- Linux-stable-mirror - lists.linaro.org

Patch "[Variant 3/Meltdown] arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Tue, 14 Nov 2017 14:33:28 +0000 Subject: [Variant 3/Meltdown] arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks From: Will Deacon <will.deacon(a)arm.com> Commit 18011eac28c7 upstream. When unmapping the kernel at EL0, we use tpidrro_el0 as a scratch register during exception entry from native tasks and subsequently zero it in the kernel_ventry macro. We can therefore avoid zeroing tpidrro_el0 in the context-switch path for native tasks using the entry trampoline. Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Laura Abbott <labbott(a)redhat.com> Tested-by: Shanker Donthineni <shankerd(a)codeaurora.org> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/kernel/process.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -314,16 +314,14 @@ void tls_preserve_current_state(void) static void tls_thread_switch(struct task_struct *next) { - unsigned long tpidr, tpidrro; - tls_preserve_current_state(); - tpidr = *task_user_tls(next); - tpidrro = is_compat_thread(task_thread_info(next)) ? - next->thread.tp_value : 0; + if (is_compat_thread(task_thread_info(next))) + write_sysreg(next->thread.tp_value, tpidrro_el0); + else if (!arm64_kernel_unmapped_at_el0()) + write_sysreg(0, tpidrro_el0); - write_sysreg(tpidr, tpidr_el0); - write_sysreg(tpidrro, tpidrro_el0); + write_sysreg(*task_user_tls(next), tpidr_el0); } /* Restore the UAO state depending on next's addr_limit */ Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 2/Spectre-v2] arm64: Run enable method for errata work arounds on late CPUs" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 2/Spectre-v2] arm64: Run enable method for errata work arounds on late CPUs to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Suzuki K Poulose <suzuki.poulose(a)arm.com> Date: Wed, 17 Jan 2018 17:42:20 +0000 Subject: [Variant 2/Spectre-v2] arm64: Run enable method for errata work arounds on late CPUs From: Suzuki K Poulose <suzuki.poulose(a)arm.com> Commit 55b35d070c25 upstream. When a CPU is brought up after we have finalised the system wide capabilities (i.e, features and errata), we make sure the new CPU doesn't need a new errata work around which has not been detected already. However we don't run enable() method on the new CPU for the errata work arounds already detected. This could cause the new CPU running without potential work arounds. It is upto the "enable()" method to decide if this CPU should do something about the errata. Fixes: commit 6a6efbb45b7d95c84 ("arm64: Verify CPU errata work arounds on hotplugged CPU") Cc: Will Deacon <will.deacon(a)arm.com> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Andre Przywara <andre.przywara(a)arm.com> Cc: Dave Martin <dave.martin(a)arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose(a)arm.com> Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/kernel/cpu_errata.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -221,15 +221,18 @@ void verify_local_cpu_errata_workarounds { const struct arm64_cpu_capabilities *caps = arm64_errata; - for (; caps->matches; caps++) - if (!cpus_have_cap(caps->capability) && - caps->matches(caps, SCOPE_LOCAL_CPU)) { + for (; caps->matches; caps++) { + if (cpus_have_cap(caps->capability)) { + if (caps->enable) + caps->enable((void *)caps); + } else if (caps->matches(caps, SCOPE_LOCAL_CPU)) { pr_crit("CPU%d: Requires work around for %s, not detected" " at boot time\n", smp_processor_id(), caps->desc ? : "an erratum"); cpu_die_early(); } + } } void update_cpu_errata_workarounds(void) Patches currently in stable-queue which might be from suzuki.poulose(a)arm.com are queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch

7 years, 4 months

1
0
0 0

Patch "arm64: move TASK_* definitions to <asm/processor.h>" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled arm64: move TASK_* definitions to <asm/processor.h> to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-move-task_-definitions-to-asm-processor.h.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Yury Norov <ynorov(a)caviumnetworks.com> Date: Thu, 31 Aug 2017 11:30:50 +0300 Subject: arm64: move TASK_* definitions to <asm/processor.h> From: Yury Norov <ynorov(a)caviumnetworks.com> Commit eef94a3d09aa upstream. ILP32 series [1] introduces the dependency on <asm/is_compat.h> for TASK_SIZE macro. Which in turn requires <asm/thread_info.h>, and <asm/thread_info.h> include <asm/memory.h>, giving a circular dependency, because TASK_SIZE is currently located in <asm/memory.h>. In other architectures, TASK_SIZE is defined in <asm/processor.h>, and moving TASK_SIZE there fixes the problem. Discussion: https://patchwork.kernel.org/patch/9929107/ [1] https://github.com/norov/linux/tree/ilp32-next CC: Will Deacon <will.deacon(a)arm.com> CC: Laura Abbott <labbott(a)redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: James Morse <james.morse(a)arm.com> Suggested-by: Mark Rutland <mark.rutland(a)arm.com> Signed-off-by: Yury Norov <ynorov(a)caviumnetworks.com> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/include/asm/memory.h | 15 --------------- arch/arm64/include/asm/processor.h | 21 +++++++++++++++++++++ arch/arm64/kernel/entry.S | 2 +- 3 files changed, 22 insertions(+), 16 deletions(-) --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -61,8 +61,6 @@ * KIMAGE_VADDR - the virtual address of the start of the kernel image * VA_BITS - the maximum number of bits for virtual addresses. * VA_START - the first kernel virtual address. - * TASK_SIZE - the maximum size of a user space task. - * TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area. */ #define VA_BITS (CONFIG_ARM64_VA_BITS) #define VA_START (UL(0xffffffffffffffff) - \ @@ -77,19 +75,6 @@ #define PCI_IO_END (VMEMMAP_START - SZ_2M) #define PCI_IO_START (PCI_IO_END - PCI_IO_SIZE) #define FIXADDR_TOP (PCI_IO_START - SZ_2M) -#define TASK_SIZE_64 (UL(1) << VA_BITS) - -#ifdef CONFIG_COMPAT -#define TASK_SIZE_32 UL(0x100000000) -#define TASK_SIZE (test_thread_flag(TIF_32BIT) ? \ - TASK_SIZE_32 : TASK_SIZE_64) -#define TASK_SIZE_OF(tsk) (test_tsk_thread_flag(tsk, TIF_32BIT) ? \ - TASK_SIZE_32 : TASK_SIZE_64) -#else -#define TASK_SIZE TASK_SIZE_64 -#endif /* CONFIG_COMPAT */ - -#define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 4)) #define KERNEL_START _text #define KERNEL_END _end --- a/arch/arm64/include/asm/processor.h +++ b/arch/arm64/include/asm/processor.h @@ -19,6 +19,10 @@ #ifndef __ASM_PROCESSOR_H #define __ASM_PROCESSOR_H +#define TASK_SIZE_64 (UL(1) << VA_BITS) + +#ifndef __ASSEMBLY__ + /* * Default implementation of macro that returns current * instruction pointer ("program counter"). @@ -37,6 +41,22 @@ #include <asm/ptrace.h> #include <asm/types.h> +/* + * TASK_SIZE - the maximum size of a user space task. + * TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area. + */ +#ifdef CONFIG_COMPAT +#define TASK_SIZE_32 UL(0x100000000) +#define TASK_SIZE (test_thread_flag(TIF_32BIT) ? \ + TASK_SIZE_32 : TASK_SIZE_64) +#define TASK_SIZE_OF(tsk) (test_tsk_thread_flag(tsk, TIF_32BIT) ? \ + TASK_SIZE_32 : TASK_SIZE_64) +#else +#define TASK_SIZE TASK_SIZE_64 +#endif /* CONFIG_COMPAT */ + +#define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 4)) + #define STACK_TOP_MAX TASK_SIZE_64 #ifdef CONFIG_COMPAT #define AARCH32_VECTORS_BASE 0xffff0000 @@ -194,4 +214,5 @@ static inline void spin_lock_prefetch(co int cpu_enable_pan(void *__unused); int cpu_enable_cache_maint_trap(void *__unused); +#endif /* __ASSEMBLY__ */ #endif /* __ASM_PROCESSOR_H */ --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -28,7 +28,7 @@ #include <asm/errno.h> #include <asm/esr.h> #include <asm/irq.h> -#include <asm/memory.h> +#include <asm/processor.h> #include <asm/ptrace.h> #include <asm/thread_info.h> #include <asm/asm-uaccess.h> Patches currently in stable-queue which might be from ynorov(a)caviumnetworks.com are queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 2/Spectre-v2] arm64: Move post_ttbr_update_workaround to C code" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 2/Spectre-v2] arm64: Move post_ttbr_update_workaround to C code to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-move-post_ttbr_update_workaround-to-c-code.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Marc Zyngier <marc.zyngier(a)arm.com> Date: Tue, 2 Jan 2018 18:19:39 +0000 Subject: [Variant 2/Spectre-v2] arm64: Move post_ttbr_update_workaround to C code From: Marc Zyngier <marc.zyngier(a)arm.com> Commit 95e3de3590e3 upstream. We will soon need to invoke a CPU-specific function pointer after changing page tables, so move post_ttbr_update_workaround out into C code to make this possible. Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/include/asm/assembler.h | 23 ----------------------- arch/arm64/kernel/entry.S | 2 +- arch/arm64/mm/context.c | 9 +++++++++ arch/arm64/mm/proc.S | 3 +-- 4 files changed, 11 insertions(+), 26 deletions(-) --- a/arch/arm64/include/asm/assembler.h +++ b/arch/arm64/include/asm/assembler.h @@ -481,29 +481,6 @@ alternative_endif mrs \rd, sp_el0 .endm -/* - * Errata workaround post TTBRx_EL1 update. - */ - .macro post_ttbr_update_workaround -#ifdef CONFIG_CAVIUM_ERRATUM_27456 -alternative_if ARM64_WORKAROUND_CAVIUM_27456 - ic iallu - dsb nsh - isb -alternative_else_nop_endif -#endif - .endm - -/** - * Errata workaround prior to disable MMU. Insert an ISB immediately prior - * to executing the MSR that will change SCTLR_ELn[M] from a value of 1 to 0. - */ - .macro pre_disable_mmu_workaround -#ifdef CONFIG_QCOM_FALKOR_ERRATUM_E1041 - isb -#endif - .endm - .macro pte_to_phys, phys, pte and \phys, \pte, #(((1 << (48 - PAGE_SHIFT)) - 1) << PAGE_SHIFT) .endm --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -275,7 +275,7 @@ alternative_else_nop_endif * Cavium erratum 27456 (broadcast TLBI instructions may cause I-cache * corruption). */ - post_ttbr_update_workaround + bl post_ttbr_update_workaround .endif 1: .if \el != 0 --- a/arch/arm64/mm/context.c +++ b/arch/arm64/mm/context.c @@ -235,6 +235,15 @@ switch_mm_fastpath: cpu_switch_mm(mm->pgd, mm); } +/* Errata workaround post TTBRx_EL1 update. */ +asmlinkage void post_ttbr_update_workaround(void) +{ + asm(ALTERNATIVE("nop; nop; nop", + "ic iallu; dsb nsh; isb", + ARM64_WORKAROUND_CAVIUM_27456, + CONFIG_CAVIUM_ERRATUM_27456)); +} + static int asids_init(void) { asid_bits = get_cpu_asid_bits(); --- a/arch/arm64/mm/proc.S +++ b/arch/arm64/mm/proc.S @@ -148,8 +148,7 @@ ENTRY(cpu_do_switch_mm) isb msr ttbr0_el1, x0 // now update TTBR0 isb - post_ttbr_update_workaround - ret + b post_ttbr_update_workaround // Back to C code... ENDPROC(cpu_do_switch_mm) .pushsection ".idmap.text", "awx" Patches currently in stable-queue which might be from marc.zyngier(a)arm.com are queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 3/Meltdown] arm64: mm: Use non-global mappings for kernel space" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: mm: Use non-global mappings for kernel space to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-mm-use-non-global-mappings-for-kernel-space.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Thu, 10 Aug 2017 12:56:18 +0100 Subject: [Variant 3/Meltdown] arm64: mm: Use non-global mappings for kernel space From: Will Deacon <will.deacon(a)arm.com> Commit e046eb0c9bf2 upstream. In preparation for unmapping the kernel whilst running in userspace, make the kernel mappings non-global so we can avoid expensive TLB invalidation on kernel exit to userspace. Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Laura Abbott <labbott(a)redhat.com> Tested-by: Shanker Donthineni <shankerd(a)codeaurora.org> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/include/asm/kernel-pgtable.h | 12 ++++++++++-- arch/arm64/include/asm/pgtable-prot.h | 21 +++++++++++++++------ 2 files changed, 25 insertions(+), 8 deletions(-) --- a/arch/arm64/include/asm/kernel-pgtable.h +++ b/arch/arm64/include/asm/kernel-pgtable.h @@ -78,8 +78,16 @@ /* * Initial memory map attributes. */ -#define SWAPPER_PTE_FLAGS (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) -#define SWAPPER_PMD_FLAGS (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) +#define _SWAPPER_PTE_FLAGS (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) +#define _SWAPPER_PMD_FLAGS (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) + +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +#define SWAPPER_PTE_FLAGS (_SWAPPER_PTE_FLAGS | PTE_NG) +#define SWAPPER_PMD_FLAGS (_SWAPPER_PMD_FLAGS | PMD_SECT_NG) +#else +#define SWAPPER_PTE_FLAGS _SWAPPER_PTE_FLAGS +#define SWAPPER_PMD_FLAGS _SWAPPER_PMD_FLAGS +#endif #if ARM64_SWAPPER_USES_SECTION_MAPS #define SWAPPER_MM_MMUFLAGS (PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS) --- a/arch/arm64/include/asm/pgtable-prot.h +++ b/arch/arm64/include/asm/pgtable-prot.h @@ -34,8 +34,16 @@ #include <asm/pgtable-types.h> -#define PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) -#define PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) +#define _PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) +#define _PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) + +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +#define PROT_DEFAULT (_PROT_DEFAULT | PTE_NG) +#define PROT_SECT_DEFAULT (_PROT_SECT_DEFAULT | PMD_SECT_NG) +#else +#define PROT_DEFAULT _PROT_DEFAULT +#define PROT_SECT_DEFAULT _PROT_SECT_DEFAULT +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ #define PROT_DEVICE_nGnRnE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE)) #define PROT_DEVICE_nGnRE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE)) @@ -48,6 +56,7 @@ #define PROT_SECT_NORMAL_EXEC (PROT_SECT_DEFAULT | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL)) #define _PAGE_DEFAULT (PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL)) +#define _HYP_PAGE_DEFAULT (_PAGE_DEFAULT & ~PTE_NG) #define PAGE_KERNEL __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE) #define PAGE_KERNEL_RO __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_RDONLY) @@ -55,15 +64,15 @@ #define PAGE_KERNEL_EXEC __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE) #define PAGE_KERNEL_EXEC_CONT __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_CONT) -#define PAGE_HYP __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_HYP_XN) -#define PAGE_HYP_EXEC __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY) -#define PAGE_HYP_RO __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY | PTE_HYP_XN) +#define PAGE_HYP __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_HYP_XN) +#define PAGE_HYP_EXEC __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY) +#define PAGE_HYP_RO __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY | PTE_HYP_XN) #define PAGE_HYP_DEVICE __pgprot(PROT_DEVICE_nGnRE | PTE_HYP) #define PAGE_S2 __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_NORMAL) | PTE_S2_RDONLY) #define PAGE_S2_DEVICE __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_UXN) -#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_RDONLY | PTE_PXN | PTE_UXN) +#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN) #define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE) #define PAGE_SHARED_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_WRITE) #define PAGE_READONLY __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN) Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 2/Spectre-v2] arm64: Move BP hardening to check_and_switch_context" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 2/Spectre-v2] arm64: Move BP hardening to check_and_switch_context to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-move-bp-hardening-to-check_and_switch_context.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Marc Zyngier <marc.zyngier(a)arm.com> Date: Fri, 19 Jan 2018 15:42:09 +0000 Subject: [Variant 2/Spectre-v2] arm64: Move BP hardening to check_and_switch_context From: Marc Zyngier <marc.zyngier(a)arm.com> Commit a8e4c0a919ae upstream. We call arm64_apply_bp_hardening() from post_ttbr_update_workaround, which has the unexpected consequence of being triggered on every exception return to userspace when ARM64_SW_TTBR0_PAN is selected, even if no context switch actually occured. This is a bit suboptimal, and it would be more logical to only invalidate the branch predictor when we actually switch to a different mm. In order to solve this, move the call to arm64_apply_bp_hardening() into check_and_switch_context(), where we're guaranteed to pick a different mm context. Acked-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/mm/context.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/arch/arm64/mm/context.c +++ b/arch/arm64/mm/context.c @@ -227,6 +227,9 @@ void check_and_switch_context(struct mm_ raw_spin_unlock_irqrestore(&cpu_asid_lock, flags); switch_mm_fastpath: + + arm64_apply_bp_hardening(); + /* * Defer TTBR0_EL1 setting for user threads to uaccess_enable() when * emulating PAN. @@ -242,8 +245,6 @@ asmlinkage void post_ttbr_update_workaro "ic iallu; dsb nsh; isb", ARM64_WORKAROUND_CAVIUM_27456, CONFIG_CAVIUM_ERRATUM_27456)); - - arm64_apply_bp_hardening(); } static int asids_init(void) Patches currently in stable-queue which might be from marc.zyngier(a)arm.com are queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 3/Meltdown] arm64: mm: Rename post_ttbr0_update_workaround" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: mm: Rename post_ttbr0_update_workaround to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-mm-rename-post_ttbr0_update_workaround.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Thu, 10 Aug 2017 13:34:30 +0100 Subject: [Variant 3/Meltdown] arm64: mm: Rename post_ttbr0_update_workaround From: Will Deacon <will.deacon(a)arm.com> Commit 158d495899ce upstream. The post_ttbr0_update_workaround hook applies to any change to TTBRx_EL1. Since we're using TTBR1 for the ASID, rename the hook to make it clearer as to what it's doing. Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Laura Abbott <labbott(a)redhat.com> Tested-by: Shanker Donthineni <shankerd(a)codeaurora.org> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/include/asm/assembler.h | 5 ++--- arch/arm64/kernel/entry.S | 2 +- arch/arm64/mm/proc.S | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) --- a/arch/arm64/include/asm/assembler.h +++ b/arch/arm64/include/asm/assembler.h @@ -464,10 +464,9 @@ alternative_endif .endm /* -/* - * Errata workaround post TTBR0_EL1 update. + * Errata workaround post TTBRx_EL1 update. */ - .macro post_ttbr0_update_workaround + .macro post_ttbr_update_workaround #ifdef CONFIG_CAVIUM_ERRATUM_27456 alternative_if ARM64_WORKAROUND_CAVIUM_27456 ic iallu --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -255,7 +255,7 @@ alternative_else_nop_endif * Cavium erratum 27456 (broadcast TLBI instructions may cause I-cache * corruption). */ - post_ttbr0_update_workaround + post_ttbr_update_workaround .endif 1: .if \el != 0 --- a/arch/arm64/mm/proc.S +++ b/arch/arm64/mm/proc.S @@ -145,7 +145,7 @@ ENTRY(cpu_do_switch_mm) isb msr ttbr0_el1, x0 // now update TTBR0 isb - post_ttbr0_update_workaround + post_ttbr_update_workaround ret ENDPROC(cpu_do_switch_mm) Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 3/Meltdown] arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Thu, 10 Aug 2017 13:04:48 +0100 Subject: [Variant 3/Meltdown] arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN From: Will Deacon <will.deacon(a)arm.com> Commit 376133b7edc2 upstream. We're about to rework the way ASIDs are allocated, switch_mm is implemented and low-level kernel entry/exit is handled, so keep the ARM64_SW_TTBR0_PAN code out of the way whilst we do the heavy lifting. It will be re-enabled in a subsequent patch. Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Laura Abbott <labbott(a)redhat.com> Tested-by: Shanker Donthineni <shankerd(a)codeaurora.org> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/Kconfig | 1 + 1 file changed, 1 insertion(+) --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -882,6 +882,7 @@ endif config ARM64_SW_TTBR0_PAN bool "Emulate Privileged Access Never using TTBR0_EL1 switching" + depends on BROKEN # Temporary while switch_mm is reworked help Enabling this option prevents the kernel from accessing user-space memory directly by pointing TTBR0_EL1 to a reserved Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 3/Meltdown] arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Thu, 10 Aug 2017 13:29:06 +0100 Subject: [Variant 3/Meltdown] arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 From: Will Deacon <will.deacon(a)arm.com> Commit 85d13c001497 upstream. The pre_ttbr0_update_workaround hook is called prior to context-switching TTBR0 because Falkor erratum E1003 can cause TLB allocation with the wrong ASID if both the ASID and the base address of the TTBR are updated at the same time. With the ASID sitting safely in TTBR1, we no longer update things atomically, so we can remove the pre_ttbr0_update_workaround macro as it's no longer required. The erratum infrastructure and documentation is left around for #E1003, as it will be required by the entry trampoline code in a future patch. Reviewed-by: Mark Rutland <mark.rutland(a)arm.com> Tested-by: Laura Abbott <labbott(a)redhat.com> Tested-by: Shanker Donthineni <shankerd(a)codeaurora.org> Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/include/asm/assembler.h | 22 ---------------------- arch/arm64/include/asm/mmu_context.h | 2 -- arch/arm64/mm/context.c | 11 ----------- arch/arm64/mm/proc.S | 1 - 4 files changed, 36 deletions(-) --- a/arch/arm64/include/asm/assembler.h +++ b/arch/arm64/include/asm/assembler.h @@ -25,7 +25,6 @@ #include <asm/asm-offsets.h> #include <asm/cpufeature.h> -#include <asm/mmu_context.h> #include <asm/page.h> #include <asm/pgtable-hwdef.h> #include <asm/ptrace.h> @@ -465,27 +464,6 @@ alternative_endif .endm /* - * Errata workaround prior to TTBR0_EL1 update - * - * val: TTBR value with new BADDR, preserved - * tmp0: temporary register, clobbered - * tmp1: other temporary register, clobbered - */ - .macro pre_ttbr0_update_workaround, val, tmp0, tmp1 -#ifdef CONFIG_QCOM_FALKOR_ERRATUM_1003 -alternative_if ARM64_WORKAROUND_QCOM_FALKOR_E1003 - mrs \tmp0, ttbr0_el1 - mov \tmp1, #FALKOR_RESERVED_ASID - bfi \tmp0, \tmp1, #48, #16 // reserved ASID + old BADDR - msr ttbr0_el1, \tmp0 - isb - bfi \tmp0, \val, #0, #48 // reserved ASID + new BADDR - msr ttbr0_el1, \tmp0 - isb -alternative_else_nop_endif -#endif - .endm - /* * Errata workaround post TTBR0_EL1 update. */ --- a/arch/arm64/include/asm/mmu_context.h +++ b/arch/arm64/include/asm/mmu_context.h @@ -19,8 +19,6 @@ #ifndef __ASM_MMU_CONTEXT_H #define __ASM_MMU_CONTEXT_H -#define FALKOR_RESERVED_ASID 1 - #ifndef __ASSEMBLY__ #include <linux/compiler.h> --- a/arch/arm64/mm/context.c +++ b/arch/arm64/mm/context.c @@ -79,13 +79,6 @@ void verify_cpu_asid_bits(void) } } -static void set_reserved_asid_bits(void) -{ - if (IS_ENABLED(CONFIG_QCOM_FALKOR_ERRATUM_1003) && - cpus_have_const_cap(ARM64_WORKAROUND_QCOM_FALKOR_E1003)) - __set_bit(FALKOR_RESERVED_ASID, asid_map); -} - static void flush_context(unsigned int cpu) { int i; @@ -94,8 +87,6 @@ static void flush_context(unsigned int c /* Update the list of reserved ASIDs and the ASID bitmap. */ bitmap_clear(asid_map, 0, NUM_USER_ASIDS); - set_reserved_asid_bits(); - /* * Ensure the generation bump is observed before we xchg the * active_asids. @@ -250,8 +241,6 @@ static int asids_init(void) panic("Failed to allocate bitmap for %lu ASIDs\n", NUM_USER_ASIDS); - set_reserved_asid_bits(); - pr_info("ASID allocator initialised with %lu entries\n", NUM_USER_ASIDS); return 0; } --- a/arch/arm64/mm/proc.S +++ b/arch/arm64/mm/proc.S @@ -138,7 +138,6 @@ ENDPROC(cpu_do_resume) * - pgd_phys - physical address of new TTB */ ENTRY(cpu_do_switch_mm) - pre_ttbr0_update_workaround x0, x2, x3 mrs x2, ttbr1_el1 mmid x1, x1 // get mm->context.id bfi x2, x1, #48, #16 // set the ASID Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

Patch "[Variant 3/Meltdown] arm64: mm: Permit transitioning from Global to Non-Global without BBM" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [Variant 3/Meltdown] arm64: mm: Permit transitioning from Global to Non-Global without BBM to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 14 14:44:54 CET 2018 From: Will Deacon <will.deacon(a)arm.com> Date: Mon, 29 Jan 2018 11:59:54 +0000 Subject: [Variant 3/Meltdown] arm64: mm: Permit transitioning from Global to Non-Global without BBM From: Will Deacon <will.deacon(a)arm.com> Commit 4e6020565596 upstream. Break-before-make is not needed when transitioning from Global to Non-Global mappings, provided that the contiguous hint is not being used. Signed-off-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/arm64/mm/mmu.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -117,6 +117,10 @@ static bool pgattr_change_is_safe(u64 ol if ((old | new) & PTE_CONT) return false; + /* Transitioning from Global to Non-Global is safe */ + if (((old ^ new) == PTE_NG) && (new & PTE_NG)) + return true; + return ((old ^ new) & ~mask) == 0; } Patches currently in stable-queue which might be from will.deacon(a)arm.com are queue-4.14/arm64-make-user_ds-an-inclusive-limit.patch queue-4.14/arm64-mm-remove-pre_ttbr0_update_workaround-for-falkor-erratum-e1003.patch queue-4.14/arm64-uaccess-don-t-bother-eliding-access_ok-checks-in-__-get-put-_user.patch queue-4.14/arm64-cpufeature-pass-capability-structure-to-enable-callback.patch queue-4.14/arm64-uaccess-mask-__user-pointers-for-__arch_-clear-copy_-_user.patch queue-4.14/arm64-mm-add-arm64_kernel_unmapped_at_el0-helper.patch queue-4.14/arm64-entry-reword-comment-about-post_ttbr_update_workaround.patch queue-4.14/arm64-kaslr-put-kernel-vectors-address-in-separate-data-page.patch queue-4.14/arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch queue-4.14/arm64-move-bp-hardening-to-check_and_switch_context.patch queue-4.14/arm-arm64-kvm-advertise-smccc-v1.1.patch queue-4.14/arm64-move-post_ttbr_update_workaround-to-c-code.patch queue-4.14/arm64-turn-on-kpti-only-on-cpus-that-need-it.patch queue-4.14/firmware-psci-expose-psci-conduit.patch queue-4.14/arm64-force-kpti-to-be-disabled-on-cavium-thunderx.patch queue-4.14/arm64-entry-apply-bp-hardening-for-high-priority-synchronous-exceptions.patch queue-4.14/arm64-kpti-fix-the-interaction-between-asid-switching-and-software-pan.patch queue-4.14/firmware-psci-expose-smccc-version-through-psci_ops.patch queue-4.14/arm64-mm-permit-transitioning-from-global-to-non-global-without-bbm.patch queue-4.14/arm64-mm-allocate-asids-in-pairs.patch queue-4.14/arm64-tls-avoid-unconditional-zeroing-of-tpidrro_el0-for-native-tasks.patch queue-4.14/arm64-use-ret-instruction-for-exiting-the-trampoline.patch queue-4.14/arm64-futex-mask-__user-pointers-prior-to-dereference.patch queue-4.14/arm64-entry-explicitly-pass-exception-level-to-kernel_ventry-macro.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-affected-cortex-a-cpus.patch queue-4.14/arm64-kpti-make-use-of-ng-dependent-on-arm64_kernel_unmapped_at_el0.patch queue-4.14/arm-arm64-kvm-add-psci_version-helper.patch queue-4.14/arm64-kill-psci_get_version-as-a-variant-2-workaround.patch queue-4.14/arm64-entry-ensure-branch-through-syscall-table-is-bounded-under-speculation.patch queue-4.14/arm64-mm-use-non-global-mappings-for-kernel-space.patch queue-4.14/arm64-entry-apply-bp-hardening-for-suspicious-interrupts-from-el0.patch queue-4.14/arm64-capabilities-handle-duplicate-entries-for-a-capability.patch queue-4.14/arm64-entry-hook-up-entry-trampoline-to-exception-vectors.patch queue-4.14/arm64-branch-predictor-hardening-for-cavium-thunderx2.patch queue-4.14/arm64-uaccess-prevent-speculative-use-of-the-current-addr_limit.patch queue-4.14/.arm64-add-software-workaround-for-falkor-erratum-1041.patch.swp queue-4.14/arm64-use-pointer-masking-to-limit-uaccess-speculation.patch queue-4.14/arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-erratum-work-around-falkor-erratum-e1003-in-trampoline-code.patch queue-4.14/arm64-mm-fix-and-re-enable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-mm-invalidate-both-kernel-and-user-asids-when-performing-tlbi.patch queue-4.14/drivers-firmware-expose-psci_get_version-through-psci_ops-structure.patch queue-4.14/arm64-mm-rename-post_ttbr0_update_workaround.patch queue-4.14/arm64-mm-map-entry-trampoline-into-trampoline-and-kernel-page-tables.patch queue-4.14/arm-arm64-kvm-turn-kvm_psci_version-into-a-static-inline.patch queue-4.14/arm-arm64-kvm-implement-psci-1.0-support.patch queue-4.14/arm64-move-task_-definitions-to-asm-processor.h.patch queue-4.14/arm64-kconfig-reword-unmap_kernel_at_el0-kconfig-entry.patch queue-4.14/arm64-mm-move-asid-from-ttbr0-to-ttbr1.patch queue-4.14/arm64-mm-introduce-ttbr_asid_mask-for-getting-at-the-asid-in-the-ttbr.patch queue-4.14/arm64-kvm-add-smccc_arch_workaround_1-fast-handling.patch queue-4.14/arm64-take-into-account-id_aa64pfr0_el1.csv3.patch queue-4.14/arm64-cputype-add-missing-midr-values-for-cortex-a72-and-cortex-a75.patch queue-4.14/arm64-kvm-report-smccc_arch_workaround_1-bp-hardening-support.patch queue-4.14/arm64-barrier-add-csdb-macros-to-control-data-value-prediction.patch queue-4.14/arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch queue-4.14/arm64-implement-branch-predictor-hardening-for-falkor.patch queue-4.14/arm64-kconfig-add-config_unmap_kernel_at_el0.patch queue-4.14/arm64-add-software-workaround-for-falkor-erratum-1041.patch queue-4.14/arm64-idmap-use-awx-flags-for-.idmap.text-.pushsection-directives.patch queue-4.14/arm64-run-enable-method-for-errata-work-arounds-on-late-cpus.patch queue-4.14/arm64-mm-temporarily-disable-arm64_sw_ttbr0_pan.patch queue-4.14/arm64-entry-add-exception-trampoline-page-for-exceptions-from-el0.patch queue-4.14/arm64-kvm-make-psci_version-a-fast-path.patch queue-4.14/arm64-cpufeature-__this_cpu_has_cap-shouldn-t-stop-early.patch queue-4.14/arm64-implement-array_index_mask_nospec.patch queue-4.14/arm64-kpti-add-enable-callback-to-remap-swapper-using-ng-mappings.patch queue-4.14/arm-arm64-kvm-consolidate-the-psci-include-files.patch queue-4.14/arm64-add-skeleton-to-harden-the-branch-predictor-against-aliasing-attacks.patch queue-4.14/arm64-define-cputype-macros-for-falkor-cpu.patch queue-4.14/arm64-cpu_errata-add-kryo-to-falkor-1003-errata.patch queue-4.14/arm-arm64-kvm-add-smccc-accessors-to-psci-code.patch queue-4.14/arm64-entry-add-fake-cpu-feature-for-unmapping-the-kernel-at-el0.patch queue-4.14/arm64-kvm-use-per-cpu-vector-when-bp-hardening-is-enabled.patch queue-4.14/arm64-cputype-add-midr-values-for-cavium-thunderx2-cpus.patch queue-4.14/arm64-kvm-increment-pc-after-handling-an-smc-trap.patch

7 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror