On 31-07-19, 17:45, Mark Rutland wrote:
> On Fri, Jul 12, 2019 at 10:58:12AM +0530, Viresh Kumar wrote:
> > From: Will Deacon <will.deacon@xxxxxxx>
> >
> > commit 0f15adbb2861ce6f75ccfc5a92b19eae0ef327d0 upstream.
> >
> > Aliasing attacks against CPU branch predictors can allow an attacker to
> > redirect speculative control flow on some CPUs and potentially divulge
> > information from one context to another.
> >
> > This patch adds initial skeleton code behind a new Kconfig option to
> > enable implementation-specific mitigations against these attacks for
> > CPUs that are affected.
> >
> > Co-developed-by: Marc Zyngier <marc.zyngier@xxxxxxx>
> > Signed-off-by: Will Deacon <will.deacon@xxxxxxx>
> > Signed-off-by: Catalin Marinas <catalin.marinas@xxxxxxx>
> > [ v4.4: Changes made according to 4.4 codebase ]
> > Signed-off-by: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
>
> [...]
>
> > /* id_aa64pfr0 */
> > +#define ID_AA64PFR0_CSV2_SHIFT 56
>
> Note: CSV3 is bits 63-60,
>
> > diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> > index 474b34243521..040a42d79990 100644
> > --- a/arch/arm64/kernel/cpufeature.c
> > +++ b/arch/arm64/kernel/cpufeature.c
> > @@ -83,7 +83,8 @@ static struct arm64_ftr_bits ftr_id_aa64isar0[] = {
> > };
> >
> > static struct arm64_ftr_bits ftr_id_aa64pfr0[] = {
> > - ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 32, 0),
> > + ARM64_FTR_BITS(FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_CSV2_SHIFT, 4, 0),
> > + ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 28, 0),
>
> This line should be:
>
> ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 24, 0),
>
> ... as it was in the v4.9 backbort, making it cover bits 55:32. As in
> this patch, it covers 59:32, overlapping with CSV2.
Fixed thanks.
> We also need to cater for bits 63:60. In the v4.9 backport, the meltdown
> bits were applied first, so nothing special was necessary.
>
> What's the plan w.r.t. meltdown mitigations and v4.4?
I haven't started looking at meltdown patches yet and so that will be
done at a later point of time, if at all done by me. I have been asked
to backport both Spectre and Meltdown though to 4.4.
--
viresh
