From patchwork Wed Sep 26 13:56:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Thierry X-Patchwork-Id: 10616045 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3A3F9913 for ; Wed, 26 Sep 2018 14:12:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 338362B059 for ; Wed, 26 Sep 2018 14:12:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 274D12B060; Wed, 26 Sep 2018 14:12:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 7D53A2B059 for ; Wed, 26 Sep 2018 14:12:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=dPa45UGpY8bDCXPTC9j1A8XttCDYqZ+DXyfcrauipyU=; b=GF3NrGaeEDvihxlBoWvzq5VBx9 5a0Ljn5GKrTt6zqFWUV3Vb+rCLEcTralRWi9Yc1ZwWYpajsEzYCBvOdx/Vo1PbOu1iIJP7JF8EPAd sgwV/PDCYqNIL0TYk974DyMSQIMEsyfJyhE+G8u7u15c/kFN1anZ3hvJ8Gy6fQ6FsI4ZA89eDbeMs ZmObdRegv06x5nOxuEwUkkQNHvdmiS7XLwzP0I+Iv6Y3v7t3e6YfDtSbQqBtmfkIshmElLGfw4Is5 cJpNkdLoI7pB/JWK/ewz7npO2GN3D5+wQGKO7TRLOVL8oj57vZPkE+7ttFMjoqaSgQpl7JlLRvrHa lY8r5pew==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1g5AXp-0007jQ-1S; Wed, 26 Sep 2018 14:12:01 +0000 Received: from foss.arm.com ([217.140.101.70]) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1g5AK9-0007W4-9J for linux-arm-kernel@lists.infradead.org; Wed, 26 Sep 2018 13:58:10 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7A8B51684; Wed, 26 Sep 2018 06:56:39 -0700 (PDT) Received: from e112298-lin.Emea.Arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id CAB963F5B3; Wed, 26 Sep 2018 06:56:37 -0700 (PDT) From: Julien Thierry To: linux-arm-kernel@lists.infradead.org Subject: [PATCH 5/7] arm64: Do not apply BP hardening for hyp entries from EL2 Date: Wed, 26 Sep 2018 14:56:22 +0100 Message-Id: <1537970184-44348-6-git-send-email-julien.thierry@arm.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1537970184-44348-1-git-send-email-julien.thierry@arm.com> References: <1537970184-44348-1-git-send-email-julien.thierry@arm.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180926_065753_384622_9A801E35 X-CRM114-Status: GOOD ( 12.11 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Julien Thierry , marc.zyngier@arm.com, catalin.marinas@arm.com, will.deacon@arm.com, christoffer.dall@arm.com, kvmarm@lists.cs.columbia.edu, james.morse@arm.com, Dave.Martin@arm.com MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP When an EL2 entry of __kvm_hyp_vector is taken, it means an entry from a lower EL was previously taken to exit the guest. Taking that lower EL entry already applied BP hardening if it was needed, so there is no need to do it again. Only apply BP hardening for exception coming from lower EL. Signed-off-by: Julien Thierry Cc: kvmarm@lists.cs.columbia.edu --- arch/arm64/kernel/cpu_errata.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) -- 1.9.1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index dec1089..9db5ecc 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -103,10 +103,16 @@ static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start, void *dst = lm_alias(__bp_harden_hyp_vecs_start + slot * SZ_2K); int i; - for (i = 0; i < SZ_2K; i += 0x80) + /* + * Only overwrite hyp entries for exceptions from lower EL. + * Exception vection vector is 2K bytes, first 1K bytes concern + * exception from EL2 (EL2t, EL2h), last 1K concert lower exception + * levels (ELx-64bits, ELx-32bits). + */ + for (i = SZ_1K; i < SZ_2K; i += 0x80) memcpy(dst + i, hyp_vecs_start, hyp_vecs_end - hyp_vecs_start); - __flush_icache_range((uintptr_t)dst, (uintptr_t)dst + SZ_2K); + __flush_icache_range((uintptr_t)dst + SZ_1K, (uintptr_t)dst + SZ_2K); } static void __install_bp_hardening_cb(bp_hardening_cb_t fn,