lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun,  4 Sep 2022 21:30:19 +0200
From:   Jeungwoo Yoo <casionwoo@...il.com>
To:     Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will@...nel.org>
Cc:     Hyeonggon Yoo <42.hyeyoo@...il.com>,
        Gwan-gyeong Mun <gwan-gyeong.mun@...el.com>,
        Sangyun Kim <sangyun.kim@....ac.kr>,
        Jeungwoo Yoo <casionwoo@...il.com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: [PATCH] arm64: Remove d-cache clean operation at preserve_boot_args().

Kernel expects only the clean operation as a booting requirement in
arm64 architecture [1], therefore, the kernel has to invalidate any
cache entries after accessing a memory in the booting time (before
enabling D-cache and MMU) not to overwrite the memory with the stale
cache entry.

Same applied in preserve_boot_args(), kernel saves boot arguments into
'boot_args' and invalidates the corresponding cache entry. However,
according to the 'dcache_inval_poc()' implementation, the cache entry
will be not only invalidated but also cleaned. That means if there is a
stale cache entry corresponding to the address of the 'boot_args', the
saved boot arguments in 'boot_args' will be overwritten by the stale
cache entry. Therefore, it uses 'dv ivac' instruction directly instead
of calling 'dcache_inval_poc()'.

The address of the 'boot_args' is aligned to the cache line size and the
size of 'boot_args' is 32 byte (8 byte * 4), therefore, a single
invalidate operation is enough to invalidate the cache line belonging to
the 'boot_args'.

Sometimes clean operation is required not to lose any contents in the
cache entry but not the target of the invalidation. However, in this
case, there is no valid cache entries at a very early booting stage and
preserve_boot_args() is not called by any other (non-primary) CPUs.
Therefore, this invalidation operation will not introduce any problems.

[1] in Documentation/arm64/booting.rst:
The address range corresponding to the loaded kernel image must be
cleaned to the PoC.

Co-developed-by: Gwan-gyeong Mun <gwan-gyeong.mun@...el.com>
Signed-off-by: Gwan-gyeong Mun <gwan-gyeong.mun@...el.com>

Co-developed-by: Sangyun Kim <sangyun.kim@....ac.kr>
Signed-off-by: Sangyun Kim <sangyun.kim@....ac.kr>

Signed-off-by: Jeungwoo Yoo <casionwoo@...il.com>
---
 arch/arm64/kernel/head.S | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index cefe6a73ee54..916227666b07 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -121,9 +121,7 @@ SYM_CODE_START_LOCAL(preserve_boot_args)
 
 	dmb	sy				// needed before dc ivac with
 						// MMU off
-
-	add	x1, x0, #0x20			// 4 x 8 bytes
-	b	dcache_inval_poc		// tail call
+	dc	ivac, x0			// Invalidate potentially stale cache line
 SYM_CODE_END(preserve_boot_args)
 
 SYM_FUNC_START_LOCAL(clear_page_tables)
-- 
2.34.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ