From patchwork Mon Jan 8 07:24:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jayachandran C X-Patchwork-Id: 10149123 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 50E1E601A1 for ; Mon, 8 Jan 2018 07:24:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 411A8288DD for ; Mon, 8 Jan 2018 07:24:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 351DD288E2; Mon, 8 Jan 2018 07:24:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_MED autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B4BC528893 for ; Mon, 8 Jan 2018 07:24:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=o03Gk5zKstjfJwRJ866cwHCJEg5C3YYPxXvu6xX7GK0=; b=HML+nU/PpZjUHQ PtNDu2FoiDPQwImfDULv9KuEcpSHI0/9XQzWLh9pO3+MwMNmz90leySAuTUOsuXk2SOIpGIN4Gxhy KgPWAREAy15MxCu9WMB5xHnbqVyEMvodUhAbhstPvbPHLBVOiGtkTc30dbAfmExZ2A9EkQGrQ3sLR Fa2u/qB0LyPRQl+98C49AnaHl9Ql8y4F/dERr0Bi1wH4w0I0+NqarCTYtZ57j+ctz5B+QvHFYadkb uiEK3M3UCXe9lrj6MoPPGiKagI82wVPGamWyOWwiPxo1BPVV7nxeJSxLivZd+j00hgR3hwwWN8ac3 n3wKQRnNaVYZ8ivjkC3g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1eYRnM-0007D6-Vx; Mon, 08 Jan 2018 07:24:33 +0000 Received: from mail-sn1nam02on0067.outbound.protection.outlook.com ([104.47.36.67] helo=NAM02-SN1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1eYRnJ-00075e-QD for linux-arm-kernel@lists.infradead.org; Mon, 08 Jan 2018 07:24:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=XWAP8MyglQ4jKFcHZUrDIFNar2QRF9i+trjIHw16Nro=; b=Kzy0KShJcqYwPcHxj1EulQyH6twxo6cnyGpEf2tO+qdoGjoQ4S+yYUFcP/aNWBInsY+aRgjhTKNcDnfFldLlwx8P4S3g+Aykcc9FczT1NliMRCCu7bs2zvjxupZXhqMRUgVuqZPPSj1ObkpW7F75ZECgZ9mUWcTjLR/hAcoMIIU= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Jayachandran.Nair@cavium.com; Received: from jc-sabre (50.233.148.156) by CO2PR0701MB1061.namprd07.prod.outlook.com (10.160.8.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Mon, 8 Jan 2018 07:24:15 +0000 Date: Sun, 7 Jan 2018 23:24:02 -0800 From: Jayachandran C To: Will Deacon Subject: Re: [v2,03/11] arm64: Take into account ID_AA64PFR0_EL1.CSV3 Message-ID: <20180108072253.GA178830@jc-sabre> References: <1515157961-20963-4-git-send-email-will.deacon@arm.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1515157961-20963-4-git-send-email-will.deacon@arm.com> User-Agent: Mutt/1.5.24 (2015-08-30) X-Originating-IP: [50.233.148.156] X-ClientProxiedBy: MWHPR1301CA0005.namprd13.prod.outlook.com (10.174.164.146) To CO2PR0701MB1061.namprd07.prod.outlook.com (10.160.8.140) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 208a44a7-c127-4f8b-42fd-08d55668d2fb X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CO2PR0701MB1061; X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 3:tDlCCaVeD4gOdiBq3l6yp9q0+6b0nM+ha68B10NpP39mzkPn5wzQkxUVfsTJ71ZHwB0TPeCctuq+EKIkkH+tdrSPfuiiLEyJIpFGZi+OvwW5CDbiJpVeRkC8ASUFsjkdLCnqyAidi3YOqDEd8O0bK4NHsEiXQ5CKA7DeI1XQTmbnV3WMobOSZBWM8JQebeobR2ee3+Af2rth9jyDQlnTbMlGop3hu5dVOzkX1IAY6Vog3ya2sQq/0fiQ+zk4j5m9; 25:kRnS3lwUzl9uRjsSUOSlVzJqo2t9XLn9zFRuG3YeSINQG6PX3ga8kum/OG4ReBz/eYnRqxnSiC04jdeiErsj5dEUGwacOZd/mvEhcPLUbvlNZrCYp+k96fNLp3ZtdSVHBWaVkFwOKSnA1oi6rTLRQLWOE9wSu4HzUFmaAIobJ0DAlvv819rrwSWOkbJccpGKpJ2MOX9GD/Ya/CYPUDF2J3Fq5GhEqG6svvaq9XAIeFBvqIECaMQo6y2ePRXyRAes79QDcglHN593yXBZg/p/6z/jbi1uKLfd+7ZoWOJ5/r3xXFcX+u2dG5LGPtDI0i5KvksNLLd4TQFdNcvS7WFKpw==; 31:rgx/FXShaCKYDTmbfRHLOH/ceuEhsVdXmDsezJI7ypxelmyKwJW4sgRIphI6GJhHtZPjaNvqm+9NIeAKH0iXWakEeQ8fMiORKKMkQbjR2BK6tVmbEusST+9k/Tp/gpEAAJq8NOzZaFoPXnTZU99R8juu9VvQRR1ZIobJRu4cvPGVyzfNHpLP9FaN6HQHREQIao8PYRXvTseqqm1IQaXRMQgfZv/aqdqWlYSzBb2oq7w= X-MS-TrafficTypeDiagnostic: CO2PR0701MB1061: X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 20:OLvJHw6RIhYhn+NNcVL1+++HInTE/x0g/8hv1J5sEPktStkTv37xrfJ7pbYBfnUtUwThh9KsCW/FcLMCl7VPEGCEc/onmBPBOCDWsCVr0pOj8mZzrPOGb+CPajqxMmol0k4tq2kUB1b+BFa16n1otnvxaYy5FHPwDVWcD4igW0qzRzeeImMGcvXm/2CKMXqUWvC1vJ6Lv/RfVljI1CdhmIZ7m/1e3helaUcAmx9fIbr2MuJ7WwSXFyFC/z/vdTxJThbzijr2X6o89BkCL8x0Q//4jh5V38gT46/X2owctySoZUxNLA8NCcnrYIm218vyuvZ/iZG28w89TXWYh1MsTSYAk0baonhPC9Y0LWil/NNHLfOcNYptdB7vMecSpOoYE886lt9SQCCDuEjonoeooPMIHCj8fqIkVCg4+mB69NkIEikgBFGxcH621ujIdcyfZuQNUkXVQr/yXGWy3IKBd1hRB6kRjV/IJeKqfyJ+qV7p9Kx1cwp7dGH1JnNkpWdoyWsQPmBMOP6VET2f5qibiVpHu22ArLyVygm2u/qw97CMMpH9Ebc5RHA1ttMytNBzreXRYstcyXkqp0W2BEl6RmwlXu6ynluEQouRUculAiY=; 4:g6B9DRWvPhz6Am42ME6O+nZrYGXJc4iPZipfu9HGPGEJRi6J55SAf23M06TQ20/LBG+RL2I5BHnkbbB3s6vwucr2zNr9Nwwmd1Bxg8GvXbZXHOFa4IcFeHeJVACqaCc/uPNkbKPAw4+blE26hJGcgEHD8SDqYLPqoiw8xMwGic7Y9llP+3Xd92ly5pAGQ8HZu+Hn2aCdo5Jy5ly2AqIXmNAFB6wu4kSzOIaOomIv1ZbP22CxTQI9DzzA741VU34G/aScu7vWH5RjQnoP9pUfvF5UyI8bINwmX/LaP9v+ETF/THdNK3tTgydfsyM7Hm1o X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(180628864354917); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(3231023)(944501075)(3002001)(10201501046)(93006095)(6041268)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:CO2PR0701MB1061; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CO2PR0701MB1061; X-Forefront-PRVS: 054642504A X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(39380400002)(396003)(376002)(346002)(39850400004)(199004)(189003)(24454002)(87496004)(55016002)(81166006)(8676002)(81156014)(6246003)(9686003)(25786009)(4326008)(7736002)(229853002)(305945005)(66066001)(47776003)(97736004)(16586007)(58126008)(478600001)(16526018)(53936002)(72206003)(316002)(6666003)(23726003)(83506002)(6916009)(33716001)(42882006)(2950100002)(68736007)(59450400001)(386003)(33656002)(76176011)(6496006)(52116002)(3846002)(6116002)(33896004)(1076002)(8936002)(50466002)(105586002)(2906002)(5660300001)(106356001)(18370500001)(107986001); DIR:OUT; SFP:1101; SCL:1; SRVR:CO2PR0701MB1061; H:jc-sabre; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CO2PR0701MB1061; 23:k/NHeco1P14hRKtyvD7ThB4KvNiqQAbARZ/EYrD?= =?us-ascii?Q?L7auYezAJRSqu9WtqHB88zsVWOhSwKKdtPsErLMmram5yU8fVAJkUj2d1EKe?= =?us-ascii?Q?SjV4jrEDq+l1LrdL2HLJ89F7gV7/Dt5iRvW/e1bF/ANf3f7DSlS/u9L3sfdY?= =?us-ascii?Q?lPrq/UeHgHFWI3ctBufQhlkuG/1TH3xJJ7Endqxl8bevGwrY13KnuJ5FoYa6?= =?us-ascii?Q?HXceXQzbQk9EYn56xtqm5vAglKNofOUo/mh9UngUY3zn5H5/ZsTByOnmnRSJ?= =?us-ascii?Q?q3MBu6lXwEuITdRXioC0hPucw2XGbxFvhhPNibJ4oY2QOdWORlq5SZi8loU2?= =?us-ascii?Q?7ROEEiT9ihXfkLk3+PtXSJrV2g4fAMxu1H8jYq+fd/dSEHDhRsfbjoL5bkc9?= =?us-ascii?Q?BG9HYJdVdbeUkKJq7JnEICWGCWqzY/YJQOFZsPbJMgF+LqVKd7k1949Rjyhh?= =?us-ascii?Q?NDAWbidhOGAHGr7cn/YHGZ1lbjrjfbBl+MD1cGzui8SJ4pH5KJ+m2PVDm/nU?= =?us-ascii?Q?CYOx6KsL1n8OoST9t3xYS+Zdwj0lG+b0tdjjgqwQ5VkbxEMeB1l1dbOUuoKu?= =?us-ascii?Q?R0gDwYuhc/CS7psNcVsOLlb4L6ZoinVhwlYUmlNLcJ0muOVISMPokiufwve9?= =?us-ascii?Q?3gaVrp373lHc8GQh7qBGkanwUr4Epxmv1uUuuOavPnGQqUc5lSmrJmN5nWXu?= =?us-ascii?Q?wQGCDTMigYP+G5RrMau5aNBUWa5JIyHQlX+OxXOAnQd82b+F903delh6l4vG?= =?us-ascii?Q?/+rEdHYH3QQNz5txLEmf9HXLCe6jg8Q+gJp2lX+L71VpV5FLa3uqHxO3zOCl?= =?us-ascii?Q?fCahzxLWAPBKEJpAXz7Ja454K46Nf1wD9vmPxIt5/AWwKHcCC1T14FRKQcv8?= =?us-ascii?Q?NunEitcgeQilFUAjvob+4cxd0hDrLyrTbyYg7/K44XqdVA92lXgcv3Uqm8eg?= =?us-ascii?Q?yfbLEhid9J4Y0E/2tq1PfkjARla2q0UYsqE0+/k86YYmcXrCwszEDMO68sOO?= =?us-ascii?Q?uS6KC3CIefH2/JNBWmb66pPL4mBr93zKyqf+oA90CbdaHstA8sQ8a/Tv6k3w?= =?us-ascii?Q?4xWxiZp9ZAaMoRXl9vPKzJtgnCUQkEpOhZekP6XuzfAi/IGmcnrQAvSM4msg?= =?us-ascii?Q?KupPGahX+nFzlF7rmbndxJV+X9mtHOkaKD1giAGgkPVZsicsHrsC68uSB8/V?= =?us-ascii?Q?a/0ZD0W+Cbp3JAKmTUs6OoO9guf+sERUKWhalSUuz+iAxxdwJSnG8zVbadUQ?= =?us-ascii?Q?HtOjQQ/sK1Ipz4mfhA0lFj6IeYeHATxZGfDfeSvIUZXXVoSlbfsKsAFPOT8a?= =?us-ascii?Q?enI9MIv3YWdRQQn/2BWQ8ZJk=3D?= X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 6:0mgvKCSLKeTmlEgJOcu1Ia+oVWGMNdv4r1W1ykX5xD0J3G5Hi0PDS73zvAGoeW5jvU6IHAfxu77ceW1gtTZLb0AYqpSbznBt/91Z+VXbkq/MEPOe4eHnf6cFXGkPmV5JE+ZJkxaaxoqKdLvcrejkqWSLkoROCIMfoYOqLphjtg3kSl0BCLHAc8dKRuaoRjpwmhLgTXRd/vbNJLCvWYIIX6qxvf4MbKohbn3FWKADjRgBxDhcT88xgfxoWkGy5UVWwmlcRrBKekxMUjcJ2o0gkfOVzSONICO15iW3ypUxOEd4KQQbnwMutmVzX3vW8a0gsw+X59TvU/882YlnK5p1Xwycjr1twGT6IRZxJruwYGI=; 5:DX3laVpB3lGNiXCcLXkBWHRg5S1bmyySUBYnbUM4yApqs0jlxat/WkGV2Jk/luUyBuQ3J+mwaXmfS8EjsiZlS0vuemnqlcRSsS/oGWI61LkdHSHXlF+ivXUsQmS7M9kZM1Ma6JDPwiOptMQT9nYoq6H6qUNNdx2EkO0berHahD0=; 24:khJMEze5tbdODPdc89Q/Pa8uKG6UrWEuhdmSBW2rbK1wJ/Y2Z3FEQ/wpDEYvzDIM3tX0540GQ1IML4FiHfzlScRl2F6DtR0tMuw7lr4VcUc=; 7:HGgsz4ScNiNndHKcx2ev9e6SygrodI3yUEJhsBBLiOMhKIjVGWpmgBaCbX1FF2ExLZM8kOpwJPNIg3o3cUNyH5jHCjMuLoWADsSFLmkW1Hlpv3KgzGDEh/jTxgdiFngJt0IuOLpB1pJ72sjlpyuc8pN6uxP1XOYT9IBEZGIa+fzZXGmiNGC03KFlHL6e+Yq4TMl94A2pFjPtYcQB1iuQGCbxCx8UVGDwDl36nAGlRX3RWCqT5+2UJNcpavVDJAaQ SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jan 2018 07:24:15.5910 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 208a44a7-c127-4f8b-42fd-08d55668d2fb X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR0701MB1061 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180107_232429_938049_9D6DB61F X-CRM114-Status: GOOD ( 18.87 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: lorenzo.pieralisi@arm.com, ard.biesheuvel@linaro.org, marc.zyngier@arm.com, catalin.marinas@arm.com, linux-kernel@vger.kernel.org, christoffer.dall@linaro.org, labbott@redhat.com, linux-arm-kernel@lists.infradead.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On Fri, Jan 05, 2018 at 01:12:33PM +0000, Will Deacon wrote: > For non-KASLR kernels where the KPTI behaviour has not been overridden > on the command line we can use ID_AA64PFR0_EL1.CSV3 to determine whether > or not we should unmap the kernel whilst running at EL0. > > Reviewed-by: Suzuki K Poulose > Signed-off-by: Will Deacon > --- > arch/arm64/include/asm/sysreg.h | 1 + > arch/arm64/kernel/cpufeature.c | 8 +++++++- > 2 files changed, 8 insertions(+), 1 deletion(-) > > diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h > index 08cc88574659..ae519bbd3f9e 100644 > --- a/arch/arm64/include/asm/sysreg.h > +++ b/arch/arm64/include/asm/sysreg.h > @@ -437,6 +437,7 @@ > #define ID_AA64ISAR1_DPB_SHIFT 0 > > /* id_aa64pfr0 */ > +#define ID_AA64PFR0_CSV3_SHIFT 60 > #define ID_AA64PFR0_SVE_SHIFT 32 > #define ID_AA64PFR0_GIC_SHIFT 24 > #define ID_AA64PFR0_ASIMD_SHIFT 20 > diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c > index 9f0545dfe497..d723fc071f39 100644 > --- a/arch/arm64/kernel/cpufeature.c > +++ b/arch/arm64/kernel/cpufeature.c > @@ -145,6 +145,7 @@ static const struct arm64_ftr_bits ftr_id_aa64isar1[] = { > }; > > static const struct arm64_ftr_bits ftr_id_aa64pfr0[] = { > + ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_CSV3_SHIFT, 4, 0), > ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_SVE_SHIFT, 4, 0), > ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_GIC_SHIFT, 4, 0), > S_ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_ASIMD_SHIFT, 4, ID_AA64PFR0_ASIMD_NI), > @@ -851,6 +852,8 @@ static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ > static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, > int __unused) > { > + u64 pfr0 = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1); > + > /* Forced on command line? */ > if (__kpti_forced) { > pr_info_once("kernel page table isolation forced %s by command line option\n", > @@ -862,7 +865,9 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, > if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) > return true; > > - return false; > + /* Defer to CPU feature registers */ > + return !cpuid_feature_extract_unsigned_field(pfr0, > + ID_AA64PFR0_CSV3_SHIFT); If I read this correctly, this enables KPTI on all processors without the CSV3 set (which seems to be a future capability). Turning on KPTI has a small but significant overhead, so I think we should turn it off on processors that are not vulnerable to CVE-2017-5754. Can we add something like this: --->8 diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 19ed09b..202b037 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -862,6 +862,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, return __kpti_forced > 0; } + /* Don't force KPTI for CPUs that are not vulnerable */ + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) { + case MIDR_CAVIUM_THUNDERX2: + case MIDR_BRCM_VULCAN: + return false; + } + /* Useful for KASLR robustness */ if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) return true;