On 22/05/2019 11:35, Marc Zyngier wrote: > On 22/05/2019 10:17, Marc Gonzalez wrote: > >> The following dmesg log caught my eye, and might be relevant: >> >> ARM_SMCCC_ARCH_WORKAROUND_1 missing from firmware >> >> Is that bad, doctor? I don't think it would explain the crash though... > > It doesn't explain it. > > It is bad though: your vendor doesn't tell the kernel about the HW being > free of Spectre-v2, and doesn't provide a mitigation either. Hopefully, > this is a responsible vendor that will provide you with a firmware > update that fixes it. # cd /sys/devices/system/cpu/vulnerabilities/ # grep "" * l1tf:Not affected mds:Not affected meltdown:Mitigation: PTI spec_store_bypass:Vulnerable spectre_v1:Mitigation: __user pointer sanitization spectre_v2:Vulnerable OK, so there are apparently two unmitigated vulns, spec_store_bypass and spectre_v2. These vulns need to be mitigated in FW because otherwise some secure property of the secure OS could be violated? Or because disabling the faulty optimization requires secure privileges? Some documentation, for my own reference: https://elixir.bootlin.com/linux/latest/source/Documentation/ABI/testing/sysfs-devices-system-cpu https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability Regards.
