Hi Greg,

I've put together a tag which includes all of the upstream arm64 spectre and
meltdown mitigations based on v4.15. Please could you consider taking this
into the 4.15 stable tree?

I understand that Ard (cc'd) is using this stack to create a version for 4.14

Note that there are two commits in here that are already in stable:

  9c9345fb26ff [Variant 1/Spectre-v1] Documentation: Document array_index_nospec
  60d6c8a8e54e [Variant 1/Spectre-v1] array_index_nospec: Sanitize speculative 
array de-references

so you can skip those when applying.

Please shout if you run into trouble.




The following changes since commit d8a5b80568a9cb66810e75b182018e9edb68e8ff:

  Linux 4.15 (2018-01-28 13:20:33 -0800)

are available in the git repository at:


for you to fetch changes up to a4c4410bae3dc1f00ab3bfb9d425740bf197b5b6:

  [Variant 2/Spectre-v2] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround 
(2018-02-07 15:48:57 +0000)

arm64 Spectre and Meltdown mitigations based on v4.15

Catalin Marinas (1):
      [Variant 3/Meltdown] arm64: kpti: Fix the interaction between ASID 
switching and software PAN

Dan Williams (1):
      [Variant 1/Spectre-v1] array_index_nospec: Sanitize speculative array 

James Morse (1):
      [Variant 2/Spectre-v2] arm64: cpufeature: __this_cpu_has_cap() shouldn't 
stop early

Jayachandran C (3):
      [Variant 3/Meltdown] arm64: cputype: Add MIDR values for Cavium ThunderX2 
      [Variant 3/Meltdown] arm64: Turn on KPTI only on CPUs that need it
      [Variant 2/Spectre-v2] arm64: Branch predictor hardening for Cavium 

Marc Zyngier (20):
      [Variant 3/Meltdown] arm64: Force KPTI to be disabled on Cavium ThunderX
      [Variant 2/Spectre-v2] arm64: Move post_ttbr_update_workaround to C code
      [Variant 2/Spectre-v2] arm64: Move BP hardening to 
      [Variant 2/Spectre-v2] arm64: KVM: Use per-CPU vector when BP hardening 
is enabled
      [Variant 2/Spectre-v2] arm64: KVM: Increment PC after handling an SMC trap
      [Variant 2/Spectre-v2] arm/arm64: KVM: Consolidate the PSCI include files
      [Variant 2/Spectre-v2] arm/arm64: KVM: Add PSCI_VERSION helper
      [Variant 2/Spectre-v2] arm/arm64: KVM: Add smccc accessors to PSCI code
      [Variant 2/Spectre-v2] arm/arm64: KVM: Implement PSCI 1.0 support
      [Variant 2/Spectre-v2] arm/arm64: KVM: Advertise SMCCC v1.1
      [Variant 2/Spectre-v2] arm64: KVM: Make PSCI_VERSION a fast path
      [Variant 2/Spectre-v2] arm/arm64: KVM: Turn kvm_psci_version into a 
static inline
      [Variant 2/Spectre-v2] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP 
hardening support
      [Variant 2/Spectre-v2] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast 
      [Variant 2/Spectre-v2] firmware/psci: Expose PSCI conduit
      [Variant 2/Spectre-v2] firmware/psci: Expose SMCCC version through 
      [Variant 2/Spectre-v2] arm/arm64: smccc: Make function identifiers an 
unsigned quantity
      [Variant 2/Spectre-v2] arm/arm64: smccc: Implement SMCCC v1.1 inline 
      [Variant 2/Spectre-v2] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP 
hardening support
      [Variant 2/Spectre-v2] arm64: Kill PSCI_GET_VERSION as a variant-2 

Mark Rutland (1):
      [Variant 1/Spectre-v1] Documentation: Document array_index_nospec

Robin Murphy (3):
      [Variant 1/Spectre-v1] arm64: Implement array_index_mask_nospec()
      [Variant 1/Spectre-v1] arm64: Make USER_DS an inclusive limit
      [Variant 1/Spectre-v1] arm64: Use pointer masking to limit uaccess 

Shanker Donthineni (1):
      [Variant 2/Spectre-v2] arm64: Implement branch predictor hardening for 

Stephen Boyd (1):
      [Variant 3/Meltdown] arm64: cpu_errata: Add Kryo to Falkor 1003 errata

Suzuki K Poulose (2):
      [Variant 3/Meltdown] arm64: capabilities: Handle duplicate entries for a 
      [Variant 2/Spectre-v2] arm64: Run enable method for errata work arounds 
on late CPUs

Will Deacon (41):
      [Variant 3/Meltdown] arm64: mm: Use non-global mappings for kernel space
      [Variant 3/Meltdown] arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
      [Variant 3/Meltdown] arm64: mm: Move ASID from TTBR0 to TTBR1
      [Variant 3/Meltdown] arm64: mm: Remove pre_ttbr0_update_workaround for 
Falkor erratum #E1003
      [Variant 3/Meltdown] arm64: mm: Rename post_ttbr0_update_workaround
      [Variant 3/Meltdown] arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
      [Variant 3/Meltdown] arm64: mm: Allocate ASIDs in pairs
      [Variant 3/Meltdown] arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
      [Variant 3/Meltdown] arm64: mm: Invalidate both kernel and user ASIDs 
when performing TLBI
      [Variant 3/Meltdown] arm64: entry: Add exception trampoline page for 
exceptions from EL0
      [Variant 3/Meltdown] arm64: mm: Map entry trampoline into trampoline and 
kernel page tables
      [Variant 3/Meltdown] arm64: entry: Explicitly pass exception level to 
kernel_ventry macro
      [Variant 3/Meltdown] arm64: entry: Hook up entry trampoline to exception 
      [Variant 3/Meltdown] arm64: erratum: Work around Falkor erratum #E1003 in 
trampoline code
      [Variant 3/Meltdown] arm64: tls: Avoid unconditional zeroing of 
tpidrro_el0 for native tasks
      [Variant 3/Meltdown] arm64: entry: Add fake CPU feature for unmapping the 
kernel at EL0
      [Variant 3/Meltdown] arm64: kaslr: Put kernel vectors address in separate 
data page
      [Variant 3/Meltdown] arm64: use RET instruction for exiting the trampoline
      [Variant 3/Meltdown] arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
      [Variant 3/Meltdown] arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig 
      [Variant 3/Meltdown] arm64: Take into account ID_AA64PFR0_EL1.CSV3
      [Variant 3/Meltdown] arm64: mm: Introduce TTBR_ASID_MASK for getting at 
the ASID in the TTBR
      [Variant 3/Meltdown] arm64: kpti: Make use of nG dependent on 
      [Variant 3/Meltdown] arm64: mm: Permit transitioning from Global to 
Non-Global without BBM
      [Variant 3/Meltdown] arm64: kpti: Add ->enable callback to remap swapper 
using nG mappings
      [Variant 3/Meltdown] arm64: entry: Reword comment about 
      [Variant 3/Meltdown] arm64: idmap: Use "awx" flags for .idmap.text 
.pushsection directives
      [Variant 3/Meltdown] perf: arm_spe: Fail device probe when 
      [Variant 1/Spectre-v1] arm64: barrier: Add CSDB macros to control 
data-value prediction
      [Variant 1/Spectre-v1] arm64: entry: Ensure branch through syscall table 
is bounded under speculation
      [Variant 1/Spectre-v1] arm64: uaccess: Prevent speculative use of the 
current addr_limit
      [Variant 1/Spectre-v1] arm64: uaccess: Don't bother eliding access_ok 
checks in __{get, put}_user
      [Variant 1/Spectre-v1] arm64: uaccess: Mask __user pointers for 
__arch_{clear, copy_*}_user
      [Variant 1/Spectre-v1] arm64: futex: Mask __user pointers prior to 
      [Variant 2/Spectre-v2] arm64: cpufeature: Pass capability structure to 
->enable callback
      [Variant 2/Spectre-v2] drivers/firmware: Expose psci_get_version through 
psci_ops structure
      [Variant 2/Spectre-v2] arm64: Add skeleton to harden the branch predictor 
against aliasing attacks
      [Variant 2/Spectre-v2] arm64: entry: Apply BP hardening for high-priority 
synchronous exceptions
      [Variant 2/Spectre-v2] arm64: entry: Apply BP hardening for suspicious 
interrupts from EL0
      [Variant 2/Spectre-v2] arm64: cputype: Add missing MIDR values for 
Cortex-A72 and Cortex-A75
      [Variant 2/Spectre-v2] arm64: Implement branch predictor hardening for 
affected Cortex-A CPUs

 Documentation/arm64/silicon-errata.txt |   2 +-
 Documentation/speculation.txt          |  90 +++++++++++++
 arch/arm/include/asm/kvm_host.h        |   6 +
 arch/arm/include/asm/kvm_mmu.h         |  10 ++
 arch/arm/include/asm/kvm_psci.h        |  27 ----
 arch/arm/kvm/handle_exit.c             |   4 +-
 arch/arm64/Kconfig                     |  46 +++++--
 arch/arm64/include/asm/asm-uaccess.h   |  36 +++--
 arch/arm64/include/asm/assembler.h     |  54 +++-----
 arch/arm64/include/asm/barrier.h       |  22 +++
 arch/arm64/include/asm/cpucaps.h       |   5 +-
 arch/arm64/include/asm/cputype.h       |   9 ++
 arch/arm64/include/asm/efi.h           |  12 +-
 arch/arm64/include/asm/fixmap.h        |   5 +
 arch/arm64/include/asm/futex.h         |   9 +-
 arch/arm64/include/asm/kvm_asm.h       |   2 +
 arch/arm64/include/asm/kvm_host.h      |   5 +
 arch/arm64/include/asm/kvm_mmu.h       |  38 ++++++
 arch/arm64/include/asm/kvm_psci.h      |  27 ----
 arch/arm64/include/asm/mmu.h           |  48 +++++++
 arch/arm64/include/asm/mmu_context.h   |  12 +-
 arch/arm64/include/asm/pgtable-hwdef.h |   1 +
 arch/arm64/include/asm/pgtable-prot.h  |  35 +++--
 arch/arm64/include/asm/pgtable.h       |   1 +
 arch/arm64/include/asm/proc-fns.h      |   6 -
 arch/arm64/include/asm/processor.h     |   3 +
 arch/arm64/include/asm/sysreg.h        |   2 +
 arch/arm64/include/asm/tlbflush.h      |  16 ++-
 arch/arm64/include/asm/uaccess.h       | 181 +++++++++++++++++--------
 arch/arm64/kernel/Makefile             |   4 +
 arch/arm64/kernel/arm64ksyms.c         |   4 +-
 arch/arm64/kernel/asm-offsets.c        |   6 +-
 arch/arm64/kernel/bpi.S                |  83 ++++++++++++
 arch/arm64/kernel/cpu-reset.S          |   2 +-
 arch/arm64/kernel/cpu_errata.c         | 239 ++++++++++++++++++++++++++++++++-
 arch/arm64/kernel/cpufeature.c         | 138 +++++++++++++++----
 arch/arm64/kernel/entry.S              | 228 ++++++++++++++++++++++++++-----
 arch/arm64/kernel/head.S               |   2 +-
 arch/arm64/kernel/process.c            |  12 +-
 arch/arm64/kernel/sleep.S              |   2 +-
 arch/arm64/kernel/vmlinux.lds.S        |  22 ++-
 arch/arm64/kvm/handle_exit.c           |  14 +-
 arch/arm64/kvm/hyp/entry.S             |  12 ++
 arch/arm64/kvm/hyp/hyp-entry.S         |  20 ++-
 arch/arm64/kvm/hyp/switch.c            |  13 +-
 arch/arm64/lib/clear_user.S            |  10 +-
 arch/arm64/lib/copy_from_user.S        |   4 +-
 arch/arm64/lib/copy_in_user.S          |   9 +-
 arch/arm64/lib/copy_to_user.S          |   4 +-
 arch/arm64/mm/cache.S                  |   4 +-
 arch/arm64/mm/context.c                |  48 ++++---
 arch/arm64/mm/fault.c                  |  36 ++++-
 arch/arm64/mm/mmu.c                    |  35 +++++
 arch/arm64/mm/proc.S                   | 224 +++++++++++++++++++++++++++---
 arch/arm64/xen/hypercall.S             |   4 +-
 drivers/firmware/psci.c                |  57 +++++++-
 drivers/perf/arm_spe_pmu.c             |   9 ++
 include/kvm/arm_psci.h                 |  51 +++++++
 include/linux/arm-smccc.h              | 165 ++++++++++++++++++++++-
 include/linux/nospec.h                 |  72 ++++++++++
 include/linux/psci.h                   |  14 ++
 include/uapi/linux/psci.h              |   3 +
 virt/kvm/arm/arm.c                     |  10 +-
 virt/kvm/arm/psci.c                    | 143 ++++++++++++++++----
 64 files changed, 2049 insertions(+), 368 deletions(-)
 create mode 100644 Documentation/speculation.txt
 delete mode 100644 arch/arm/include/asm/kvm_psci.h
 delete mode 100644 arch/arm64/include/asm/kvm_psci.h
 create mode 100644 arch/arm64/kernel/bpi.S
 create mode 100644 include/kvm/arm_psci.h
 create mode 100644 include/linux/nospec.h

Reply via email to