From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755950AbeASO2S (ORCPT ); Fri, 19 Jan 2018 09:28:18 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:39374 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754947AbeASO2K (ORCPT ); Fri, 19 Jan 2018 09:28:10 -0500 Date: Fri, 19 Jan 2018 14:28:15 +0000 From: Will Deacon To: Li Kun Cc: Yisheng Xie , lorenzo.pieralisi@arm.com, ard.biesheuvel@linaro.org, marc.zyngier@arm.com, catalin.marinas@arm.com, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, labbott@redhat.com, christoffer.dall@linaro.org Subject: Re: [PATCH v2 07/11] arm64: Add skeleton to harden the branch predictor against aliasing attacks Message-ID: <20180119142814.GA8421@arm.com> References: <1515157961-20963-1-git-send-email-will.deacon@arm.com> <1515157961-20963-8-git-send-email-will.deacon@arm.com> <01c224eb-9bec-6b16-7ecf-14837cc107b6@huawei.com> <20180117100715.GA27892@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 19, 2018 at 11:37:24AM +0800, Li Kun wrote: > 在 2018/1/17 18:07, Will Deacon 写道: > >On Wed, Jan 17, 2018 at 12:10:33PM +0800, Yisheng Xie wrote: > >>On 2018/1/5 21:12, Will Deacon wrote: > >>>diff --git a/arch/arm64/mm/context.c b/arch/arm64/mm/context.c > >>>index 5f7097d0cd12..d99b36555a16 100644 > >>>--- a/arch/arm64/mm/context.c > >>>+++ b/arch/arm64/mm/context.c > >>>@@ -246,6 +246,8 @@ asmlinkage void post_ttbr_update_workaround(void) > >>> "ic iallu; dsb nsh; isb", > >>> ARM64_WORKAROUND_CAVIUM_27456, > >>> CONFIG_CAVIUM_ERRATUM_27456)); > >>>+ > >>>+ arm64_apply_bp_hardening(); > >>> } > >>post_ttbr_update_workaround was used for fix Cavium erratum 2745? so does that > >>means, if we do not have this erratum, we do not need arm64_apply_bp_hardening()? > >>when mm_swtich and kernel_exit? > >> > >> From the code logical, it seems not only related to erratum 2745 anymore? > >>should it be renamed? > >post_ttbr_update_workaround just runs code after a TTBR update, which > >includes mitigations against variant 2 of "spectre" and also a workaround > >for a Cavium erratum. These are separate issues. > But AFAIU, according to the theory of spectre, we don't need to clear the > BTB every time we return to user? > If we enable CONFIG_ARM64_SW_TTBR0_PAN, there will be a call to > arm64_apply_bp_hardening every time kernel exit to el0. > kernel_exit > post_ttbr_update_workaround > arm64_apply_bp_hardening That's a really good point, thanks. What it means is that post_ttbr_update_workaround is actually the wrong place for this, and we should be doing it more directly on the switch_mm path -- probably in check_and_switch_context. Will