641d804157
Merge in the latest Spectre mess to fix up conflicts with what was already queued for 5.18 when the embargo finally lifted. * for-next/spectre-bhb: (21 commits) arm64: Do not include __READ_ONCE() block in assembly files arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting arm64: Use the clearbhb instruction in mitigations KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated arm64: Mitigate spectre style branch history side channels arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 arm64: Add percpu vectors for EL1 arm64: entry: Add macro for reading symbol addresses from the trampoline arm64: entry: Add vectors that have the bhb mitigation sequences arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations arm64: entry: Allow the trampoline text to occupy multiple pages arm64: entry: Make the kpti trampoline's kpti sequence optional arm64: entry: Move trampoline macros out of ifdef'd section arm64: entry: Don't assume tramp_vectors is the start of the vectors arm64: entry: Allow tramp_alias to access symbols after the 4K boundary arm64: entry: Move the trampoline data page before the text page arm64: entry: Free up another register on kpti's tramp_exit path arm64: entry: Make the trampoline cleanup optional KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit ...
103 lines
2.8 KiB
C
103 lines
2.8 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* Interface for managing mitigations for Spectre vulnerabilities.
|
|
*
|
|
* Copyright (C) 2020 Google LLC
|
|
* Author: Will Deacon <will@kernel.org>
|
|
*/
|
|
|
|
#ifndef __ASM_SPECTRE_H
|
|
#define __ASM_SPECTRE_H
|
|
|
|
#define BP_HARDEN_EL2_SLOTS 4
|
|
#define __BP_HARDEN_HYP_VECS_SZ ((BP_HARDEN_EL2_SLOTS - 1) * SZ_2K)
|
|
|
|
#ifndef __ASSEMBLY__
|
|
|
|
#include <linux/percpu.h>
|
|
|
|
#include <asm/cpufeature.h>
|
|
#include <asm/virt.h>
|
|
|
|
/* Watch out, ordering is important here. */
|
|
enum mitigation_state {
|
|
SPECTRE_UNAFFECTED,
|
|
SPECTRE_MITIGATED,
|
|
SPECTRE_VULNERABLE,
|
|
};
|
|
|
|
struct task_struct;
|
|
|
|
/*
|
|
* Note: the order of this enum corresponds to __bp_harden_hyp_vecs and
|
|
* we rely on having the direct vectors first.
|
|
*/
|
|
enum arm64_hyp_spectre_vector {
|
|
/*
|
|
* Take exceptions directly to __kvm_hyp_vector. This must be
|
|
* 0 so that it used by default when mitigations are not needed.
|
|
*/
|
|
HYP_VECTOR_DIRECT,
|
|
|
|
/*
|
|
* Bounce via a slot in the hypervisor text mapping of
|
|
* __bp_harden_hyp_vecs, which contains an SMC call.
|
|
*/
|
|
HYP_VECTOR_SPECTRE_DIRECT,
|
|
|
|
/*
|
|
* Bounce via a slot in a special mapping of __bp_harden_hyp_vecs
|
|
* next to the idmap page.
|
|
*/
|
|
HYP_VECTOR_INDIRECT,
|
|
|
|
/*
|
|
* Bounce via a slot in a special mapping of __bp_harden_hyp_vecs
|
|
* next to the idmap page, which contains an SMC call.
|
|
*/
|
|
HYP_VECTOR_SPECTRE_INDIRECT,
|
|
};
|
|
|
|
typedef void (*bp_hardening_cb_t)(void);
|
|
|
|
struct bp_hardening_data {
|
|
enum arm64_hyp_spectre_vector slot;
|
|
bp_hardening_cb_t fn;
|
|
};
|
|
|
|
DECLARE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);
|
|
|
|
/* Called during entry so must be __always_inline */
|
|
static __always_inline void arm64_apply_bp_hardening(void)
|
|
{
|
|
struct bp_hardening_data *d;
|
|
|
|
if (!cpus_have_const_cap(ARM64_SPECTRE_V2))
|
|
return;
|
|
|
|
d = this_cpu_ptr(&bp_hardening_data);
|
|
if (d->fn)
|
|
d->fn();
|
|
}
|
|
|
|
enum mitigation_state arm64_get_spectre_v2_state(void);
|
|
bool has_spectre_v2(const struct arm64_cpu_capabilities *cap, int scope);
|
|
void spectre_v2_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
|
|
|
|
bool has_spectre_v3a(const struct arm64_cpu_capabilities *cap, int scope);
|
|
void spectre_v3a_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
|
|
|
|
enum mitigation_state arm64_get_spectre_v4_state(void);
|
|
bool has_spectre_v4(const struct arm64_cpu_capabilities *cap, int scope);
|
|
void spectre_v4_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
|
|
void spectre_v4_enable_task_mitigation(struct task_struct *tsk);
|
|
|
|
enum mitigation_state arm64_get_meltdown_state(void);
|
|
|
|
enum mitigation_state arm64_get_spectre_bhb_state(void);
|
|
bool is_spectre_bhb_affected(const struct arm64_cpu_capabilities *entry, int scope);
|
|
u8 spectre_bhb_loop_affected(int scope);
|
|
void spectre_bhb_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
|
|
#endif /* __ASSEMBLY__ */
|
|
#endif /* __ASM_SPECTRE_H */
|