git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Marc Zyngier <maz@kernel.org>
	Fri, 13 Dec 2024 14:10:37 +0000 (14:10 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 27 Dec 2024 13:02:06 +0000 (14:02 +0100)
commit	20bf32f4828879c5c3213ff8ba1f58b6f95a104e
tree	7ef1795dc2fe73c6b606380f6c190d04b9d9bba6	tree
parent	2f19001192ccc20152685ff7babe0717ae71f518	commit \| diff

irqchip/gic-v3: Work around insecure GIC integrations

commit 773c05f417fa14e1ac94776619e9c978ec001f0b upstream.

It appears that the relatively popular RK3399 SoC has been put together
using a large amount of illicit substances, as experiments reveal that its
integration of GIC500 exposes the *secure* programming interface to
non-secure.

This has some pretty bad effects on the way priorities are handled, and
results in a dead machine if booting with pseudo-NMI enabled
(irqchip.gicv3_pseudo_nmi=1) if the kernel contains 18fdb6348c480 ("arm64:
irqchip/gic-v3: Select priorities at boot time"), which relies on the
priorities being programmed using the NS view.

Let's restore some sanity by going one step further and disable security
altogether in this case. This is not any worse, and puts us in a mode where
priorities actually make some sense.

Huge thanks to Mark Kettenis who initially identified this issue on
OpenBSD, and to Chen-Yu Tsai who reported the problem in Linux.

Fixes: 18fdb6348c480 ("arm64: irqchip/gic-v3: Select priorities at boot time")
Reported-by: Mark Kettenis <mark.kettenis@xs4all.nl>
Reported-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Chen-Yu Tsai <wens@csie.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/20241213141037.3995049-1-maz@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>