From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751137AbeAVGw2 (ORCPT <rfc822;w@1wt.eu>);
        Mon, 22 Jan 2018 01:52:28 -0500
Received: from szxga02-in.huawei.com ([45.249.212.188]:2515 "EHLO huawei.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1751062AbeAVGw1 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 22 Jan 2018 01:52:27 -0500
Subject: Re: [PATCH v2 07/11] arm64: Add skeleton to harden the branch
 predictor against aliasing attacks
To: Will Deacon <will.deacon@arm.com>
References: <1515157961-20963-1-git-send-email-will.deacon@arm.com>
 <1515157961-20963-8-git-send-email-will.deacon@arm.com>
 <01c224eb-9bec-6b16-7ecf-14837cc107b6@huawei.com>
 <20180117100715.GA27892@arm.com>
 <a8f3579a-9afd-c39a-fad7-826eba8e9ac8@huawei.com>
 <20180119142814.GA8421@arm.com>
CC: Yisheng Xie <xieyisheng1@huawei.com>, <lorenzo.pieralisi@arm.com>,
        <ard.biesheuvel@linaro.org>, <marc.zyngier@arm.com>,
        <catalin.marinas@arm.com>, <linux-kernel@vger.kernel.org>,
        <linux-arm-kernel@lists.infradead.org>, <labbott@redhat.com>,
        <christoffer.dall@linaro.org>
From: Li Kun <hw.likun@huawei.com>
Message-ID: <7cb8f7d6-8f81-efa8-3a83-f95c5af7e8ab@huawei.com>
Date: Mon, 22 Jan 2018 14:52:18 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <20180119142814.GA8421@arm.com>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
X-Originating-IP: [10.111.203.133]
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 2018/1/19 22:28, Will Deacon Wrote:
> On Fri, Jan 19, 2018 at 11:37:24AM +0800, Li Kun wrote:
>> 在 2018/1/17 18:07, Will Deacon 写道:
>>> On Wed, Jan 17, 2018 at 12:10:33PM +0800, Yisheng Xie wrote:
>>>> On 2018/1/5 21:12, Will Deacon wrote:
>>>>> diff --git a/arch/arm64/mm/context.c b/arch/arm64/mm/context.c
>>>>> index 5f7097d0cd12..d99b36555a16 100644
>>>>> --- a/arch/arm64/mm/context.c
>>>>> +++ b/arch/arm64/mm/context.c
>>>>> @@ -246,6 +246,8 @@ asmlinkage void post_ttbr_update_workaround(void)
>>>>>   			"ic iallu; dsb nsh; isb",
>>>>>   			ARM64_WORKAROUND_CAVIUM_27456,
>>>>>   			CONFIG_CAVIUM_ERRATUM_27456));
>>>>> +
>>>>> +	arm64_apply_bp_hardening();
>>>>>   }
>>>> post_ttbr_update_workaround was used for fix Cavium erratum 2745? so does that
>>>> means, if we do not have this erratum, we do not need arm64_apply_bp_hardening()?
>>>> when mm_swtich and kernel_exit?
>>>>
>>>>  From the code logical, it seems not only related to erratum 2745 anymore?
>>>> should it be renamed?
>>> post_ttbr_update_workaround just runs code after a TTBR update, which
>>> includes mitigations against variant 2 of "spectre" and also a workaround
>>> for a Cavium erratum. These are separate issues.
>> But AFAIU, according to the theory of spectre, we don't need to clear the
>> BTB every time we return to user?
>> If we enable CONFIG_ARM64_SW_TTBR0_PAN, there will be a call to
>> arm64_apply_bp_hardening every time kernel exit to el0.
>> kernel_exit
>>      post_ttbr_update_workaround
>>          arm64_apply_bp_hardening
> That's a really good point, thanks. What it means is that
> post_ttbr_update_workaround is actually the wrong place for this, and we
> should be doing it more directly on the switch_mm path -- probably in
> check_and_switch_context.
Yes, that's exactly what i mean.:-)
>
> Will

-- 
Best Regards
Li Kun