On 17-06-19, 17:03, Julien Thierry wrote: > On 14/06/2019 04:07, Viresh Kumar wrote: > > Hello, > > > > Here is an attempt to backport arm64 spectre patches to v4.4 stable > > tree. > > > > I have started this backport with Mark Rutland's backport of Spectre to > > 4.9 [1] and tried applying the upstream version of them over 4.4 and > > resolved conflicts by checking how they have been resolved in 4.9. > > > > I had to pick few extra upstream patches to avoid unnecessary conflicts > > (upstream commit ids mentioned): > > > > a842789837c0 arm64: remove duplicate macro __KERNEL__ check > > I'm a bit unfamiliar with what gets or doesn't get backported. My > understanding is that we try to backport only what's necessary to reduce > the noise and potential introduction of issues in stable releases. > > This commit is just a cleanup and (while valid) doesn't really seem > necessary (and potential conflicts from its absence would easily be > resolved IMO). So I'm just concerned that this doesn't constitute a > candidate for back porting (someone can correct me if I'm wrong). Dropped now. > > 64f8ebaf115b mm/kasan: add API to check memory regions > > bffe1baff5d5 arm64: kasan: instrument user memory access API > > 92406f0cc9e3 arm64: cpufeature: Add scope for capability check > > 9eb8a2cdf65c arm64: cputype info for Broadcom Vulcan > > 0d90718871fe arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs > > 98dd64f34f47 ARM: 8478/2: arm/arm64: add arm-smccc > > > > > > I had to drop few patches as well as they weren't getting applied > > properly due to missing files/features (upstream commit id mentioned): > > > > 93f339ef4175 arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early > > 3c31fa5a06b4 arm64: Run enable method for errata work arounds on late CPUs > > Looking at this and at the patches that implement the BP callbacks, we > need that patch or an equivalent, otherwise we won't be using the > correct vectors for late CPUs... > > I appreciate the code has changed, but it might be worth considering > 6a6efbb45b7d95c84840010095367eb06a64f342 as a needed dependency for BP > hardening. Okay, I had to pick two more patches for a clean rebase. d4a7e845dab5 arm64: Introduce cpu_die_early 7242dbf2e4da arm64: Move cpu_die_early to smp.c 545fe20330c3 arm64: Verify CPU errata work arounds on hotplugged CPU 0365babc6c1f arm64: Run enable method for errata work arounds on late CPUs (You can fetch my tree again to get these commit ids) > > 6840bdd73d07 arm64: KVM: Use per-CPU vector when BP hardening is enabled > > I don't believe we can do without this patch. Otherwise we're only using > the vector that has no mitigation for kvm guests. > > In v4.4, it looks like the contents of virt/kvm/arm/arm.c were contained > in arch/arm/kvm/arm.c (yes, even for amr64). Are there other reasons > this patch was not applying? It was something other than this I believe, I have already used these paths for many other patches. Anyway, KVM stuff is mostly dropped now, just that I had to keep the changes to arm-smccc.h from those patches. I have updated the stable/v4.4.y/spectre branch with all the changes you suggested and pushed the earlier version to stable/v4.4.y/spectre-v1 branch. Will it be possible for you to have a look at stable/v4.4.y/spectre branch to see if it is okay, so I can send the v2 version ? Don't want to spam list unnecessary with so many patches :) Thanks for your help Julien, really appreciate it. -- viresh
