Re: [PATCH RFC 5/5] arm64/speculation: Add support for 'cpu_spec_mitigations=' cmdline options

Steven Price <steven.price@xxxxxxx> · Fri, 5 Apr 2019 15:39:58 +0100

On 04/04/2019 17:44, Josh Poimboeuf wrote:
> Configure arm64 runtime CPU speculation bug mitigations in accordance
> with the 'cpu_spec_mitigations=' cmdline options.  This affects
> Meltdown and Speculative Store Bypass.
> 
> The default behavior is unchanged.
> 
> Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> ---
>  Documentation/admin-guide/kernel-parameters.txt | 2 ++
>  arch/arm64/kernel/cpu_errata.c                  | 4 ++++
>  arch/arm64/kernel/cpufeature.c                  | 6 ++++++
>  3 files changed, 12 insertions(+)
> 
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index e838af96daa4..0b54385ee7a8 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -2553,11 +2553,13 @@
>  			off
>  				Disable all speculative CPU mitigations.
>  				Equivalent to: nopti [x86, powerpc]
> +					       kpti=0 [arm64]
>  					       nospectre_v1 [powerpc]
>  					       nospectre_v2 [x86, powerpc, s390]
>  					       spectre_v2_user=off [x86]
>  					       nobp=0 [s390]
>  					       spec_store_bypass_disable=off [x86, powerpc]
> +					       ssbd=force-off [arm64]
>  					       l1tf=off [x86]
>  
>  			auto (default)
> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> index 9950bb0cbd52..db8d27e3fb1c 100644
> --- a/arch/arm64/kernel/cpu_errata.c
> +++ b/arch/arm64/kernel/cpu_errata.c
> @@ -19,6 +19,7 @@
>  #include <linux/arm-smccc.h>
>  #include <linux/psci.h>
>  #include <linux/types.h>
> +#include <linux/cpu.h>
>  #include <asm/cpu.h>
>  #include <asm/cputype.h>
>  #include <asm/cpufeature.h>
> @@ -385,6 +386,9 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry,
>  		return false;
>  	}
>  
> +	if (cpu_spec_mitigations == CPU_SPEC_MITIGATIONS_OFF)
> +		ssbd_state = ARM64_SSBD_FORCE_DISABLE;
> +
>  	switch (psci_ops.conduit) {
>  	case PSCI_CONDUIT_HVC:
>  		arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 4061de10cea6..4512b582d50f 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -25,6 +25,7 @@
>  #include <linux/stop_machine.h>
>  #include <linux/types.h>
>  #include <linux/mm.h>
> +#include <linux/cpu.h>
>  #include <asm/cpu.h>
>  #include <asm/cpufeature.h>
>  #include <asm/cpu_ops.h>
> @@ -978,6 +979,11 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
>  		__kpti_forced = -1;
>  	}
>  
> +	if (cpu_spec_mitigations == CPU_SPEC_MITIGATIONS_OFF) {
> +		str = "cpu_spec_mitigations=off";

Might also be worth changing the initialisation of str, currently it is:

> 	char const *str = "command line option";

But now we have two command line options, perhaps "kpti command line
option".

Steve

> +		__kpti_forced = -1;
> +	}
> +
>  	/* Forced? */
>  	if (__kpti_forced) {
>  		pr_info_once("kernel page table isolation forced %s by %s\n",
> 