From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Catalin Marinas <catalin.marinas@arm.com>,
"Russell King (Oracle)" <rmk+kernel@armlinux.org.uk>
Subject: [PATCH 4.9 19/38] ARM: report Spectre v2 status through sysfs
Date: Thu, 10 Mar 2022 15:13:32 +0100 [thread overview]
Message-ID: <20220310140808.699465325@linuxfoundation.org> (raw)
In-Reply-To: <20220310140808.136149678@linuxfoundation.org>
From: "Russell King (Oracle)" <rmk+kernel@armlinux.org.uk>
commit 9dd78194a3722fa6712192cdd4f7032d45112a9a upstream.
As per other architectures, add support for reporting the Spectre
vulnerability status via sysfs CPU.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
[ preserve res variable and add SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED - gregkh ]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm/include/asm/spectre.h | 28 ++++++++
arch/arm/kernel/Makefile | 2
arch/arm/kernel/spectre.c | 54 +++++++++++++++++
arch/arm/mm/Kconfig | 1
arch/arm/mm/proc-v7-bugs.c | 130 +++++++++++++++++++++++++++++++----------
5 files changed, 184 insertions(+), 31 deletions(-)
create mode 100644 arch/arm/include/asm/spectre.h
create mode 100644 arch/arm/kernel/spectre.c
--- /dev/null
+++ b/arch/arm/include/asm/spectre.h
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#ifndef __ASM_SPECTRE_H
+#define __ASM_SPECTRE_H
+
+enum {
+ SPECTRE_UNAFFECTED,
+ SPECTRE_MITIGATED,
+ SPECTRE_VULNERABLE,
+};
+
+enum {
+ __SPECTRE_V2_METHOD_BPIALL,
+ __SPECTRE_V2_METHOD_ICIALLU,
+ __SPECTRE_V2_METHOD_SMC,
+ __SPECTRE_V2_METHOD_HVC,
+};
+
+enum {
+ SPECTRE_V2_METHOD_BPIALL = BIT(__SPECTRE_V2_METHOD_BPIALL),
+ SPECTRE_V2_METHOD_ICIALLU = BIT(__SPECTRE_V2_METHOD_ICIALLU),
+ SPECTRE_V2_METHOD_SMC = BIT(__SPECTRE_V2_METHOD_SMC),
+ SPECTRE_V2_METHOD_HVC = BIT(__SPECTRE_V2_METHOD_HVC),
+};
+
+void spectre_v2_update_state(unsigned int state, unsigned int methods);
+
+#endif
--- a/arch/arm/kernel/Makefile
+++ b/arch/arm/kernel/Makefile
@@ -100,4 +100,6 @@ endif
obj-$(CONFIG_HAVE_ARM_SMCCC) += smccc-call.o
+obj-$(CONFIG_GENERIC_CPU_VULNERABILITIES) += spectre.o
+
extra-y := $(head-y) vmlinux.lds
--- /dev/null
+++ b/arch/arm/kernel/spectre.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0-only
+#include <linux/cpu.h>
+#include <linux/device.h>
+
+#include <asm/spectre.h>
+
+ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
+ char *buf)
+{
+ return sprintf(buf, "Mitigation: __user pointer sanitization\n");
+}
+
+static unsigned int spectre_v2_state;
+static unsigned int spectre_v2_methods;
+
+void spectre_v2_update_state(unsigned int state, unsigned int method)
+{
+ if (state > spectre_v2_state)
+ spectre_v2_state = state;
+ spectre_v2_methods |= method;
+}
+
+ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
+ char *buf)
+{
+ const char *method;
+
+ if (spectre_v2_state == SPECTRE_UNAFFECTED)
+ return sprintf(buf, "%s\n", "Not affected");
+
+ if (spectre_v2_state != SPECTRE_MITIGATED)
+ return sprintf(buf, "%s\n", "Vulnerable");
+
+ switch (spectre_v2_methods) {
+ case SPECTRE_V2_METHOD_BPIALL:
+ method = "Branch predictor hardening";
+ break;
+
+ case SPECTRE_V2_METHOD_ICIALLU:
+ method = "I-cache invalidation";
+ break;
+
+ case SPECTRE_V2_METHOD_SMC:
+ case SPECTRE_V2_METHOD_HVC:
+ method = "Firmware call";
+ break;
+
+ default:
+ method = "Multiple mitigations";
+ break;
+ }
+
+ return sprintf(buf, "Mitigation: %s\n", method);
+}
--- a/arch/arm/mm/Kconfig
+++ b/arch/arm/mm/Kconfig
@@ -803,6 +803,7 @@ config CPU_BPREDICT_DISABLE
config CPU_SPECTRE
bool
+ select GENERIC_CPU_VULNERABILITIES
config HARDEN_BRANCH_PREDICTOR
bool "Harden the branch predictor against aliasing attacks" if EXPERT
--- a/arch/arm/mm/proc-v7-bugs.c
+++ b/arch/arm/mm/proc-v7-bugs.c
@@ -7,8 +7,36 @@
#include <asm/cp15.h>
#include <asm/cputype.h>
#include <asm/proc-fns.h>
+#include <asm/spectre.h>
#include <asm/system_misc.h>
+#ifdef CONFIG_ARM_PSCI
+#define SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED 1
+static int __maybe_unused spectre_v2_get_cpu_fw_mitigation_state(void)
+{
+ struct arm_smccc_res res;
+
+ arm_smccc_1_1_invoke(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
+ ARM_SMCCC_ARCH_WORKAROUND_1, &res);
+
+ switch ((int)res.a0) {
+ case SMCCC_RET_SUCCESS:
+ return SPECTRE_MITIGATED;
+
+ case SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED:
+ return SPECTRE_UNAFFECTED;
+
+ default:
+ return SPECTRE_VULNERABLE;
+ }
+}
+#else
+static int __maybe_unused spectre_v2_get_cpu_fw_mitigation_state(void)
+{
+ return SPECTRE_VULNERABLE;
+}
+#endif
+
#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
DEFINE_PER_CPU(harden_branch_predictor_fn_t, harden_branch_predictor_fn);
@@ -37,13 +65,60 @@ static void __maybe_unused call_hvc_arch
arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
}
-static void cpu_v7_spectre_init(void)
+static unsigned int spectre_v2_install_workaround(unsigned int method)
{
const char *spectre_v2_method = NULL;
int cpu = smp_processor_id();
if (per_cpu(harden_branch_predictor_fn, cpu))
- return;
+ return SPECTRE_MITIGATED;
+
+ switch (method) {
+ case SPECTRE_V2_METHOD_BPIALL:
+ per_cpu(harden_branch_predictor_fn, cpu) =
+ harden_branch_predictor_bpiall;
+ spectre_v2_method = "BPIALL";
+ break;
+
+ case SPECTRE_V2_METHOD_ICIALLU:
+ per_cpu(harden_branch_predictor_fn, cpu) =
+ harden_branch_predictor_iciallu;
+ spectre_v2_method = "ICIALLU";
+ break;
+
+ case SPECTRE_V2_METHOD_HVC:
+ per_cpu(harden_branch_predictor_fn, cpu) =
+ call_hvc_arch_workaround_1;
+ cpu_do_switch_mm = cpu_v7_hvc_switch_mm;
+ spectre_v2_method = "hypervisor";
+ break;
+
+ case SPECTRE_V2_METHOD_SMC:
+ per_cpu(harden_branch_predictor_fn, cpu) =
+ call_smc_arch_workaround_1;
+ cpu_do_switch_mm = cpu_v7_smc_switch_mm;
+ spectre_v2_method = "firmware";
+ break;
+ }
+
+ if (spectre_v2_method)
+ pr_info("CPU%u: Spectre v2: using %s workaround\n",
+ smp_processor_id(), spectre_v2_method);
+
+ return SPECTRE_MITIGATED;
+}
+#else
+static unsigned int spectre_v2_install_workaround(unsigned int method)
+{
+ pr_info("CPU%u: Spectre V2: workarounds disabled by configuration\n");
+
+ return SPECTRE_VULNERABLE;
+}
+#endif
+
+static void cpu_v7_spectre_v2_init(void)
+{
+ unsigned int state, method = 0;
switch (read_cpuid_part()) {
case ARM_CPU_PART_CORTEX_A8:
@@ -52,29 +127,32 @@ static void cpu_v7_spectre_init(void)
case ARM_CPU_PART_CORTEX_A17:
case ARM_CPU_PART_CORTEX_A73:
case ARM_CPU_PART_CORTEX_A75:
- per_cpu(harden_branch_predictor_fn, cpu) =
- harden_branch_predictor_bpiall;
- spectre_v2_method = "BPIALL";
+ state = SPECTRE_MITIGATED;
+ method = SPECTRE_V2_METHOD_BPIALL;
break;
case ARM_CPU_PART_CORTEX_A15:
case ARM_CPU_PART_BRAHMA_B15:
- per_cpu(harden_branch_predictor_fn, cpu) =
- harden_branch_predictor_iciallu;
- spectre_v2_method = "ICIALLU";
+ state = SPECTRE_MITIGATED;
+ method = SPECTRE_V2_METHOD_ICIALLU;
break;
-#ifdef CONFIG_ARM_PSCI
default:
/* Other ARM CPUs require no workaround */
- if (read_cpuid_implementor() == ARM_CPU_IMP_ARM)
+ if (read_cpuid_implementor() == ARM_CPU_IMP_ARM) {
+ state = SPECTRE_UNAFFECTED;
break;
+ }
/* fallthrough */
- /* Cortex A57/A72 require firmware workaround */
+ /* Cortex A57/A72 require firmware workaround */
case ARM_CPU_PART_CORTEX_A57:
case ARM_CPU_PART_CORTEX_A72: {
struct arm_smccc_res res;
+ state = spectre_v2_get_cpu_fw_mitigation_state();
+ if (state != SPECTRE_MITIGATED)
+ break;
+
if (psci_ops.smccc_version == SMCCC_VERSION_1_0)
break;
@@ -84,10 +162,7 @@ static void cpu_v7_spectre_init(void)
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if ((int)res.a0 != 0)
break;
- per_cpu(harden_branch_predictor_fn, cpu) =
- call_hvc_arch_workaround_1;
- cpu_do_switch_mm = cpu_v7_hvc_switch_mm;
- spectre_v2_method = "hypervisor";
+ method = SPECTRE_V2_METHOD_HVC;
break;
case PSCI_CONDUIT_SMC:
@@ -95,28 +170,21 @@ static void cpu_v7_spectre_init(void)
ARM_SMCCC_ARCH_WORKAROUND_1, &res);
if ((int)res.a0 != 0)
break;
- per_cpu(harden_branch_predictor_fn, cpu) =
- call_smc_arch_workaround_1;
- cpu_do_switch_mm = cpu_v7_smc_switch_mm;
- spectre_v2_method = "firmware";
+ method = SPECTRE_V2_METHOD_SMC;
break;
default:
+ state = SPECTRE_VULNERABLE;
break;
}
}
-#endif
}
- if (spectre_v2_method)
- pr_info("CPU%u: Spectre v2: using %s workaround\n",
- smp_processor_id(), spectre_v2_method);
-}
-#else
-static void cpu_v7_spectre_init(void)
-{
+ if (state == SPECTRE_MITIGATED)
+ state = spectre_v2_install_workaround(method);
+
+ spectre_v2_update_state(state, method);
}
-#endif
static __maybe_unused bool cpu_v7_check_auxcr_set(bool *warned,
u32 mask, const char *msg)
@@ -146,16 +214,16 @@ static bool check_spectre_auxcr(bool *wa
void cpu_v7_ca8_ibe(void)
{
if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(6)))
- cpu_v7_spectre_init();
+ cpu_v7_spectre_v2_init();
}
void cpu_v7_ca15_ibe(void)
{
if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(0)))
- cpu_v7_spectre_init();
+ cpu_v7_spectre_v2_init();
}
void cpu_v7_bugs_init(void)
{
- cpu_v7_spectre_init();
+ cpu_v7_spectre_v2_init();
}
next prev parent reply other threads:[~2022-03-10 14:20 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-10 14:13 [PATCH 4.9 00/38] 4.9.306-rc2 review Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 01/38] x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 02/38] x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 03/38] x86/retpoline: Remove minimal retpoline support Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 04/38] Documentation: Add section about CPU vulnerabilities for Spectre Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 05/38] Documentation: Add swapgs description to the Spectre v1 documentation Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 06/38] Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 07/38] x86/speculation: Merge one test in spectre_v2_user_select_mitigation() Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 08/38] x86,bugs: Unconditionally allow spectre_v2=retpoline,amd Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 09/38] x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 10/38] x86/speculation: Add eIBRS + Retpoline options Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 11/38] Documentation/hw-vuln: Update spectre doc Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 12/38] x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 13/38] x86/speculation: Use generic retpoline by default on AMD Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 14/38] x86/speculation: Update link to AMD speculation whitepaper Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 15/38] x86/speculation: Warn about Spectre v2 LFENCE mitigation Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 16/38] x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 17/38] arm/arm64: Provide a wrapper for SMCCC 1.1 calls Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 18/38] arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit() Greg Kroah-Hartman
2022-03-10 14:13 ` Greg Kroah-Hartman [this message]
2022-03-10 14:13 ` [PATCH 4.9 20/38] ARM: early traps initialisation Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 21/38] ARM: use LOADADDR() to get load address of sections Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 22/38] ARM: Spectre-BHB workaround Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 23/38] ARM: include unprivileged BPF status in Spectre V2 reporting Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 24/38] ARM: fix build error when BPF_SYSCALL is disabled Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 25/38] ARM: fix co-processor register typo Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 26/38] ARM: Do not use NOCROSSREFS directive with ld.lld Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 27/38] x86/build: Fix compiler support check for CONFIG_RETPOLINE Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 28/38] x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 29/38] ARM: fix build warning in proc-v7-bugs.c Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 30/38] xen/xenbus: dont let xenbus_grant_ring() remove grants in error case Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 31/38] xen/grant-table: add gnttab_try_end_foreign_access() Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 32/38] xen/blkfront: dont use gnttab_query_foreign_access() for mapped status Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 33/38] xen/netfront: " Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 34/38] xen/scsifront: " Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 35/38] xen/gntalloc: dont use gnttab_query_foreign_access() Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 36/38] xen: remove gnttab_query_foreign_access() Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 37/38] xen/gnttab: fix gnttab_end_foreign_access() without page specified Greg Kroah-Hartman
2022-03-10 14:13 ` [PATCH 4.9 38/38] xen/netfront: react properly to failing gnttab_end_foreign_access_ref() Greg Kroah-Hartman
2022-03-10 18:00 ` [PATCH 4.9 00/38] 4.9.306-rc2 review Pavel Machek
2022-03-10 18:48 ` Jon Hunter
2022-03-10 19:35 ` Shuah Khan
2022-03-10 20:14 ` Florian Fainelli
2022-03-11 1:13 ` Guenter Roeck
2022-03-11 13:35 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220310140808.699465325@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=catalin.marinas@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rmk+kernel@armlinux.org.uk \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).