Re: [PATCH v3 18/18] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround

Hi Marc, Thank you for keeping me in the loop, just minor comments below. On 2018/2/1 19:46, Marc Zyngier wrote: > Now that we've standardised on SMCCC v1.1 to perform the branch > prediction invalidation, let's drop the previous band-aid. > If vendors haven't updated their firmware to do SMCCC 1

Re: [PATCH v2 16/16] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support

On 2018/2/1 16:53, Marc Zyngier wrote: [...] ... and actually, perhaps it makes sense for the SMCCC_ARCH_WORKAROUND_1 check to be completely independent of MIDR based errata matching? I.e., if SMCCC v1.1 and SMCCC_ARCH_WORKAROUND_1 are both implemented, we should proba

Re: [PATCH v3 14/18] firmware/psci: Expose SMCCC version through psci_ops

On 1 February 2018 at 11:46, Marc Zyngier wrote: > Since PSCI 1.0 allows the SMCCC version to be (indirectly) probed, > let's do that at boot time, and expose the version of the calling > convention as part of the psci_ops structure. > > Acked-by: Lorenzo Pieralisi > Signed-off-by: Marc Zyngier

Re: [PATCH v3 00/41] Optimize KVM/ARM for VHE systems

On Thu, Feb 01, 2018 at 02:57:59PM +0100, Tomasz Nowicki wrote: > Hi Christoffer, > > I created simple module for VM kernel. It is spinning on PSCI version > hypercall to measure the base exit cost as you suggested. Also, I measured > CPU cycles for each loop and here are my results: > > My setup

Re: [PATCH v3 00/18] arm64: Add SMCCC v1.1 support and CVE-2017-5715 (Spectre variant 2) mitigation

On Thu, 01 Feb 2018 13:59:45 +, Ard Biesheuvel wrote: > > On 1 February 2018 at 11:46, Marc Zyngier wrote: > > ARM has recently published a SMC Calling Convention (SMCCC) > > specification update[1] that provides an optimised calling convention > > and optional, discoverable support for mitig

Re: [PATCH v3 16/18] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive

On 01/02/18 13:54, Marc Zyngier wrote: On 01/02/18 13:34, Robin Murphy wrote: On 01/02/18 11:46, Marc Zyngier wrote: One of the major improvement of SMCCC v1.1 is that it only clobbers the first 4 registers, both on 32 and 64bit. This means that it becomes very easy to provide an inline version

Re: [PATCH v3 00/18] arm64: Add SMCCC v1.1 support and CVE-2017-5715 (Spectre variant 2) mitigation

On 1 February 2018 at 11:46, Marc Zyngier wrote: > ARM has recently published a SMC Calling Convention (SMCCC) > specification update[1] that provides an optimised calling convention > and optional, discoverable support for mitigating CVE-2017-5715. ARM > Trusted Firmware (ATF) has already gained

Re: [PATCH v3 00/41] Optimize KVM/ARM for VHE systems

Hi Christoffer, I created simple module for VM kernel. It is spinning on PSCI version hypercall to measure the base exit cost as you suggested. Also, I measured CPU cycles for each loop and here are my results: My setup: 1-socket ThunderX2 running VM - 1VCPU Tested baselines: a) host kernel

Re: [PATCH v3 16/18] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive

On 01/02/18 13:34, Robin Murphy wrote: > On 01/02/18 11:46, Marc Zyngier wrote: >> One of the major improvement of SMCCC v1.1 is that it only clobbers >> the first 4 registers, both on 32 and 64bit. This means that it >> becomes very easy to provide an inline version of the SMC call >> primitive, a

Re: [PATCH] irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()

On 2/1/2018 8:24 AM, Marc Zyngier wrote: > On 01/02/18 12:55, Shanker Donthineni wrote: >> Hi Will, Thanks for your quick reply. >> >> On 02/01/2018 04:33 AM, Will Deacon wrote: >>> Hi Shanker, >>> >>> On Wed, Jan 31, 2018 at 06:03:42PM -0600, Shanker Donthineni wrote: A DMB instruction can be

Re: [PATCH v3 16/18] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive

On 01/02/18 11:46, Marc Zyngier wrote: One of the major improvement of SMCCC v1.1 is that it only clobbers the first 4 registers, both on 32 and 64bit. This means that it becomes very easy to provide an inline version of the SMC call primitive, and avoid performing a function call to stash the re

Re: [PATCH] irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()

On 01/02/18 12:55, Shanker Donthineni wrote: > Hi Will, Thanks for your quick reply. > > On 02/01/2018 04:33 AM, Will Deacon wrote: >> Hi Shanker, >> >> On Wed, Jan 31, 2018 at 06:03:42PM -0600, Shanker Donthineni wrote: >>> A DMB instruction can be used to ensure the relative order of only >>> me

Re: [PATCH] irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()

Hi Will, Thanks for your quick reply. On 02/01/2018 04:33 AM, Will Deacon wrote: > Hi Shanker, > > On Wed, Jan 31, 2018 at 06:03:42PM -0600, Shanker Donthineni wrote: >> A DMB instruction can be used to ensure the relative order of only >> memory accesses before and after the barrier. Since write

Re: [PATCH v3 14/18] firmware/psci: Expose SMCCC version through psci_ops

On 01/02/18 12:32, Robin Murphy wrote: > On 01/02/18 11:46, Marc Zyngier wrote: >> Since PSCI 1.0 allows the SMCCC version to be (indirectly) probed, >> let's do that at boot time, and expose the version of the calling >> convention as part of the psci_ops structure. >> >> Acked-by: Lorenzo Pierali

Re: [PATCH v3 15/18] arm/arm64: smccc: Make function identifiers an unsigned quantity

On 1 February 2018 at 12:40, Robin Murphy wrote: > On 01/02/18 11:46, Marc Zyngier wrote: >> >> Function identifiers are a 32bit, unsigned quantity. But we never >> tell so to the compiler, resulting in the following: >> >> 4ac: b26187e0mov x0, #0x8001 >> >> We thus rel

Re: [PATCH v3 15/18] arm/arm64: smccc: Make function identifiers an unsigned quantity

On 01/02/18 11:46, Marc Zyngier wrote: Function identifiers are a 32bit, unsigned quantity. But we never tell so to the compiler, resulting in the following: 4ac: b26187e0mov x0, #0x8001 We thus rely on the firmware narrowing it for us, which is not always a reasonab

Re: [PATCH v3 14/18] firmware/psci: Expose SMCCC version through psci_ops

On 01/02/18 11:46, Marc Zyngier wrote: Since PSCI 1.0 allows the SMCCC version to be (indirectly) probed, let's do that at boot time, and expose the version of the calling convention as part of the psci_ops structure. Acked-by: Lorenzo Pieralisi Signed-off-by: Marc Zyngier --- drivers/firmwa

Re: [PATCH v3 13/18] firmware/psci: Expose PSCI conduit

On 01/02/18 11:46, Marc Zyngier wrote: In order to call into the firmware to apply workarounds, it is useful to find out whether we're using HVC or SMC. Let's expose this through the psci_ops. Reviewed-by: Robin Murphy Acked-by: Lorenzo Pieralisi Signed-off-by: Marc Zyngier --- drivers/f

[PATCH v3 18/18] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround

Now that we've standardised on SMCCC v1.1 to perform the branch prediction invalidation, let's drop the previous band-aid. If vendors haven't updated their firmware to do SMCCC 1.1, they haven't updated PSCI either, so we don't loose anything. Signed-off-by: Marc Zyngier --- arch/arm64/kernel/bp

[PATCH v3 17/18] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support

Add the detection and runtime code for ARM_SMCCC_ARCH_WORKAROUND_1. It is lovely. Really. Signed-off-by: Marc Zyngier --- arch/arm64/kernel/bpi.S| 20 + arch/arm64/kernel/cpu_errata.c | 68 +- 2 files changed, 87 insertions(+), 1 deleti

[PATCH v3 16/18] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive

One of the major improvement of SMCCC v1.1 is that it only clobbers the first 4 registers, both on 32 and 64bit. This means that it becomes very easy to provide an inline version of the SMC call primitive, and avoid performing a function call to stash the registers that would otherwise be clobbered

[PATCH v3 13/18] firmware/psci: Expose PSCI conduit

In order to call into the firmware to apply workarounds, it is useful to find out whether we're using HVC or SMC. Let's expose this through the psci_ops. Acked-by: Lorenzo Pieralisi Signed-off-by: Marc Zyngier --- drivers/firmware/psci.c | 28 +++- include/linux/psci.h

[PATCH v3 15/18] arm/arm64: smccc: Make function identifiers an unsigned quantity

Function identifiers are a 32bit, unsigned quantity. But we never tell so to the compiler, resulting in the following: 4ac: b26187e0mov x0, #0x8001 We thus rely on the firmware narrowing it for us, which is not always a reasonable expectation. Cc: sta...@vger.kernel.or

[PATCH v3 12/18] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling

We want SMCCC_ARCH_WORKAROUND_1 to be fast. As fast as possible. So let's intercept it as early as we can by testing for the function call number as soon as we've identified a HVC call coming from the guest. Signed-off-by: Marc Zyngier --- arch/arm64/kvm/hyp/hyp-entry.S | 20 ++--

[PATCH v3 14/18] firmware/psci: Expose SMCCC version through psci_ops

Since PSCI 1.0 allows the SMCCC version to be (indirectly) probed, let's do that at boot time, and expose the version of the calling convention as part of the psci_ops structure. Acked-by: Lorenzo Pieralisi Signed-off-by: Marc Zyngier --- drivers/firmware/psci.c | 19 +++ includ

[PATCH v3 11/18] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support

A new feature of SMCCC 1.1 is that it offers firmware-based CPU workarounds. In particular, SMCCC_ARCH_WORKAROUND_1 provides BP hardening for CVE-2017-5715. If the host has some mitigation for this issue, report that we deal with it using SMCCC_ARCH_WORKAROUND_1, as we apply the host workaround on

[PATCH v3 10/18] arm/arm64: KVM: Turn kvm_psci_version into a static inline

We're about to need kvm_psci_version in HYP too. So let's turn it into a static inline, and pass the kvm structure as a second parameter (so that HYP can do a kern_hyp_va on it). Signed-off-by: Marc Zyngier --- arch/arm64/kvm/hyp/switch.c | 20 include/kvm/arm_psci.h |

[PATCH v3 09/18] arm/arm64: KVM: Advertise SMCCC v1.1

The new SMC Calling Convention (v1.1) allows for a reduced overhead when calling into the firmware, and provides a new feature discovery mechanism. Make it visible to KVM guests. Signed-off-by: Marc Zyngier --- arch/arm/kvm/handle_exit.c | 2 +- arch/arm64/kvm/handle_exit.c | 2 +- include/

[PATCH v3 05/18] arm/arm64: KVM: Add PSCI_VERSION helper

As we're about to trigger a PSCI version explosion, it doesn't hurt to introduce a PSCI_VERSION helper that is going to be used everywhere. Signed-off-by: Marc Zyngier --- include/kvm/arm_psci.h| 6 -- include/uapi/linux/psci.h | 3 +++ virt/kvm/arm/psci.c | 4 +--- 3 files changed

[PATCH v3 08/18] arm/arm64: KVM: Add PSCI version selection API

Although we've implemented PSCI 1.0 and 1.1, nothing can select them Since all the new PSCI versions are backward compatible, we decide to default to the latest version of the PSCI implementation. This is no different from doing a firmware upgrade on KVM. But in order to give a chance to hypotheti

[PATCH v3 07/18] arm/arm64: KVM: Implement PSCI 1.0 support

PSCI 1.0 can be trivially implemented by having PSCI 0.2 and the FEATURES call. Of, and returning 1.0 as the PSCI version. We happily ignore everything else, as it is optional. Signed-off-by: Marc Zyngier --- include/kvm/arm_psci.h | 1 + virt/kvm/arm/psci.c| 43 +++

[PATCH v3 06/18] arm/arm64: KVM: Add smccc accessors to PSCI code

Instead of open coding the accesses to the various registers, let's add explicit SMCCC accessors. Signed-off-by: Marc Zyngier --- virt/kvm/arm/psci.c | 52 ++-- 1 file changed, 42 insertions(+), 10 deletions(-) diff --git a/virt/kvm/arm/psci.c b/v

[PATCH v3 03/18] arm64: KVM: Increment PC after handling an SMC trap

When handling an SMC trap, the "preferred return address" is set to that of the SMC, and not the next PC (which is a departure from the behaviour of an SMC that isn't trapped). Increment PC in the handler, as the guest is otherwise forever stuck... Cc: sta...@vger.kernel.org Fixes: acfb3b883f6d (

[PATCH v3 04/18] arm/arm64: KVM: Consolidate the PSCI include files

As we're about to update the PSCI support, and because I'm lazy, let's move the PSCI include file to include/kvm so that both ARM architectures can find it. Signed-off-by: Marc Zyngier --- arch/arm/include/asm/kvm_psci.h| 27 -- arch/arm/kvm/handle_exit.c

[PATCH v3 02/18] arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls

KVM doesn't follow the SMCCC when it comes to unimplemented calls, and inject an UNDEF instead of returning an error. Since firmware calls are now used for security mitigation, they are becoming more common, and the undef is counter productive. Instead, let's follow the SMCCC which states that -1

[PATCH v3 01/18] arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls

KVM doesn't follow the SMCCC when it comes to unimplemented calls, and inject an UNDEF instead of returning an error. Since firmware calls are now used for security mitigation, they are becoming more common, and the undef is counter productive. Instead, let's follow the SMCCC which states that -1

[PATCH v3 00/18] arm64: Add SMCCC v1.1 support and CVE-2017-5715 (Spectre variant 2) mitigation

ARM has recently published a SMC Calling Convention (SMCCC) specification update[1] that provides an optimised calling convention and optional, discoverable support for mitigating CVE-2017-5715. ARM Trusted Firmware (ATF) has already gained such an implementation[2]. This series addresses a few th

Re: [PATCH] irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()

Hi Shanker, On Wed, Jan 31, 2018 at 06:03:42PM -0600, Shanker Donthineni wrote: > A DMB instruction can be used to ensure the relative order of only > memory accesses before and after the barrier. Since writes to system > registers are not memory operations, barrier DMB is not sufficient > for obs

Re: [PATCH v2 16/16] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support

On 01/02/18 02:40, Hanjun Guo wrote: > On 2018/1/31 23:05, Marc Zyngier wrote: >> On 31/01/18 14:38, Ard Biesheuvel wrote: >>> On 31 January 2018 at 14:35, Ard Biesheuvel >>> wrote: On 31 January 2018 at 14:11, Marc Zyngier wrote: > On 31/01/18 13:56, Hanjun Guo wrote: >> Hi Marc, >