arm64/include/asm/kvm_psci.h
create mode 100644 arch/arm64/kernel/bpi.S
create mode 100644 include/kvm/arm_psci.h
create mode 100644 include/linux/arm-smccc.h
create mode 100644 include/linux/kasan-checks.h
--
2.21.0.rc0.269.g1a574e7a288b
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2019-06-14 3:12 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-14 3:07 Viresh Kumar [this message]
2019-06-14 3:07 ` [PATCH v4.4 01/45] arm64: barrier: Add CSDB macros to control data-value prediction Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 02/45] arm64: Implement array_index_mask_nospec() Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 03/45] arm64: remove duplicate macro __KERNEL__ check Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 04/45] arm64: move TASK_* definitions to <asm/processor.h> Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 05/45] arm64: Make USER_DS an inclusive limit Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 06/45] arm64: Use pointer masking to limit uaccess speculation Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 07/45] arm64: entry: Ensure branch through syscall table is bounded under speculation Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 08/45] arm64: uaccess: Prevent speculative use of the current addr_limit Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 09/45] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 10/45] mm/kasan: add API to check memory regions Viresh Kumar
2019-07-04 14:15 ` Julien Thierry
2019-07-05 3:13 ` Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 11/45] arm64: kasan: instrument user memory access API Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 12/45] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 13/45] arm64: cpufeature: Pass capability structure to ->enable callback Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 14/45] drivers/firmware: Expose psci_get_version through psci_ops structure Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 15/45] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro Viresh Kumar
2019-06-14 3:07 ` [PATCH v4.4 16/45] arm64: Move post_ttbr_update_workaround to C code Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 17/45] arm64: cpufeature: Add scope for capability check Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 18/45] arm64: Add skeleton to harden the branch predictor against aliasing attacks Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 19/45] arm64: Move BP hardening to check_and_switch_context Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 20/45] mm: Introduce lm_alias Viresh Kumar
2019-06-17 12:33 ` Julien Thierry
2019-06-18 5:00 ` Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 21/45] arm64: entry: Apply BP hardening for high-priority synchronous exceptions Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 22/45] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 23/45] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 24/45] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 25/45] arm64: Implement branch predictor hardening for affected Cortex-A CPUs Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 26/45] arm64: cputype info for Broadcom Vulcan Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 27/45] arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 28/45] arm64: Branch predictor hardening for Cavium ThunderX2 Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 29/45] arm64: KVM: Increment PC after handling an SMC trap Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 30/45] arm/arm64: KVM: Consolidate the PSCI include files Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 31/45] arm/arm64: KVM: Add PSCI_VERSION helper Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 32/45] arm/arm64: KVM: Add smccc accessors to PSCI code Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 33/45] ARM: 8478/2: arm/arm64: add arm-smccc Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 34/45] arm/arm64: KVM: Implement PSCI 1.0 support Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 35/45] arm/arm64: KVM: Advertise SMCCC v1.1 Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 36/45] arm/arm64: KVM: Turn kvm_psci_version into a static inline Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 37/45] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 38/45] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 39/45] firmware/psci: Expose PSCI conduit Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 40/45] firmware/psci: Expose SMCCC version through psci_ops Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 41/45] arm/arm64: smccc: Make function identifiers an unsigned quantity Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 42/45] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 43/45] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 44/45] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround Viresh Kumar
2019-06-14 3:08 ` [PATCH v4.4 45/45] arm64: futex: Mask __user pointers prior to dereference Viresh Kumar
2019-06-17 12:10 ` [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches Greg KH
2019-06-17 16:03 ` Julien Thierry
2019-06-18 10:21 ` Viresh Kumar
2019-06-19 11:03 ` Julien Thierry
2019-06-19 11:20 ` Viresh Kumar
2019-06-17 16:30 ` Julien Thierry
2019-07-11 13:57 ` Julien Thierry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1560480942.git.viresh.kumar@linaro.org \
--to=viresh.kumar@linaro.org \
--cc=Julien.Thierry@arm.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=marc.zyngier@arm.com \
--cc=mark.brown@arm.com \
--cc=mark.rutland@arm.com \
--cc=rmk+kernel@arm.linux.org.uk \
--cc=stable@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).