lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 13 Aug 2020 10:03:24 +0100
From:   Will Deacon <will@...nel.org>
To:     Sai Prakash Ranjan <saiprakash.ranjan@...eaurora.org>
Cc:     Catalin Marinas <catalin.marinas@....com>,
        Marc Zyngier <maz@...nel.org>,
        Andre Przywara <andre.przywara@....com>,
        Mark Rutland <mark.rutland@....com>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        Stephen Boyd <swboyd@...omium.org>,
        Douglas Anderson <dianders@...omium.org>,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        linux-arm-msm@...r.kernel.org
Subject: Re: [PATCH] arm64: Add KRYO4XX gold CPU core to spectre-v2 safe list

On Thu, Aug 13, 2020 at 01:48:34PM +0530, Sai Prakash Ranjan wrote:
> KRYO4XX gold/big CPU cores are based on Cortex-A76 which has CSV2
> bits set and are spectre-v2 safe. But on big.LITTLE systems where
> they are coupled with other CPU cores such as the KRYO4XX silver
> based on Cortex-A55 which are spectre-v2 safe but do not have CSV2
> bits set, the system wide safe value will be set to the lowest value
> of CSV2 bits as per FTR_LOWER_SAFE defined for CSV2 bits of register
> ID_AA64PFR0_EL1.
> 
> This is a problem when booting a guest kernel on gold CPU cores
> where it will incorrectly report ARM_SMCCC_ARCH_WORKAROUND_1 warning
> and consider them as vulnerable for Spectre variant 2 due to system
> wide safe value which is used in kvm emulation code when reading id
> registers. One wrong way of fixing this is to set the FTR_HIGHER_SAFE
> for CSV2 bits, so instead add the KRYO4XX gold CPU core to the safe
> list which will be consulted even when the sanitised read reports
> that CSV2 bits are not set for KRYO4XX gold cores.
> 
> Reported-by: Stephen Boyd <swboyd@...omium.org>
> Signed-off-by: Sai Prakash Ranjan <saiprakash.ranjan@...eaurora.org>
> ---
>  arch/arm64/kernel/cpu_errata.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> index 6bd1d3ad037a..6cbdd2d98a2a 100644
> --- a/arch/arm64/kernel/cpu_errata.c
> +++ b/arch/arm64/kernel/cpu_errata.c
> @@ -545,6 +545,7 @@ static const struct midr_range spectre_v2_safe_list[] = {
>  	MIDR_ALL_VERSIONS(MIDR_HISI_TSV110),
>  	MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_3XX_SILVER),
>  	MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_4XX_SILVER),
> +	MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_4XX_GOLD),

We shouldn't be putting CPUs in the safe list when they have CSV2 reporting
that they are mitigated in hardware, so I don't think this is the right
approach.

Sounds more like KVM should advertise CSV2 for the vCPUs if all of the
physical CPUs without CSV2 set are on the safe list. But then again, KVM
has always been slightly in denial about big.LITTLE because you can't
sensibly expose it to a guest if there are detectable differences...

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ