diff options
| author | Will Deacon <will@kernel.org> | 2020-11-13 12:38:45 +0100 |
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2020-11-16 11:43:06 +0100 |
| commit | c4792b6dbc5070fe67f4cdcfdad39416333acbe0 (patch) | |
| tree | 5a7721a792a59da36ae0568f88c4125b644e7617 /arch/arm64/kernel | |
| parent | KVM: arm64: Allocate hyp vectors statically (diff) | |
| download | linux-c4792b6dbc5070fe67f4cdcfdad39416333acbe0.tar.xz linux-c4792b6dbc5070fe67f4cdcfdad39416333acbe0.zip | |
arm64: spectre: Rename ARM64_HARDEN_EL2_VECTORS to ARM64_SPECTRE_V3A
Since ARM64_HARDEN_EL2_VECTORS is really a mitigation for Spectre-v3a,
rename it accordingly for consistency with the v2 and v4 mitigation.
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Quentin Perret <qperret@google.com>
Link: https://lore.kernel.org/r/20201113113847.21619-9-will@kernel.org
Diffstat (limited to 'arch/arm64/kernel')
| -rw-r--r-- | arch/arm64/kernel/cpu_errata.c | 6 | ||||
| -rw-r--r-- | arch/arm64/kernel/proton-pack.c | 13 |
2 files changed, 13 insertions, 6 deletions
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 7a040abaedea..949d5615a47e 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -460,10 +460,10 @@ const struct arm64_cpu_capabilities arm64_errata[] = { #ifdef CONFIG_RANDOMIZE_BASE { /* Must come after the Spectre-v2 entry */ - .desc = "EL2 vector hardening", - .capability = ARM64_HARDEN_EL2_VECTORS, + .desc = "Spectre-v3a", + .capability = ARM64_SPECTRE_V3A, ERRATA_MIDR_RANGE_LIST(ca57_a72), - .cpu_enable = cpu_el2_vector_harden_enable, + .cpu_enable = spectre_v3a_enable_mitigation, }, #endif { diff --git a/arch/arm64/kernel/proton-pack.c b/arch/arm64/kernel/proton-pack.c index a4ba94129750..cf9f8b885aea 100644 --- a/arch/arm64/kernel/proton-pack.c +++ b/arch/arm64/kernel/proton-pack.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0-only /* - * Handle detection, reporting and mitigation of Spectre v1, v2 and v4, as + * Handle detection, reporting and mitigation of Spectre v1, v2, v3a and v4, as * detailed at: * * https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability @@ -270,11 +270,18 @@ void spectre_v2_enable_mitigation(const struct arm64_cpu_capabilities *__unused) update_mitigation_state(&spectre_v2_state, state); } -void cpu_el2_vector_harden_enable(const struct arm64_cpu_capabilities *__unused) +/* + * Spectre-v3a. + * + * Phew, there's not an awful lot to do here! We just instruct EL2 to use + * an indirect trampoline for the hyp vectors so that guests can't read + * VBAR_EL2 to defeat randomisation of the hypervisor VA layout. + */ +void spectre_v3a_enable_mitigation(const struct arm64_cpu_capabilities *__unused) { struct bp_hardening_data *data = this_cpu_ptr(&bp_hardening_data); - if (this_cpu_has_cap(ARM64_HARDEN_EL2_VECTORS)) + if (this_cpu_has_cap(ARM64_SPECTRE_V3A)) data->slot += HYP_VECTOR_INDIRECT; } |