lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20201023085638.GB20821@willie-the-truck>
Date:   Fri, 23 Oct 2020 09:56:39 +0100
From:   Will Deacon <will@...nel.org>
To:     Stephen Boyd <swboyd@...omium.org>
Cc:     Catalin Marinas <catalin.marinas@....com>,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        Andre Przywara <andre.przywara@....com>,
        Steven Price <steven.price@....com>,
        Marc Zyngier <maz@...nel.org>, stable@...r.kernel.org
Subject: Re: [PATCH v2] KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't
 return SMCCC_RET_NOT_REQUIRED

On Wed, Oct 21, 2020 at 08:29:58PM -0700, Stephen Boyd wrote:
> According to the SMCCC spec[1](7.5.2 Discovery) the
> ARM_SMCCC_ARCH_WORKAROUND_1 function id only returns 0, 1, and
> SMCCC_RET_NOT_SUPPORTED.
> 
>  0 is "workaround required and safe to call this function"
>  1 is "workaround not required but safe to call this function"
>  SMCCC_RET_NOT_SUPPORTED is "might be vulnerable or might not be, who knows, I give up!"
> 
> SMCCC_RET_NOT_SUPPORTED might as well mean "workaround required, except
> calling this function may not work because it isn't implemented in some
> cases". Wonderful. We map this SMC call to
> 
>  0 is SPECTRE_MITIGATED
>  1 is SPECTRE_UNAFFECTED
>  SMCCC_RET_NOT_SUPPORTED is SPECTRE_VULNERABLE
> 
> For KVM hypercalls (hvc), we've implemented this function id to return
> SMCCC_RET_NOT_SUPPORTED, 0, and SMCCC_RET_NOT_REQUIRED. One of those
> isn't supposed to be there. Per the code we call
> arm64_get_spectre_v2_state() to figure out what to return for this
> feature discovery call.
> 
>  0 is SPECTRE_MITIGATED
>  SMCCC_RET_NOT_REQUIRED is SPECTRE_UNAFFECTED
>  SMCCC_RET_NOT_SUPPORTED is SPECTRE_VULNERABLE
> 
> Let's clean this up so that KVM tells the guest this mapping:
> 
>  0 is SPECTRE_MITIGATED
>  1 is SPECTRE_UNAFFECTED
>  SMCCC_RET_NOT_SUPPORTED is SPECTRE_VULNERABLE
> 
> (Note: Moving SMCCC_RET_NOT_AFFECTED to a header is left out of this
> patch as it would need to move from proton-pack.c which isn't in stable
> trees and the name isn't actually part of the SMCCC spec)

Given that -rc1 is just round the corner, let's pick this up for -rc2 and
stick the #define into asm/spectre.h at the same time. The #define is called
'SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED' to make it clear that it's specific
to the "ARCH_WORKAROUND" bits.

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ