--- /dev/null
+From fc8073d07c58a94363c884e2cde450ea39fc5dca Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 24 Apr 2020 17:38:04 +0100
+Subject: arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space
+
+From: James Morse <james.morse@arm.com>
+
+[ Upstream commit 222fc0c8503d98cec3cb2bac2780cdd21a6e31c0 ]
+
+Compat user-space is unable to perform ICIMVAU instructions from
+user-space. Instead it uses a compat-syscall. Add the workaround for
+Neoverse-N1 #1542419 to this code path.
+
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm64/kernel/sys_compat.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/arch/arm64/kernel/sys_compat.c b/arch/arm64/kernel/sys_compat.c
+index f1cb649594271..c9fb02927d3e5 100644
+--- a/arch/arm64/kernel/sys_compat.c
++++ b/arch/arm64/kernel/sys_compat.c
+@@ -8,6 +8,7 @@
+ */
+
+ #include <linux/compat.h>
++#include <linux/cpufeature.h>
+ #include <linux/personality.h>
+ #include <linux/sched.h>
+ #include <linux/sched/signal.h>
+@@ -17,6 +18,7 @@
+
+ #include <asm/cacheflush.h>
+ #include <asm/system_misc.h>
++#include <asm/tlbflush.h>
+ #include <asm/unistd.h>
+
+ static long
+@@ -30,6 +32,15 @@ __do_compat_cache_op(unsigned long start, unsigned long end)
+ if (fatal_signal_pending(current))
+ return 0;
+
++ if (cpus_have_const_cap(ARM64_WORKAROUND_1542419)) {
++ /*
++ * The workaround requires an inner-shareable tlbi.
++ * We pick the reserved-ASID to minimise the impact.
++ */
++ __tlbi(aside1is, 0);
++ dsb(ish);
++ }
++
+ ret = __flush_cache_user_range(start, start + chunk);
+ if (ret)
+ return ret;
+--
+2.20.1
+
--- /dev/null
+From a9730459a58397467b825d7d46572a3b65e69f01 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 24 Apr 2020 17:38:02 +0100
+Subject: arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1
+ #1542419
+
+From: James Morse <james.morse@arm.com>
+
+[ Upstream commit 05460849c3b51180d5ada3373d0449aea19075e4 ]
+
+Cores affected by Neoverse-N1 #1542419 could execute a stale instruction
+when a branch is updated to point to freshly generated instructions.
+
+To workaround this issue we need user-space to issue unnecessary
+icache maintenance that we can trap. Start by hiding CTR_EL0.DIC.
+
+Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ Documentation/arm64/silicon-errata.rst | 2 ++
+ arch/arm64/Kconfig | 16 +++++++++++++
+ arch/arm64/include/asm/cpucaps.h | 3 ++-
+ arch/arm64/kernel/cpu_errata.c | 32 +++++++++++++++++++++++++-
+ arch/arm64/kernel/traps.c | 3 +++
+ 5 files changed, 54 insertions(+), 2 deletions(-)
+
+diff --git a/Documentation/arm64/silicon-errata.rst b/Documentation/arm64/silicon-errata.rst
+index 5a09661330fcc..59daa4c21816b 100644
+--- a/Documentation/arm64/silicon-errata.rst
++++ b/Documentation/arm64/silicon-errata.rst
+@@ -88,6 +88,8 @@ stable kernels.
+ +----------------+-----------------+-----------------+-----------------------------+
+ | ARM | Neoverse-N1 | #1349291 | N/A |
+ +----------------+-----------------+-----------------+-----------------------------+
++| ARM | Neoverse-N1 | #1542419 | ARM64_ERRATUM_1542419 |
+++----------------+-----------------+-----------------+-----------------------------+
+ | ARM | MMU-500 | #841119,826419 | N/A |
+ +----------------+-----------------+-----------------+-----------------------------+
+ +----------------+-----------------+-----------------+-----------------------------+
+diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
+index 6ccd2ed309631..a0bc9bbb92f34 100644
+--- a/arch/arm64/Kconfig
++++ b/arch/arm64/Kconfig
+@@ -559,6 +559,22 @@ config ARM64_ERRATUM_1463225
+
+ If unsure, say Y.
+
++config ARM64_ERRATUM_1542419
++ bool "Neoverse-N1: workaround mis-ordering of instruction fetches"
++ default y
++ help
++ This option adds a workaround for ARM Neoverse-N1 erratum
++ 1542419.
++
++ Affected Neoverse-N1 cores could execute a stale instruction when
++ modified by another CPU. The workaround depends on a firmware
++ counterpart.
++
++ Workaround the issue by hiding the DIC feature from EL0. This
++ forces user-space to perform cache maintenance.
++
++ If unsure, say Y.
++
+ config CAVIUM_ERRATUM_22375
+ bool "Cavium erratum 22375, 24313"
+ default y
+diff --git a/arch/arm64/include/asm/cpucaps.h b/arch/arm64/include/asm/cpucaps.h
+index ac1dbca3d0cd3..1dc3c762fdcb9 100644
+--- a/arch/arm64/include/asm/cpucaps.h
++++ b/arch/arm64/include/asm/cpucaps.h
+@@ -54,7 +54,8 @@
+ #define ARM64_WORKAROUND_1463225 44
+ #define ARM64_WORKAROUND_CAVIUM_TX2_219_TVM 45
+ #define ARM64_WORKAROUND_CAVIUM_TX2_219_PRFM 46
++#define ARM64_WORKAROUND_1542419 47
+
+-#define ARM64_NCAPS 47
++#define ARM64_NCAPS 48
+
+ #endif /* __ASM_CPUCAPS_H */
+diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
+index 96f576e9ea463..0b2830379fe03 100644
+--- a/arch/arm64/kernel/cpu_errata.c
++++ b/arch/arm64/kernel/cpu_errata.c
+@@ -88,13 +88,21 @@ has_mismatched_cache_type(const struct arm64_cpu_capabilities *entry,
+ }
+
+ static void
+-cpu_enable_trap_ctr_access(const struct arm64_cpu_capabilities *__unused)
++cpu_enable_trap_ctr_access(const struct arm64_cpu_capabilities *cap)
+ {
+ u64 mask = arm64_ftr_reg_ctrel0.strict_mask;
++ bool enable_uct_trap = false;
+
+ /* Trap CTR_EL0 access on this CPU, only if it has a mismatch */
+ if ((read_cpuid_cachetype() & mask) !=
+ (arm64_ftr_reg_ctrel0.sys_val & mask))
++ enable_uct_trap = true;
++
++ /* ... or if the system is affected by an erratum */
++ if (cap->capability == ARM64_WORKAROUND_1542419)
++ enable_uct_trap = true;
++
++ if (enable_uct_trap)
+ sysreg_clear_set(sctlr_el1, SCTLR_EL1_UCT, 0);
+ }
+
+@@ -651,6 +659,18 @@ needs_tx2_tvm_workaround(const struct arm64_cpu_capabilities *entry,
+ return false;
+ }
+
++static bool __maybe_unused
++has_neoverse_n1_erratum_1542419(const struct arm64_cpu_capabilities *entry,
++ int scope)
++{
++ u32 midr = read_cpuid_id();
++ bool has_dic = read_cpuid_cachetype() & BIT(CTR_DIC_SHIFT);
++ const struct midr_range range = MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N1);
++
++ WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
++ return is_midr_in_range(midr, &range) && has_dic;
++}
++
+ #ifdef CONFIG_HARDEN_EL2_VECTORS
+
+ static const struct midr_range arm64_harden_el2_vectors[] = {
+@@ -927,6 +947,16 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
+ .capability = ARM64_WORKAROUND_CAVIUM_TX2_219_PRFM,
+ ERRATA_MIDR_RANGE_LIST(tx2_family_cpus),
+ },
++#endif
++#ifdef CONFIG_ARM64_ERRATUM_1542419
++ {
++ /* we depend on the firmware portion for correctness */
++ .desc = "ARM erratum 1542419 (kernel portion)",
++ .capability = ARM64_WORKAROUND_1542419,
++ .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
++ .matches = has_neoverse_n1_erratum_1542419,
++ .cpu_enable = cpu_enable_trap_ctr_access,
++ },
+ #endif
+ {
+ }
+diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
+index 34739e80211bc..465f0a0f8f0ab 100644
+--- a/arch/arm64/kernel/traps.c
++++ b/arch/arm64/kernel/traps.c
+@@ -470,6 +470,9 @@ static void ctr_read_handler(unsigned int esr, struct pt_regs *regs)
+ int rt = ESR_ELx_SYS64_ISS_RT(esr);
+ unsigned long val = arm64_ftr_reg_user_value(&arm64_ftr_reg_ctrel0);
+
++ if (cpus_have_const_cap(ARM64_WORKAROUND_1542419))
++ val &= ~BIT(CTR_DIC_SHIFT);
++
+ pt_regs_write_reg(regs, rt, val);
+
+ arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE);
+--
+2.20.1
+
--- /dev/null
+From abcd05921180797bf46911251727800590b02826 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 24 Apr 2020 17:38:03 +0100
+Subject: arm64: Fake the IminLine size on systems affected by Neoverse-N1
+ #1542419
+
+From: James Morse <james.morse@arm.com>
+
+[ Upstream commit ee9d90be9ddace01b7fb126567e4b539fbe1f82f ]
+
+Systems affected by Neoverse-N1 #1542419 support DIC so do not need to
+perform icache maintenance once new instructions are cleaned to the PoU.
+For the errata workaround, the kernel hides DIC from user-space, so that
+the unnecessary cache maintenance can be trapped by firmware.
+
+To reduce the number of traps, produce a fake IminLine value based on
+PAGE_SIZE.
+
+Signed-off-by: James Morse <james.morse@arm.com>
+Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm64/include/asm/cache.h | 3 ++-
+ arch/arm64/kernel/traps.c | 8 +++++++-
+ 2 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/arch/arm64/include/asm/cache.h b/arch/arm64/include/asm/cache.h
+index 43da6dd295920..806e9dc2a852a 100644
+--- a/arch/arm64/include/asm/cache.h
++++ b/arch/arm64/include/asm/cache.h
+@@ -11,6 +11,7 @@
+ #define CTR_L1IP_MASK 3
+ #define CTR_DMINLINE_SHIFT 16
+ #define CTR_IMINLINE_SHIFT 0
++#define CTR_IMINLINE_MASK 0xf
+ #define CTR_ERG_SHIFT 20
+ #define CTR_CWG_SHIFT 24
+ #define CTR_CWG_MASK 15
+@@ -18,7 +19,7 @@
+ #define CTR_DIC_SHIFT 29
+
+ #define CTR_CACHE_MINLINE_MASK \
+- (0xf << CTR_DMINLINE_SHIFT | 0xf << CTR_IMINLINE_SHIFT)
++ (0xf << CTR_DMINLINE_SHIFT | CTR_IMINLINE_MASK << CTR_IMINLINE_SHIFT)
+
+ #define CTR_L1IP(ctr) (((ctr) >> CTR_L1IP_SHIFT) & CTR_L1IP_MASK)
+
+diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
+index 465f0a0f8f0ab..4e3e9d9c81517 100644
+--- a/arch/arm64/kernel/traps.c
++++ b/arch/arm64/kernel/traps.c
+@@ -470,9 +470,15 @@ static void ctr_read_handler(unsigned int esr, struct pt_regs *regs)
+ int rt = ESR_ELx_SYS64_ISS_RT(esr);
+ unsigned long val = arm64_ftr_reg_user_value(&arm64_ftr_reg_ctrel0);
+
+- if (cpus_have_const_cap(ARM64_WORKAROUND_1542419))
++ if (cpus_have_const_cap(ARM64_WORKAROUND_1542419)) {
++ /* Hide DIC so that we can trap the unnecessary maintenance...*/
+ val &= ~BIT(CTR_DIC_SHIFT);
+
++ /* ... and fake IminLine to reduce the number of traps. */
++ val &= ~CTR_IMINLINE_MASK;
++ val |= (PAGE_SHIFT - 2) & CTR_IMINLINE_MASK;
++ }
++
+ pt_regs_write_reg(regs, rt, val);
+
+ arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE);
+--
+2.20.1
+
--- /dev/null
+From 1e0dd34803b305cc8de0358694207702b5bc50e1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 24 Apr 2020 17:38:05 +0100
+Subject: arm64: Silence clang warning on mismatched value/register sizes
+
+From: Catalin Marinas <catalin.marinas@arm.com>
+
+[ Upstream commit: 27a22fbdeedd6c5c451cf5f830d51782bf50c3a2 ]
+
+Clang reports a warning on the __tlbi(aside1is, 0) macro expansion since
+the value size does not match the register size specified in the inline
+asm. Construct the ASID value using the __TLBI_VADDR() macro.
+
+Fixes: 222fc0c8503d ("arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space")
+Reported-by: Nathan Chancellor <natechancellor@gmail.com>
+Cc: James Morse <james.morse@arm.com>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: James Morse <james.morse@arm.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm64/kernel/sys_compat.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/arm64/kernel/sys_compat.c b/arch/arm64/kernel/sys_compat.c
+index c9fb02927d3e5..3c18c2454089b 100644
+--- a/arch/arm64/kernel/sys_compat.c
++++ b/arch/arm64/kernel/sys_compat.c
+@@ -37,7 +37,7 @@ __do_compat_cache_op(unsigned long start, unsigned long end)
+ * The workaround requires an inner-shareable tlbi.
+ * We pick the reserved-ASID to minimise the impact.
+ */
+- __tlbi(aside1is, 0);
++ __tlbi(aside1is, __TLBI_VADDR(0, 0));
+ dsb(ish);
+ }
+
+--
+2.20.1
+
ext4-fix-extent_status-fragmentation-for-plain-files.patch
f2fs-fix-to-avoid-memory-leakage-in-f2fs_listxattr.patch
net-ip_tunnel-fix-interface-lookup-with-no-key.patch
+arm64-errata-hide-ctr_el0.dic-on-systems-affected-by.patch
+arm64-fake-the-iminline-size-on-systems-affected-by-.patch
+arm64-compat-workaround-neoverse-n1-1542419-for-comp.patch
+arm64-silence-clang-warning-on-mismatched-value-regi.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
