[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v3 11/17] xen/arm64: Kill PSCI_GET_VERSION as a variant-2 workaround



Now that we've standardised on SMCCC v1.1 to perform the branch
prediction invalidation, let's drop the previous band-aid. If vendors
haven't updated their firmware to do SMCCC 1.1, they haven't updated
PSCI either, so we don't loose anything.

This is aligned with the Linux commit 3a0a397ff5ff.

Signed-off-by: Julien Grall <julien.grall@xxxxxxx>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>

---
    Note that the patch is in arm64/for-next/core and should be merged
    in master soon.

    Changes in v3:
        - Add Volodymyr's reviewed-by

    Changes in v2:
        - Patch added
---
 xen/arch/arm/arm64/bpi.S | 25 ----------------------
 xen/arch/arm/cpuerrata.c | 54 +++++++++++++++++-------------------------------
 2 files changed, 19 insertions(+), 60 deletions(-)

diff --git a/xen/arch/arm/arm64/bpi.S b/xen/arch/arm/arm64/bpi.S
index 981fb83a88..27ff801ed3 100644
--- a/xen/arch/arm/arm64/bpi.S
+++ b/xen/arch/arm/arm64/bpi.S
@@ -58,31 +58,6 @@ ENTRY(__bp_harden_hyp_vecs_start)
     .endr
 ENTRY(__bp_harden_hyp_vecs_end)
 
-ENTRY(__psci_hyp_bp_inval_start)
-    sub     sp, sp, #(8 * 18)
-    stp     x16, x17, [sp, #(16 * 0)]
-    stp     x14, x15, [sp, #(16 * 1)]
-    stp     x12, x13, [sp, #(16 * 2)]
-    stp     x10, x11, [sp, #(16 * 3)]
-    stp     x8, x9, [sp, #(16 * 4)]
-    stp     x6, x7, [sp, #(16 * 5)]
-    stp     x4, x5, [sp, #(16 * 6)]
-    stp     x2, x3, [sp, #(16 * 7)]
-    stp     x0, x1, [sp, #(16 * 8)]
-    mov     x0, #0x84000000
-    smc     #0
-    ldp     x16, x17, [sp, #(16 * 0)]
-    ldp     x14, x15, [sp, #(16 * 1)]
-    ldp     x12, x13, [sp, #(16 * 2)]
-    ldp     x10, x11, [sp, #(16 * 3)]
-    ldp     x8, x9, [sp, #(16 * 4)]
-    ldp     x6, x7, [sp, #(16 * 5)]
-    ldp     x4, x5, [sp, #(16 * 6)]
-    ldp     x2, x3, [sp, #(16 * 7)]
-    ldp     x0, x1, [sp, #(16 * 8)]
-    add     sp, sp, #(8 * 18)
-ENTRY(__psci_hyp_bp_inval_end)
-
 ENTRY(__smccc_workaround_1_smc_start)
     sub     sp, sp, #(8 * 4)
     stp     x2, x3, [sp, #(8 * 0)]
diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c
index dec9074422..4eb1567589 100644
--- a/xen/arch/arm/cpuerrata.c
+++ b/xen/arch/arm/cpuerrata.c
@@ -149,10 +149,11 @@ install_bp_hardening_vec(const struct 
arm_cpu_capabilities *entry,
 
 extern char __smccc_workaround_1_smc_start[], __smccc_workaround_1_smc_end[];
 
-static bool
-check_smccc_arch_workaround_1(const struct arm_cpu_capabilities *entry)
+static int enable_smccc_arch_workaround_1(void *data)
 {
     struct arm_smccc_res res;
+    static bool warned = false;
+    const struct arm_cpu_capabilities *entry = data;
 
     /*
      * Enable callbacks are called on every CPU based on the
@@ -160,47 +161,30 @@ check_smccc_arch_workaround_1(const struct 
arm_cpu_capabilities *entry)
      * entry.
      */
     if ( !entry->matches(entry) )
-        return false;
+        return 0;
 
     if ( smccc_ver < SMCCC_VERSION(1, 1) )
-        return false;
+        goto warn;
 
     arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FID,
                       ARM_SMCCC_ARCH_WORKAROUND_1_FID, &res);
     if ( res.a0 != ARM_SMCCC_SUCCESS )
-        return false;
-
-    return install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start,
-                                    __smccc_workaround_1_smc_end,
-                                    "call ARM_SMCCC_ARCH_WORKAROUND_1");
-}
+        goto warn;
 
-extern char __psci_hyp_bp_inval_start[], __psci_hyp_bp_inval_end[];
+    return !install_bp_hardening_vec(entry,__smccc_workaround_1_smc_start,
+                                     __smccc_workaround_1_smc_end,
+                                     "call ARM_SMCCC_ARCH_WORKAROUND_1");
 
-static int enable_psci_bp_hardening(void *data)
-{
-    bool ret = true;
-    static bool warned = false;
-
-    if ( check_smccc_arch_workaround_1(data) )
-        return 0;
-    /*
-     * The mitigation is using PSCI version function to invalidate the
-     * branch predictor. This function is only available with PSCI 0.2
-     * and later.
-     */
-    else if ( psci_ver >= PSCI_VERSION(0, 2) )
-        ret = install_bp_hardening_vec(data, __psci_hyp_bp_inval_start,
-                                       __psci_hyp_bp_inval_end,
-                                       "call PSCI get version");
-    else if ( !warned )
+warn:
+    if ( !warned )
     {
         ASSERT(system_state < SYS_STATE_active);
-        warning_add("PSCI 0.2 or later is required for the branch predictor 
hardening.\n");
-        warned = true;
+        warning_add("No support for ARM_SMCCC_ARCH_WORKAROUND_1.\n"
+                    "Please update your firmware.\n");
+        warned = false;
     }
 
-    return !ret;
+    return 0;
 }
 
 #endif /* CONFIG_ARM64_HARDEN_BRANCH_PREDICTOR */
@@ -316,22 +300,22 @@ static const struct arm_cpu_capabilities arm_errata[] = {
     {
         .capability = ARM_HARDEN_BRANCH_PREDICTOR,
         MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
-        .enable = enable_psci_bp_hardening,
+        .enable = enable_smccc_arch_workaround_1,
     },
     {
         .capability = ARM_HARDEN_BRANCH_PREDICTOR,
         MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
-        .enable = enable_psci_bp_hardening,
+        .enable = enable_smccc_arch_workaround_1,
     },
     {
         .capability = ARM_HARDEN_BRANCH_PREDICTOR,
         MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
-        .enable = enable_psci_bp_hardening,
+        .enable = enable_smccc_arch_workaround_1,
     },
     {
         .capability = ARM_HARDEN_BRANCH_PREDICTOR,
         MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
-        .enable = enable_psci_bp_hardening,
+        .enable = enable_smccc_arch_workaround_1,
     },
 #endif
 #ifdef CONFIG_ARM32_HARDEN_BRANCH_PREDICTOR
-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.