Commit 9d0d9256 authored by James Morse's avatar James Morse Committed by Zheng Zengkai
Browse files

arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations 

stable inclusion
from stable-v5.10.105
commit 49379552969acee3237387cc258848437e127d98
category: bugfix
bugzilla: 186460 https://gitee.com/src-openeuler/kernel/issues/I53MHA
CVE: CVE-2022-23960

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=49379552969a



--------------------------------

commit aff65393 upstream.

kpti is an optional feature, for systems not using kpti a set of
vectors for the spectre-bhb mitigations is needed.

Add another set of vectors, __bp_harden_el1_vectors, that will be
used if a mitigation is needed and kpti is not in use.

The EL1 ventries are repeated verbatim as there is no additional
work needed for entry from EL1.

Reviewed-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
Reviewed-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarJames Morse <james.morse@arm.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarChen Jiahao <chenjiahao16@huawei.com>
Reviewed-by: default avatarLiao Chang <liaochang1@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 8dee0149

arch/arm64/kernel/entry.S

+34 −1
Original line number Diff line number Diff line
@@ -807,10 +807,11 @@ alternative_else_nop_endif 
	.macro tramp_ventry, vector_start, regsize, kpti

	.align	7

1:

	.if	\kpti == 1

	.if	\regsize == 64

	msr	tpidrro_el0, x30	// Restored in kernel_ventry

	.endif



	.if	\kpti == 1

	/*

	 * Defend against branch aliasing attacks by pushing a dummy

	 * entry onto the return stack and using a RET instruction to
@@ -897,6 +898,38 @@ SYM_DATA_END(__entry_tramp_data_start) 
#endif /* CONFIG_RANDOMIZE_BASE */

#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */



/*

 * Exception vectors for spectre mitigations on entry from EL1 when

 * kpti is not in use.

 */

	.macro generate_el1_vector

.Lvector_start\@:

	kernel_ventry	1, sync_invalid			// Synchronous EL1t

	kernel_ventry	1, irq_invalid			// IRQ EL1t

	kernel_ventry	1, fiq_invalid			// FIQ EL1t

	kernel_ventry	1, error_invalid		// Error EL1t



	kernel_ventry	1, sync				// Synchronous EL1h

	kernel_ventry	1, irq				// IRQ EL1h

	kernel_ventry	1, fiq_invalid			// FIQ EL1h

	kernel_ventry	1, error			// Error EL1h



	.rept	4

	tramp_ventry	.Lvector_start\@, 64, kpti=0

	.endr

	.rept 4

	tramp_ventry	.Lvector_start\@, 32, kpti=0

	.endr

	.endm



	.pushsection ".entry.text", "ax"

	.align	11

SYM_CODE_START(__bp_harden_el1_vectors)

	generate_el1_vector

SYM_CODE_END(__bp_harden_el1_vectors)

	.popsection





/*

 * Register switch for AArch64. The callee-saved registers need to be saved

 * and restored. On entry: