Hi,
On 5.02.2014 19:17, Sebastian Reichel wrote:
Hi,
On Wed, Feb 05, 2014 at 05:38:54PM +0100, Pali Rohár wrote:
I assumed, that the workaround is not needed for this device type.
That rx51 secure call must not be called on non secure devices (e.g.
qemu), because it cause kernel crash. So I thought that kernel should
write something like secure call is disabled on that device types.
Kernel code for errata 430973 will update ibe bit for non secure
devices.
Do you see any advantage in having that message?
AIUI it will appear only when booting the kernel in "qemu -m rx51...", I
am not aware of any other non-secure device manifesting itself as RX51.
So there is little advantage of having that additional message IMO.
I just added the warning for missing CONFIG_ARM_ERRATA_430973,
because its very likely a misconfigured kernel.
Yes, it can be misconfigured kernel, but if you do not have any thumb
binary (like stock Maemo 5 system), then it is safe and OK.
I think running this kernel may also be a potential security
problem. If I understand it right the ARM core is left in an
unstable state when you run Thumb code, so this may result in
funny effects in the kernel?
-- Sebastian
In theory having that workaround disabled might be a security problem,
but honestly, knowing its nature I don't think it is easily exploitable,
if at all. The final result when bitten by it is a SIGILL, but in
userspace, not in the kernel(assuming the kernel is ARM), and userspace
runs in totally different mode (nonsecure, nonprivileged) compared to
the kernel(nonsecure, privileged) and IIRC every mode has its own set of
stack, registers etc. BTW I don't think the kernel itself can be
thumb2-compiled for cores with that errata, but I might wrong. Also, as
Pali noted, the problem appears if and only if there is an userspace
binary containing thumb2 code. If all of the userspace is pure ARM,
there is no problem. And as the errata workaround has its drawbacks (BTB
is cleared on every context switch which affects performance), one might
want to not have it enabled. Maybe that warning should be spit only if
CONFIG_THUMB2_KERNEL (or whatever the option was) is enabled. Though if
that option is enabled I'd rather #error during compile time if errata
workaround is not enabled, instead of printing a warning while booting a
system that will crash in a matter of seconds.
Ivo
--
To unsubscribe from this list: send the line "unsubscribe linux-omap" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html