From: Greg Kroah-Hartman Date: Tue, 12 Apr 2022 05:45:40 +0000 (+0200) Subject: fixup queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch to... X-Git-Tag: v4.9.310~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=38aa2a010c4a36a9d9a5061e7f76faf36b483fd0;p=thirdparty%2Fkernel%2Fstable-queue.git fixup queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch to build properly with some configs --- diff --git a/queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch b/queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch index 7bb47506111..e0cf5965a09 100644 --- a/queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch +++ b/queue-4.9/arm64-mitigate-spectre-style-branch-history-side-channels.patch @@ -44,12 +44,12 @@ Signed-off-by: Greg Kroah-Hartman arch/arm64/Kconfig | 10 + arch/arm64/include/asm/assembler.h | 4 arch/arm64/include/asm/cpufeature.h | 27 +++ - arch/arm64/include/asm/cputype.h | 8 + + arch/arm64/include/asm/cputype.h | 8 arch/arm64/include/asm/sysreg.h | 1 arch/arm64/include/asm/vectors.h | 6 - arch/arm64/kernel/cpu_errata.c | 284 +++++++++++++++++++++++++++++++++++- + arch/arm64/kernel/cpu_errata.c | 290 +++++++++++++++++++++++++++++++++++- arch/arm64/kvm/hyp/hyp-entry.S | 4 - 8 files changed, 341 insertions(+), 3 deletions(-) + 8 files changed, 346 insertions(+), 4 deletions(-) --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -222,7 +222,7 @@ Signed-off-by: Greg Kroah-Hartman } #endif /* CONFIG_KVM */ -@@ -553,9 +557,207 @@ const struct arm64_cpu_capabilities arm6 +@@ -553,9 +557,210 @@ const struct arm64_cpu_capabilities arm6 }, #endif { @@ -230,7 +230,9 @@ Signed-off-by: Greg Kroah-Hartman + .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM, + .capability = ARM64_SPECTRE_BHB, + .matches = is_spectre_bhb_affected, ++#ifdef CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY + .cpu_enable = spectre_bhb_enable_mitigation, ++#endif + }, + { } @@ -240,8 +242,8 @@ Signed-off-by: Greg Kroah-Hartman + * We try to ensure that the mitigation state can never change as the result of + * onlining a late CPU. + */ -+static void update_mitigation_state(enum mitigation_state *oldp, -+ enum mitigation_state new) ++static void __maybe_unused update_mitigation_state(enum mitigation_state *oldp, ++ enum mitigation_state new) +{ + enum mitigation_state state; + @@ -377,7 +379,7 @@ Signed-off-by: Greg Kroah-Hartman + return false; +} + -+static bool supports_ecbhb(int scope) ++static bool __maybe_unused supports_ecbhb(int scope) +{ + u64 mmfr1; + @@ -407,6 +409,7 @@ Signed-off-by: Greg Kroah-Hartman + return false; +} + ++#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR +static void this_cpu_set_vectors(enum arm64_bp_harden_el1_vectors slot) +{ + const char *v = arm64_get_bp_hardening_vector(slot); @@ -430,7 +433,7 @@ Signed-off-by: Greg Kroah-Hartman #ifdef CONFIG_KVM static const char *kvm_bhb_get_vecs_end(const char *start) { -@@ -571,7 +773,7 @@ static const char *kvm_bhb_get_vecs_end( +@@ -571,7 +776,7 @@ static const char *kvm_bhb_get_vecs_end( return NULL; } @@ -439,13 +442,14 @@ Signed-off-by: Greg Kroah-Hartman { int cpu, slot = -1; const char *hyp_vecs_end; -@@ -609,5 +811,83 @@ void kvm_setup_bhb_slot(const char *hyp_ +@@ -609,5 +814,84 @@ void kvm_setup_bhb_slot(const char *hyp_ #define __spectre_bhb_loop_k24_start NULL #define __spectre_bhb_loop_k32_start NULL -void kvm_setup_bhb_slot(const char *hyp_vecs_start) { }; +-#endif +static void kvm_setup_bhb_slot(const char *hyp_vecs_start) { }; - #endif ++#endif /* CONFIG_KVM */ + +static bool is_spectrev2_safe(void) +{ @@ -524,6 +528,7 @@ Signed-off-by: Greg Kroah-Hartman + AARCH64_INSN_MOVEWIDE_ZERO); + *updptr++ = cpu_to_le32(insn); +} ++#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */ --- a/arch/arm64/kvm/hyp/hyp-entry.S +++ b/arch/arm64/kvm/hyp/hyp-entry.S @@ -136,6 +136,10 @@ el1_hvc_guest: diff --git a/queue-4.9/arm64-use-the-clearbhb-instruction-in-mitigations.patch b/queue-4.9/arm64-use-the-clearbhb-instruction-in-mitigations.patch index 192b0f0c490..bc4bce80b49 100644 --- a/queue-4.9/arm64-use-the-clearbhb-instruction-in-mitigations.patch +++ b/queue-4.9/arm64-use-the-clearbhb-instruction-in-mitigations.patch @@ -129,7 +129,7 @@ Signed-off-by: Greg Kroah-Hartman static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start, const char *hyp_vecs_end) -@@ -590,6 +592,7 @@ static void update_mitigation_state(enum +@@ -592,6 +594,7 @@ static void __maybe_unused update_mitiga * - Mitigated by a branchy loop a CPU specific number of times, and listed * in our "loop mitigated list". * - Mitigated in software by the firmware Spectre v2 call. @@ -137,7 +137,7 @@ Signed-off-by: Greg Kroah-Hartman * - Has the 'Exception Clears Branch History Buffer' (ECBHB) feature, so no * software mitigation in the vectors is needed. * - Has CSV2.3, so is unaffected. -@@ -729,6 +732,9 @@ bool is_spectre_bhb_affected(const struc +@@ -731,6 +734,9 @@ bool is_spectre_bhb_affected(const struc if (supports_csv2p3(scope)) return false; @@ -147,7 +147,7 @@ Signed-off-by: Greg Kroah-Hartman if (spectre_bhb_loop_affected(scope)) return true; -@@ -769,6 +775,8 @@ static const char *kvm_bhb_get_vecs_end( +@@ -772,6 +778,8 @@ static const char *kvm_bhb_get_vecs_end( return __spectre_bhb_loop_k24_end; else if (start == __spectre_bhb_loop_k32_start) return __spectre_bhb_loop_k32_end; @@ -156,15 +156,15 @@ Signed-off-by: Greg Kroah-Hartman return NULL; } -@@ -810,6 +818,7 @@ static void kvm_setup_bhb_slot(const cha +@@ -813,6 +821,7 @@ static void kvm_setup_bhb_slot(const cha #define __spectre_bhb_loop_k8_start NULL #define __spectre_bhb_loop_k24_start NULL #define __spectre_bhb_loop_k32_start NULL +#define __spectre_bhb_clearbhb_start NULL static void kvm_setup_bhb_slot(const char *hyp_vecs_start) { }; - #endif -@@ -835,6 +844,11 @@ void spectre_bhb_enable_mitigation(const + #endif /* CONFIG_KVM */ +@@ -838,6 +847,11 @@ void spectre_bhb_enable_mitigation(const pr_info_once("spectre-bhb mitigation disabled by command line option\n"); } else if (supports_ecbhb(SCOPE_LOCAL_CPU)) { state = SPECTRE_MITIGATED;