From: Jeremy Linton <jeremy.linton@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: catalin.marinas@arm.com, will.deacon@arm.com,
marc.zyngier@arm.com, suzuki.poulose@arm.com,
Dave.Martin@arm.com, shankerd@codeaurora.org,
julien.thierry@arm.com, mlangsdo@redhat.com,
stefan.wahren@i2se.com, Andre.Przywara@arm.com,
linux-kernel@vger.kernel.org,
Jeremy Linton <jeremy.linton@arm.com>,
Andre Przywara <andre.przywara@arm.com>
Subject: [v7 08/10] arm64: Always enable ssb vulnerability detection
Date: Wed, 10 Apr 2019 18:12:35 -0500 [thread overview]
Message-ID: <20190410231237.52506-9-jeremy.linton@arm.com> (raw)
In-Reply-To: <20190410231237.52506-1-jeremy.linton@arm.com>
The ssb detection logic is necessary regardless of whether
the vulnerability mitigation code is built into the kernel.
Break it out so that the CONFIG option only controls the
mitigation logic and not the vulnerability detection.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Tested-by: Stefan Wahren <stefan.wahren@i2se.com>
---
arch/arm64/include/asm/cpufeature.h | 4 ----
arch/arm64/kernel/cpu_errata.c | 11 +++++++----
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h
index e505e1fbd2b9..6ccdc97e5d6a 100644
--- a/arch/arm64/include/asm/cpufeature.h
+++ b/arch/arm64/include/asm/cpufeature.h
@@ -638,11 +638,7 @@ static inline int arm64_get_ssbd_state(void)
#endif
}
-#ifdef CONFIG_ARM64_SSBD
void arm64_set_ssbd_mitigation(bool state);
-#else
-static inline void arm64_set_ssbd_mitigation(bool state) {}
-#endif
extern int do_emulate_mrs(struct pt_regs *regs, u32 sys_reg, u32 rt);
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index fb8eb6c6088f..6958dcdabf7d 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -275,7 +275,6 @@ static int detect_harden_bp_fw(void)
return 1;
}
-#ifdef CONFIG_ARM64_SSBD
DEFINE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required);
int ssbd_state __read_mostly = ARM64_SSBD_KERNEL;
@@ -346,6 +345,7 @@ void __init arm64_enable_wa2_handling(struct alt_instr *alt,
*updptr = cpu_to_le32(aarch64_insn_gen_nop());
}
+#ifdef CONFIG_ARM64_SSBD
void arm64_set_ssbd_mitigation(bool state)
{
if (this_cpu_has_cap(ARM64_SSBS)) {
@@ -370,6 +370,12 @@ void arm64_set_ssbd_mitigation(bool state)
break;
}
}
+#else
+void arm64_set_ssbd_mitigation(bool state)
+{
+ pr_info_once("SSBD disabled by kernel configuration\n");
+}
+#endif /* CONFIG_ARM64_SSBD */
static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
int scope)
@@ -467,7 +473,6 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
return required;
}
-#endif /* CONFIG_ARM64_SSBD */
static void __maybe_unused
cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused)
@@ -759,14 +764,12 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
ERRATA_MIDR_RANGE_LIST(arm64_harden_el2_vectors),
},
#endif
-#ifdef CONFIG_ARM64_SSBD
{
.desc = "Speculative Store Bypass Disable",
.capability = ARM64_SSBD,
.type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
.matches = has_ssbd_mitigation,
},
-#endif
#ifdef CONFIG_ARM64_ERRATUM_1188873
{
/* Cortex-A76 r0p0 to r2p0 */
--
2.20.1
next prev parent reply other threads:[~2019-04-10 23:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-10 23:12 [v7 00/10] arm64: add system vulnerability sysfs entries Jeremy Linton
2019-04-10 0:48 ` Jeremy Linton
2019-04-10 23:12 ` [v7 01/10] arm64: Provide a command line to disable spectre_v2 mitigation Jeremy Linton
2019-04-10 23:12 ` [v7 02/10] arm64: add sysfs vulnerability show for spectre v1 Jeremy Linton
2019-04-10 23:12 ` [v7 03/10] arm64: add sysfs vulnerability show for meltdown Jeremy Linton
2019-04-10 23:12 ` [v7 04/10] arm64: Advertise mitigation of Spectre-v2, or lack thereof Jeremy Linton
2019-04-10 23:12 ` [v7 05/10] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Jeremy Linton
2019-04-10 23:12 ` [v7 06/10] arm64: Always enable spectrev2 vulnerability detection Jeremy Linton
2019-04-10 23:12 ` [v7 07/10] arm64: add sysfs vulnerability show for spectre v2 Jeremy Linton
2019-04-10 23:12 ` Jeremy Linton [this message]
2019-04-10 23:12 ` [v7 09/10] arm64: add sysfs vulnerability show for speculative store bypass Jeremy Linton
2019-04-10 23:12 ` [v7 10/10] arm64: enable generic CPU vulnerabilites support Jeremy Linton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190410231237.52506-9-jeremy.linton@arm.com \
--to=jeremy.linton@arm.com \
--cc=Andre.Przywara@arm.com \
--cc=Dave.Martin@arm.com \
--cc=catalin.marinas@arm.com \
--cc=julien.thierry@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.zyngier@arm.com \
--cc=mlangsdo@redhat.com \
--cc=shankerd@codeaurora.org \
--cc=stefan.wahren@i2se.com \
--cc=suzuki.poulose@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).