CVS commit: [netbsd-9] src/sys/arch/aarch64

Tue, 24 Dec 2019 09:31:18 -0800 

Module Name:    src
Committed By:   martin
Date:           Tue Dec 24 17:30:28 UTC 2019

Modified Files:
        src/sys/arch/aarch64/aarch64 [netbsd-9]: cpuswitch.S
        src/sys/arch/aarch64/include [netbsd-9]: asm.h

Log Message:
Pull up following revision(s) (requested by ryo in ticket #574):

        sys/arch/aarch64/include/asm.h: revision 1.5
        sys/arch/aarch64/aarch64/cpuswitch.S: revision 1.13

Add a speculation barrier after the 'eret'.

Some aarch64 cpus speculatively execute instructions after 'eret',
and this potentiates side-channel attack.

from
 
https://github.com/torvalds/linux/commit/679db70801da9fda91d26caf13bf5b5ccc74e8e8


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.11.4.1 src/sys/arch/aarch64/aarch64/cpuswitch.S
cvs rdiff -u -r1.3 -r1.3.4.1 src/sys/arch/aarch64/include/asm.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/arch/aarch64/aarch64/cpuswitch.S
diff -u src/sys/arch/aarch64/aarch64/cpuswitch.S:1.11 src/sys/arch/aarch64/aarch64/cpuswitch.S:1.11.4.1
--- src/sys/arch/aarch64/aarch64/cpuswitch.S:1.11	Thu Dec 27 09:55:27 2018
+++ src/sys/arch/aarch64/aarch64/cpuswitch.S	Tue Dec 24 17:30:28 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: cpuswitch.S,v 1.11 2018/12/27 09:55:27 mrg Exp $ */
+/* $NetBSD: cpuswitch.S,v 1.11.4.1 2019/12/24 17:30:28 martin Exp $ */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
 #include "opt_ddb.h"
 #include "opt_kasan.h"
 
-RCSID("$NetBSD: cpuswitch.S,v 1.11 2018/12/27 09:55:27 mrg Exp $")
+RCSID("$NetBSD: cpuswitch.S,v 1.11.4.1 2019/12/24 17:30:28 martin Exp $")
 
 /*
  * At IPL_SCHED:
@@ -268,7 +268,7 @@ ENTRY_NP(el1_trap_exit)
 	ldp	x1, x2, [x0, #TF_X1]
 	ldr	x0, [x0, #TF_X0]
 
-	eret
+	ERET
 END(el1_trap_exit)
 #ifdef DDB
 END(el1_trap)
@@ -339,7 +339,7 @@ ENTRY_NP(el0_trap_exit)
 	unwind_x0_x2
 
 	/* leave sp at l_md.md_utf, return back to EL0 user process */
-	eret
+	ERET
 END(el0_trap_exit)
 #ifdef DDB
 END(el0_trap)

Index: src/sys/arch/aarch64/include/asm.h
diff -u src/sys/arch/aarch64/include/asm.h:1.3 src/sys/arch/aarch64/include/asm.h:1.3.4.1
--- src/sys/arch/aarch64/include/asm.h:1.3	Tue Jul 17 18:08:37 2018
+++ src/sys/arch/aarch64/include/asm.h	Tue Dec 24 17:30:28 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: asm.h,v 1.3 2018/07/17 18:08:37 christos Exp $ */
+/* $NetBSD: asm.h,v 1.3.4.1 2019/12/24 17:30:28 martin Exp $ */
 
 #ifndef _AARCH64_ASM_H_
 #define _AARCH64_ASM_H_
@@ -8,4 +8,12 @@
 #define	fp	x29
 #define	lr	x30
 
+/*
+ * Add a speculation barrier after the 'eret'.
+ * Some aarch64 cpus speculatively execute instructions after 'eret',
+ * and this potentiates side-channel attacks.
+ */
+#define	ERET	\
+	eret; dsb sy; isb
+
 #endif /* !_AARCH64_ASM_H_ */

Reply via email to