ARM: report Spectre v2 status through sysfs (0c240cda) · Commits · EulixOS / Software / Kernel

arch/arm/include/asm/spectre.h

0 → 100644

+28 −0

Original line number	Original line	Diff line number	Diff line
			/* SPDX-License-Identifier: GPL-2.0-only */

			#ifndef __ASM_SPECTRE_H
			#define __ASM_SPECTRE_H

			enum {
			SPECTRE_UNAFFECTED,
			SPECTRE_MITIGATED,
			SPECTRE_VULNERABLE,
			};

			enum {
			__SPECTRE_V2_METHOD_BPIALL,
			__SPECTRE_V2_METHOD_ICIALLU,
			__SPECTRE_V2_METHOD_SMC,
			__SPECTRE_V2_METHOD_HVC,
			};

			enum {
			SPECTRE_V2_METHOD_BPIALL = BIT(__SPECTRE_V2_METHOD_BPIALL),
			SPECTRE_V2_METHOD_ICIALLU = BIT(__SPECTRE_V2_METHOD_ICIALLU),
			SPECTRE_V2_METHOD_SMC = BIT(__SPECTRE_V2_METHOD_SMC),
			SPECTRE_V2_METHOD_HVC = BIT(__SPECTRE_V2_METHOD_HVC),
			};

			void spectre_v2_update_state(unsigned int state, unsigned int methods);

			#endif

arch/arm/kernel/Makefile

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -111,4 +111,6 @@ endif

	obj-$(CONFIG_HAVE_ARM_SMCCC) += smccc-call.o		obj-$(CONFIG_HAVE_ARM_SMCCC) += smccc-call.o

			obj-$(CONFIG_GENERIC_CPU_VULNERABILITIES) += spectre.o

	extra-y := $(head-y) vmlinux.lds		extra-y := $(head-y) vmlinux.lds

arch/arm/kernel/spectre.c

0 → 100644

+54 −0

Original line number	Original line	Diff line number	Diff line
			// SPDX-License-Identifier: GPL-2.0-only
			#include <linux/cpu.h>
			#include <linux/device.h>

			#include <asm/spectre.h>

			ssize_t cpu_show_spectre_v1(struct device dev, struct device_attribute attr,
			char *buf)
			{
			return sprintf(buf, "Mitigation: __user pointer sanitization\n");
			}

			static unsigned int spectre_v2_state;
			static unsigned int spectre_v2_methods;

			void spectre_v2_update_state(unsigned int state, unsigned int method)
			{
			if (state > spectre_v2_state)
			spectre_v2_state = state;
			spectre_v2_methods \|= method;
			}

			ssize_t cpu_show_spectre_v2(struct device dev, struct device_attribute attr,
			char *buf)
			{
			const char *method;

			if (spectre_v2_state == SPECTRE_UNAFFECTED)
			return sprintf(buf, "%s\n", "Not affected");

			if (spectre_v2_state != SPECTRE_MITIGATED)
			return sprintf(buf, "%s\n", "Vulnerable");

			switch (spectre_v2_methods) {
			case SPECTRE_V2_METHOD_BPIALL:
			method = "Branch predictor hardening";
			break;

			case SPECTRE_V2_METHOD_ICIALLU:
			method = "I-cache invalidation";
			break;

			case SPECTRE_V2_METHOD_SMC:
			case SPECTRE_V2_METHOD_HVC:
			method = "Firmware call";
			break;

			default:
			method = "Multiple mitigations";
			break;
			}

			return sprintf(buf, "Mitigation: %s\n", method);
			}

arch/arm/mm/Kconfig

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -833,6 +833,7 @@ config CPU_BPREDICT_DISABLE

	config CPU_SPECTRE		config CPU_SPECTRE
	bool		bool
			select GENERIC_CPU_VULNERABILITIES

	config HARDEN_BRANCH_PREDICTOR		config HARDEN_BRANCH_PREDICTOR
	bool "Harden the branch predictor against aliasing attacks" if EXPERT		bool "Harden the branch predictor against aliasing attacks" if EXPERT

arch/arm/mm/proc-v7-bugs.c

+105 −41

Original line number	Original line	Diff line number	Diff line
	@@ -6,6 +6,7 @@
	#include <asm/cp15.h>		#include <asm/cp15.h>
	#include <asm/cputype.h>		#include <asm/cputype.h>
	#include <asm/proc-fns.h>		#include <asm/proc-fns.h>
			#include <asm/spectre.h>
	#include <asm/system_misc.h>		#include <asm/system_misc.h>

	/*		/*
	@@ -21,6 +22,32 @@ static int __init nospectre_v2_setup(char *str)
	}		}
	early_param("nospectre_v2", nospectre_v2_setup);		early_param("nospectre_v2", nospectre_v2_setup);

			#ifdef CONFIG_ARM_PSCI
			static int __maybe_unused spectre_v2_get_cpu_fw_mitigation_state(void)
			{
			struct arm_smccc_res res;

			arm_smccc_1_1_invoke(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
			ARM_SMCCC_ARCH_WORKAROUND_1, &res);

			switch ((int)res.a0) {
			case SMCCC_RET_SUCCESS:
			return SPECTRE_MITIGATED;

			case SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED:
			return SPECTRE_UNAFFECTED;

			default:
			return SPECTRE_VULNERABLE;
			}
			}
			#else
			static int __maybe_unused spectre_v2_get_cpu_fw_mitigation_state(void)
			{
			return SPECTRE_VULNERABLE;
			}
			#endif

	#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR		#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
	DEFINE_PER_CPU(harden_branch_predictor_fn_t, harden_branch_predictor_fn);		DEFINE_PER_CPU(harden_branch_predictor_fn_t, harden_branch_predictor_fn);

	@@ -49,19 +76,67 @@ static void __maybe_unused call_hvc_arch_workaround_1(void)
	arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);		arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
	}		}

	static void cpu_v7_spectre_init(void)		static unsigned int spectre_v2_install_workaround(unsigned int method)
	{		{
	const char *spectre_v2_method = NULL;		const char *spectre_v2_method = NULL;
	int cpu = smp_processor_id();		int cpu = smp_processor_id();

			if (per_cpu(harden_branch_predictor_fn, cpu))
			return SPECTRE_MITIGATED;

			switch (method) {
			case SPECTRE_V2_METHOD_BPIALL:
			per_cpu(harden_branch_predictor_fn, cpu) =
			harden_branch_predictor_bpiall;
			spectre_v2_method = "BPIALL";
			break;

			case SPECTRE_V2_METHOD_ICIALLU:
			per_cpu(harden_branch_predictor_fn, cpu) =
			harden_branch_predictor_iciallu;
			spectre_v2_method = "ICIALLU";
			break;

			case SPECTRE_V2_METHOD_HVC:
			per_cpu(harden_branch_predictor_fn, cpu) =
			call_hvc_arch_workaround_1;
			cpu_do_switch_mm = cpu_v7_hvc_switch_mm;
			spectre_v2_method = "hypervisor";
			break;

			case SPECTRE_V2_METHOD_SMC:
			per_cpu(harden_branch_predictor_fn, cpu) =
			call_smc_arch_workaround_1;
			cpu_do_switch_mm = cpu_v7_smc_switch_mm;
			spectre_v2_method = "firmware";
			break;
			}

			if (spectre_v2_method)
			pr_info("CPU%u: Spectre v2: using %s workaround\n",
			smp_processor_id(), spectre_v2_method);

			return SPECTRE_MITIGATED;
			}
			#else
			static unsigned int spectre_v2_install_workaround(unsigned int method)
			{
			pr_info("CPU%u: Spectre V2: workarounds disabled by configuration\n",
			smp_processor_id());

			return SPECTRE_VULNERABLE;
			}
			#endif

			static void cpu_v7_spectre_v2_init(void)
			{
			unsigned int state, method = 0;

	if (nospectre_v2) {		if (nospectre_v2) {
	pr_info_once("Spectre v2: hardening is disabled\n");		pr_info_once("Spectre v2: hardening is disabled\n");
	return;		return;
	}		}

	if (per_cpu(harden_branch_predictor_fn, cpu))
	return;

	switch (read_cpuid_part()) {		switch (read_cpuid_part()) {
	case ARM_CPU_PART_CORTEX_A8:		case ARM_CPU_PART_CORTEX_A8:
	case ARM_CPU_PART_CORTEX_A9:		case ARM_CPU_PART_CORTEX_A9:
	@@ -69,68 +144,57 @@ static void cpu_v7_spectre_init(void)
	case ARM_CPU_PART_CORTEX_A17:		case ARM_CPU_PART_CORTEX_A17:
	case ARM_CPU_PART_CORTEX_A73:		case ARM_CPU_PART_CORTEX_A73:
	case ARM_CPU_PART_CORTEX_A75:		case ARM_CPU_PART_CORTEX_A75:
	per_cpu(harden_branch_predictor_fn, cpu) =		state = SPECTRE_MITIGATED;
	harden_branch_predictor_bpiall;		method = SPECTRE_V2_METHOD_BPIALL;
	spectre_v2_method = "BPIALL";
	break;		break;

	case ARM_CPU_PART_CORTEX_A15:		case ARM_CPU_PART_CORTEX_A15:
	case ARM_CPU_PART_BRAHMA_B15:		case ARM_CPU_PART_BRAHMA_B15:
	per_cpu(harden_branch_predictor_fn, cpu) =		state = SPECTRE_MITIGATED;
	harden_branch_predictor_iciallu;		method = SPECTRE_V2_METHOD_ICIALLU;
	spectre_v2_method = "ICIALLU";
	break;		break;

	#ifdef CONFIG_ARM_PSCI
	case ARM_CPU_PART_BRAHMA_B53:		case ARM_CPU_PART_BRAHMA_B53:
	/* Requires no workaround */		/* Requires no workaround */
			state = SPECTRE_UNAFFECTED;
	break;		break;

	default:		default:
	/* Other ARM CPUs require no workaround */		/* Other ARM CPUs require no workaround */
	if (read_cpuid_implementor() == ARM_CPU_IMP_ARM)		if (read_cpuid_implementor() == ARM_CPU_IMP_ARM) {
			state = SPECTRE_UNAFFECTED;
	break;		break;
			}

	fallthrough;		fallthrough;

	/* Cortex A57/A72 require firmware workaround */		/* Cortex A57/A72 require firmware workaround */
	case ARM_CPU_PART_CORTEX_A57:		case ARM_CPU_PART_CORTEX_A57:
	case ARM_CPU_PART_CORTEX_A72: {		case ARM_CPU_PART_CORTEX_A72:
	struct arm_smccc_res res;		state = spectre_v2_get_cpu_fw_mitigation_state();
			if (state != SPECTRE_MITIGATED)
	arm_smccc_1_1_invoke(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,		break;
	ARM_SMCCC_ARCH_WORKAROUND_1, &res);
	if ((int)res.a0 != 0)
	return;

	switch (arm_smccc_1_1_get_conduit()) {		switch (arm_smccc_1_1_get_conduit()) {
	case SMCCC_CONDUIT_HVC:		case SMCCC_CONDUIT_HVC:
	per_cpu(harden_branch_predictor_fn, cpu) =		method = SPECTRE_V2_METHOD_HVC;
	call_hvc_arch_workaround_1;
	cpu_do_switch_mm = cpu_v7_hvc_switch_mm;
	spectre_v2_method = "hypervisor";
	break;		break;

	case SMCCC_CONDUIT_SMC:		case SMCCC_CONDUIT_SMC:
	per_cpu(harden_branch_predictor_fn, cpu) =		method = SPECTRE_V2_METHOD_SMC;
	call_smc_arch_workaround_1;
	cpu_do_switch_mm = cpu_v7_smc_switch_mm;
	spectre_v2_method = "firmware";
	break;		break;

	default:		default:
			state = SPECTRE_VULNERABLE;
	break;		break;
	}		}
	}		}
	#endif
	}

	if (spectre_v2_method)		if (state == SPECTRE_MITIGATED)
	pr_info("CPU%u: Spectre v2: using %s workaround\n",		state = spectre_v2_install_workaround(method);
	smp_processor_id(), spectre_v2_method);
	}		spectre_v2_update_state(state, method);
	#else
	static void cpu_v7_spectre_init(void)
	{
	}		}
	#endif

	static __maybe_unused bool cpu_v7_check_auxcr_set(bool *warned,		static __maybe_unused bool cpu_v7_check_auxcr_set(bool *warned,
	u32 mask, const char *msg)		u32 mask, const char *msg)
	@@ -160,16 +224,16 @@ static bool check_spectre_auxcr(bool *warned, u32 bit)
	void cpu_v7_ca8_ibe(void)		void cpu_v7_ca8_ibe(void)
	{		{
	if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(6)))		if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(6)))
	cpu_v7_spectre_init();		cpu_v7_spectre_v2_init();
	}		}

	void cpu_v7_ca15_ibe(void)		void cpu_v7_ca15_ibe(void)
	{		{
	if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(0)))		if (check_spectre_auxcr(this_cpu_ptr(&spectre_warned), BIT(0)))
	cpu_v7_spectre_init();		cpu_v7_spectre_v2_init();
	}		}

	void cpu_v7_bugs_init(void)		void cpu_v7_bugs_init(void)
	{		{
	cpu_v7_spectre_init();		cpu_v7_spectre_v2_init();
	}		}