Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull more arm64 updates from Catalin Marinas: "As I mentioned in the last pull request, there's a second batch of security updates for arm64 with mitigations for Spectre/v1 and an improved one for Spectre/v2 (via a newly defined firmware interface API). Spectre v1 mitigation: - back-end version of array_index_mask_nospec() - masking of the syscall number to restrict speculation through the syscall table - masking of __user pointers prior to deference in uaccess routines Spectre v2 mitigation update: - using the new firmware SMC calling convention specification update - removing the current PSCI GET_VERSION firmware call mitigation as vendors are deploying new SMCCC-capable firmware - additional branch predictor hardening for synchronous exceptions and interrupts while in user mode Meltdown v3 mitigation update: - Cavium Thunder X is unaffected but a hardware erratum gets in the way. The kernel now starts with the page tables mapped as global and switches to non-global if kpti needs to be enabled. Other: - Theoretical trylock bug fixed" * tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (38 commits) arm64: Kill PSCI_GET_VERSION as a variant-2 workaround arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support arm/arm64: smccc: Implement SMCCC v1.1 inline primitive arm/arm64: smccc: Make function identifiers an unsigned quantity firmware/psci: Expose SMCCC version through psci_ops firmware/psci: Expose PSCI conduit arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support arm/arm64: KVM: Turn kvm_psci_version into a static inline arm/arm64: KVM: Advertise SMCCC v1.1 arm/arm64: KVM: Implement PSCI 1.0 support arm/arm64: KVM: Add smccc accessors to PSCI code arm/arm64: KVM: Add PSCI_VERSION helper arm/arm64: KVM: Consolidate the PSCI include files arm64: KVM: Increment PC after handling an SMC trap arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls arm64: entry: Apply BP hardening for suspicious interrupts from EL0 arm64: entry: Apply BP hardening for high-priority synchronous exceptions arm64: futex: Mask __user pointers prior to dereference ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2018-02-08 13:44:25 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2018-02-08 13:44:25 -0500
commit: c0136321924dd338bb8fc5661c4b0e27441a8d04 (patch)
tree: 099cc60dfe6793309b21474a00e4d10087a7cae8 /virt
parent: 846ade7dd2e630a309a8c57302046e8c4037b8df (diff)
parent: 3a0a397ff5ff8b56ca9f7908b75dee6bf0b5fabb (diff)
2 files changed, 120 insertions, 25 deletions
diff --git a/virt/kvm/arm/arm.c b/virt/kvm/arm/arm.c
index 08464b2fba1d..7e3941f2ecde 100644
--- a/virt/kvm/arm/arm.c
+++ b/virt/kvm/arm/arm.c
@@ -31,6 +31,7 @@
 #include <linux/irqbypass.h>
 #include <trace/events/kvm.h>
 #include <kvm/arm_pmu.h>
+#include <kvm/arm_psci.h>
 #define CREATE_TRACE_POINTS
 #include "trace.h"
@@ -46,7 +47,6 @@
 #include <asm/kvm_mmu.h>
 #include <asm/kvm_emulate.h>
 #include <asm/kvm_coproc.h>
-#include <asm/kvm_psci.h>
 #include <asm/sections.h>
 #ifdef REQUIRES_VIRT
diff --git a/virt/kvm/arm/psci.c b/virt/kvm/arm/psci.c
index f1e363bab5e8..6919352cbf15 100644
--- a/virt/kvm/arm/psci.c
+++ b/virt/kvm/arm/psci.c
@@ -15,16 +15,16 @@
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+#include <linux/arm-smccc.h>
 #include <linux/preempt.h>
 #include <linux/kvm_host.h>
 #include <linux/wait.h>
 #include <asm/cputype.h>
 #include <asm/kvm_emulate.h>
-#include <asm/kvm_psci.h>
 #include <asm/kvm_host.h>
-#include <uapi/linux/psci.h>
+#include <kvm/arm_psci.h>
 /*
 * This is an implementation of the Power State Coordination Interface
@@ -33,6 +33,38 @@
 #define AFFINITY_MASK(level)    ~((0x1UL << ((level) * MPIDR_LEVEL_BITS)) - 1)
+static u32 smccc_get_function(struct kvm_vcpu *vcpu)
+{
+        return vcpu_get_reg(vcpu, 0);
+}
+static unsigned long smccc_get_arg1(struct kvm_vcpu *vcpu)
+{
+        return vcpu_get_reg(vcpu, 1);
+}
+static unsigned long smccc_get_arg2(struct kvm_vcpu *vcpu)
+{
+        return vcpu_get_reg(vcpu, 2);
+}
+static unsigned long smccc_get_arg3(struct kvm_vcpu *vcpu)
+{
+        return vcpu_get_reg(vcpu, 3);
+}
+static void smccc_set_retval(struct kvm_vcpu *vcpu,
+                             unsigned long a0,
+                             unsigned long a1,
+                             unsigned long a2,
+                             unsigned long a3)
+{
+        vcpu_set_reg(vcpu, 0, a0);
+        vcpu_set_reg(vcpu, 1, a1);
+        vcpu_set_reg(vcpu, 2, a2);
+        vcpu_set_reg(vcpu, 3, a3);
+}
 static unsigned long psci_affinity_mask(unsigned long affinity_level)
 {
        if (affinity_level <= 3)
@@ -78,7 +110,7 @@ static unsigned long kvm_psci_vcpu_on(struct kvm_vcpu *source_vcpu)
        unsigned long context_id;
        phys_addr_t target_pc;
-        cpu_id = vcpu_get_reg(source_vcpu, 1) & MPIDR_HWID_BITMASK;
+        cpu_id = smccc_get_arg1(source_vcpu) & MPIDR_HWID_BITMASK;
        if (vcpu_mode_is_32bit(source_vcpu))
                cpu_id &= ~((u32) 0);
@@ -91,14 +123,14 @@ static unsigned long kvm_psci_vcpu_on(struct kvm_vcpu *source_vcpu)
        if (!vcpu)
                return PSCI_RET_INVALID_PARAMS;
        if (!vcpu->arch.power_off) {
-                if (kvm_psci_version(source_vcpu) != KVM_ARM_PSCI_0_1)
+                if (kvm_psci_version(source_vcpu, kvm) != KVM_ARM_PSCI_0_1)
                        return PSCI_RET_ALREADY_ON;
                else
                        return PSCI_RET_INVALID_PARAMS;
        }
-        target_pc = vcpu_get_reg(source_vcpu, 2);
+        target_pc = smccc_get_arg2(source_vcpu);
-        context_id = vcpu_get_reg(source_vcpu, 3);
+        context_id = smccc_get_arg3(source_vcpu);
        kvm_reset_vcpu(vcpu);
@@ -117,7 +149,7 @@ static unsigned long kvm_psci_vcpu_on(struct kvm_vcpu *source_vcpu)
         * NOTE: We always update r0 (or x0) because for PSCI v0.1
         * the general puspose registers are undefined upon CPU_ON.
         */
-        vcpu_set_reg(vcpu, 0, context_id);
+        smccc_set_retval(vcpu, context_id, 0, 0, 0);
        vcpu->arch.power_off = false;
        smp_mb();               /* Make sure the above is visible */
@@ -137,8 +169,8 @@ static unsigned long kvm_psci_vcpu_affinity_info(struct kvm_vcpu *vcpu)
        struct kvm *kvm = vcpu->kvm;
        struct kvm_vcpu *tmp;
-        target_affinity = vcpu_get_reg(vcpu, 1);
+        target_affinity = smccc_get_arg1(vcpu);
-        lowest_affinity_level = vcpu_get_reg(vcpu, 2);
+        lowest_affinity_level = smccc_get_arg2(vcpu);
        /* Determine target affinity mask */
        target_affinity_mask = psci_affinity_mask(lowest_affinity_level);
@@ -200,18 +232,10 @@ static void kvm_psci_system_reset(struct kvm_vcpu *vcpu)
        kvm_prepare_system_event(vcpu, KVM_SYSTEM_EVENT_RESET);
 }
-int kvm_psci_version(struct kvm_vcpu *vcpu)
-{
-        if (test_bit(KVM_ARM_VCPU_PSCI_0_2, vcpu->arch.features))
-                return KVM_ARM_PSCI_0_2;
-        return KVM_ARM_PSCI_0_1;
-}
 static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
 {
        struct kvm *kvm = vcpu->kvm;
-        unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
+        u32 psci_fn = smccc_get_function(vcpu);
        unsigned long val;
        int ret = 1;
@@ -221,7 +245,7 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
                 * Bits[31:16] = Major Version = 0
                 * Bits[15:0] = Minor Version = 2
                 */
-                val = 2;
+                val = KVM_ARM_PSCI_0_2;
                break;
        case PSCI_0_2_FN_CPU_SUSPEND:
        case PSCI_0_2_FN64_CPU_SUSPEND:
@@ -278,14 +302,56 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
                break;
        }
-        vcpu_set_reg(vcpu, 0, val);
+        smccc_set_retval(vcpu, val, 0, 0, 0);
+        return ret;
+}
+static int kvm_psci_1_0_call(struct kvm_vcpu *vcpu)
+{
+        u32 psci_fn = smccc_get_function(vcpu);
+        u32 feature;
+        unsigned long val;
+        int ret = 1;
+        switch(psci_fn) {
+        case PSCI_0_2_FN_PSCI_VERSION:
+                val = KVM_ARM_PSCI_1_0;
+                break;
+        case PSCI_1_0_FN_PSCI_FEATURES:
+                feature = smccc_get_arg1(vcpu);
+                switch(feature) {
+                case PSCI_0_2_FN_PSCI_VERSION:
+                case PSCI_0_2_FN_CPU_SUSPEND:
+                case PSCI_0_2_FN64_CPU_SUSPEND:
+                case PSCI_0_2_FN_CPU_OFF:
+                case PSCI_0_2_FN_CPU_ON:
+                case PSCI_0_2_FN64_CPU_ON:
+                case PSCI_0_2_FN_AFFINITY_INFO:
+                case PSCI_0_2_FN64_AFFINITY_INFO:
+                case PSCI_0_2_FN_MIGRATE_INFO_TYPE:
+                case PSCI_0_2_FN_SYSTEM_OFF:
+                case PSCI_0_2_FN_SYSTEM_RESET:
+                case PSCI_1_0_FN_PSCI_FEATURES:
+                case ARM_SMCCC_VERSION_FUNC_ID:
+                        val = 0;
+                        break;
+                default:
+                        val = PSCI_RET_NOT_SUPPORTED;
+                        break;
+                }
+                break;
+        default:
+                return kvm_psci_0_2_call(vcpu);
+        }
+        smccc_set_retval(vcpu, val, 0, 0, 0);
        return ret;
 }
 static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
 {
        struct kvm *kvm = vcpu->kvm;
-        unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
+        u32 psci_fn = smccc_get_function(vcpu);
        unsigned long val;
        switch (psci_fn) {
@@ -303,7 +369,7 @@ static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
                break;
        }
-        vcpu_set_reg(vcpu, 0, val);
+        smccc_set_retval(vcpu, val, 0, 0, 0);
        return 1;
 }
@@ -321,9 +387,11 @@ static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
 * Errors:
 * -EINVAL: Unrecognized PSCI function
 */
-int kvm_psci_call(struct kvm_vcpu *vcpu)
+static int kvm_psci_call(struct kvm_vcpu *vcpu)
 {
-        switch (kvm_psci_version(vcpu)) {
+        switch (kvm_psci_version(vcpu, vcpu->kvm)) {
+        case KVM_ARM_PSCI_1_0:
+                return kvm_psci_1_0_call(vcpu);
        case KVM_ARM_PSCI_0_2:
                return kvm_psci_0_2_call(vcpu);
        case KVM_ARM_PSCI_0_1:
@@ -332,3 +400,30 @@ int kvm_psci_call(struct kvm_vcpu *vcpu)
                return -EINVAL;
        };
 }
+int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
+{
+        u32 func_id = smccc_get_function(vcpu);
+        u32 val = PSCI_RET_NOT_SUPPORTED;
+        u32 feature;
+        switch (func_id) {
+        case ARM_SMCCC_VERSION_FUNC_ID:
+                val = ARM_SMCCC_VERSION_1_1;
+                break;
+        case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
+                feature = smccc_get_arg1(vcpu);
+                switch(feature) {
+                case ARM_SMCCC_ARCH_WORKAROUND_1:
+                        if (kvm_arm_harden_branch_predictor())
+                                val = 0;
+                        break;
+                }
+                break;
+        default:
+                return kvm_psci_call(vcpu);
+        }
+        smccc_set_retval(vcpu, val, 0, 0, 0);
+        return 1;
+}
author	Linus Torvalds <torvalds@linux-foundation.org>	2018-02-08 13:44:25 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2018-02-08 13:44:25 -0500
commit	c0136321924dd338bb8fc5661c4b0e27441a8d04 (patch)
tree	099cc60dfe6793309b21474a00e4d10087a7cae8 /virt
parent	846ade7dd2e630a309a8c57302046e8c4037b8df (diff)
parent	3a0a397ff5ff8b56ca9f7908b75dee6bf0b5fabb (diff)