From patchwork Mon Feb 5 16:21:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thadeu Lima de Souza Cascardo X-Patchwork-Id: 869407 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 3zZtCB5LdRz9ryr; Tue, 6 Feb 2018 03:21:58 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1eijWh-000570-7U; Mon, 05 Feb 2018 16:21:51 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1eijWf-00056Z-59 for kernel-team@lists.ubuntu.com; Mon, 05 Feb 2018 16:21:49 +0000 Received: from 1.general.cascardo.us.vpn ([10.172.70.58] helo=calabresa) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1eijWe-0004xs-Ff for kernel-team@lists.ubuntu.com; Mon, 05 Feb 2018 16:21:48 +0000 Date: Mon, 5 Feb 2018 14:21:44 -0200 From: Thadeu Lima de Souza Cascardo To: kernel-team@lists.ubuntu.com Subject: [PULL][SRU Artful] CVE-2017-5754 ARM64 KPTI fixes Message-ID: <20180205162143.h47egal5owyseoll@calabresa> MIME-Version: 1.0 Content-Disposition: inline User-Agent: NeoMutt/20170609 (1.8.3) X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" The following changes since commit b9f7706e18abb6276a87776e15596fa898cbafa4: x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP (2018-02-02 17:14:07 +0100) are available in the git repository at: git://git.launchpad.net/~cascardo/ubuntu/+source/linux/+git/artful arm64_kpti for you to fetch changes up to ab5d689609038d806079b54d8c2d7b2606e16a26: UBUNTU: [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y (2018-02-05 14:18:04 -0200) ---------------------------------------------------------------- Ard Biesheuvel (5): arm64: unwind: disregard frame.sp when validating frame pointer arm64: unwind: reference pt_regs via embedded stack frame arm64: unwind: remove sp from struct stackframe arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP arm64: assembler: allow adr_this_cpu to use the stack pointer Arnd Bergmann (1): arm64: fix pmem interface definition Arvind Yadav (1): KVM: arm/arm64: vgic: constify seq_operations and file_operations Catalin Marinas (7): arm64: Convert pte handling from inline asm to using (cmp)xchg kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() arm64: Move PTE_RDONLY bit handling out of set_pte_at() arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths arm64: Implement arch-specific pte_access_permitted() arm64: kpti: Fix the interaction between ASID switching and software PAN Christoffer Dall (2): KVM: arm/arm64: Extract GICv3 max APRn index calculation KVM: arm/arm64: Support uaccess of GICC_APRn Daniel Borkmann (2): bpf: inline map in map lookup functions for array and htab bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations Dave Martin (4): arm64: syscallno is secretly an int, make it official arm64: Abstract syscallno manipulation arm64: asm-bug: Renumber macro local labels to avoid clashes arm64: KVM: Hide unsupported AArch64 CPU features from guests Dmitry Safonov (1): arm64/vdso: Support mremap() for vDSO James Morse (9): KVM: arm/arm64: Fix guest external abort matching arm64: explicitly mask all exceptions arm64: introduce an order for exceptions arm64: Move the async/fiq helpers to explicitly set process context flags arm64: Mask all exceptions during kernel_exit arm64: entry.S: Remove disable_dbg arm64: entry.S: convert el1_sync arm64: entry.S convert el0_sync arm64: entry.S: convert elX_irq Jayachandran C (3): arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs arm64: Branch predictor hardening for Cavium ThunderX2 UBUNTU: SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2 Jinbum Park (1): arm64: pgd: Mark pgd_cache as __ro_after_init Julien Thierry (3): arm64: Update fault_info table with new exception types arm64: Use existing defines for mdscr arm64: Fix single stepping in kernel traps Kevin Brodsky (1): arm64: compat: Remove leftover variable declaration Marc Zyngier (10): KVM: arm/arm64: vITS: Drop its_ite->lpi field arm64: Move post_ttbr_update_workaround to C code arm64: KVM: Use per-CPU vector when BP hardening is enabled arm64: KVM: Make PSCI_VERSION a fast path UBUNTU: SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 UBUNTU: SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on Cortex A8, A9, A12 and A17 UBUNTU: SAUCE: arm: KVM: Invalidate BTB on guest exit UBUNTU: SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15 UBUNTU: SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on Cortex-A15 UBUNTU: SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15 Mark Rutland (21): arm64: Add ASM_BUG() arm64: consistently use bl for C exception entry arm64: move non-entry code out of .entry.text arm64: unwind: avoid percpu indirection for irq stack fork: allow arch-override of VMAP stack alignment arm64: factor out PAGE_* and CONT_* definitions arm64: clean up THREAD_* definitions arm64: clean up irq stack definitions arm64: move SEGMENT_ALIGN to efi/arm64: add EFI_KIMG_ALIGN arm64: factor out entry stack manipulation arm64: use an irq stack pointer arm64: add basic VMAP_STACK support arm64: add on_accessible_stack() arm64: add VMAP_STACK overflow detection arm64: Use larger stacks when KASAN is selected UBUNTU: SAUCE: asm-generic/barrier: add generic nospec helpers UBUNTU: SAUCE: Documentation: document nospec helpers UBUNTU: SAUCE: arm64: implement nospec_{load,ptr}() UBUNTU: SAUCE: arm: implement nospec_ptr() UBUNTU: SAUCE: bpf: inhibit speculated out-of-bounds pointers Paolo Pisati (1): UBUNTU: [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y Robin Murphy (7): arm64: mm: Fix set_memory_valid() declaration arm64: Convert __inval_cache_range() to area-based arm64: Expose DC CVAP to userspace arm64: Handle trapped DC CVAP arm64: Implement pmem API support arm64: uaccess: Implement *_flushcache variants arm64: uaccess: Add the uaccess_flushcache.c file Shanker Donthineni (3): arm64: Define cputype macros for Falkor CPU arm64: Implement branch predictor hardening for Falkor UBUNTU: SAUCE: arm64: Implement branch predictor hardening for Falkor Suzuki K Poulose (3): arm64: Expose support for optional ARMv8-A features arm64: Fix the feature type for ID register fields arm64: capabilities: Handle duplicate entries for a capability Will Deacon (32): arm64: sysreg: Move SPE registers and PSB into common header files arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE arm64: context: Fix comments and remove pointless smp_wmb() arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb arm64: mm: Use non-global mappings for kernel space arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN arm64: mm: Move ASID from TTBR0 to TTBR1 arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 arm64: mm: Rename post_ttbr0_update_workaround arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN arm64: mm: Allocate ASIDs in pairs arm64: mm: Add arm64_kernel_unmapped_at_el0 helper arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI arm64: entry: Add exception trampoline page for exceptions from EL0 arm64: mm: Map entry trampoline into trampoline and kernel page tables arm64: entry: Explicitly pass exception level to kernel_ventry macro arm64: entry: Hook up entry trampoline to exception vectors arm64: erratum: Work around Falkor erratum #E1003 in trampoline code arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR arm64: kaslr: Put kernel vectors address in separate data page arm64: use RET instruction for exiting the trampoline arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry arm64: Take into account ID_AA64PFR0_EL1.CSV3 arm64: cpufeature: Pass capability structure to ->enable callback drivers/firmware: Expose psci_get_version through psci_ops structure arm64: Add skeleton to harden the branch predictor against aliasing attacks arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 arm64: Implement branch predictor hardening for affected Cortex-A CPUs Xie XiuQi (1): arm64: entry.S: move SError handling into a C function for future expansion Yonghong Song (1): bpf: perf event change needed for subsequent bpf helpers Yury Norov (4): arm64: introduce separated bits for mm_context_t flags arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro arm64: move TASK_* definitions to arm64: cpu_ops: Add missing 'const' qualifiers Documentation/arm64/cpu-feature-registers.txt | 14 +- Documentation/speculation.txt | 99 +++++ Documentation/virtual/kvm/devices/arm-vgic.txt | 5 + arch/arm/include/asm/barrier.h | 75 ++++ arch/arm/include/asm/cp15.h | 3 + arch/arm/include/asm/kvm_arm.h | 1 - arch/arm/include/asm/kvm_asm.h | 2 - arch/arm/include/asm/kvm_emulate.h | 24 +- arch/arm/include/asm/kvm_mmu.h | 25 ++ arch/arm/kvm/hyp/hyp-entry.S | 89 ++++- arch/arm/mm/fault.c | 29 ++ arch/arm/mm/fsr-2level.c | 4 +- arch/arm/mm/fsr-3level.c | 67 +++- arch/arm/mm/proc-v7-2level.S | 14 +- arch/arm/mm/proc-v7-3level.S | 22 + arch/arm/mm/proc-v7.S | 48 ++- arch/arm64/Kconfig | 59 ++- arch/arm64/include/asm/asm-bug.h | 54 +++ arch/arm64/include/asm/asm-uaccess.h | 36 +- arch/arm64/include/asm/assembler.h | 112 +++--- arch/arm64/include/asm/barrier.h | 63 +++ arch/arm64/include/asm/bug.h | 35 +- arch/arm64/include/asm/cacheflush.h | 4 +- arch/arm64/include/asm/cpucaps.h | 6 +- arch/arm64/include/asm/cputype.h | 9 + arch/arm64/include/asm/daifflags.h | 72 ++++ arch/arm64/include/asm/efi.h | 24 +- arch/arm64/include/asm/elf.h | 2 - arch/arm64/include/asm/esr.h | 3 +- arch/arm64/include/asm/fixmap.h | 5 + arch/arm64/include/asm/irq.h | 42 -- arch/arm64/include/asm/irqflags.h | 40 +- arch/arm64/include/asm/kernel-pgtable.h | 12 +- arch/arm64/include/asm/kvm_asm.h | 2 + arch/arm64/include/asm/kvm_emulate.h | 24 +- arch/arm64/include/asm/kvm_mmu.h | 59 ++- arch/arm64/include/asm/memory.h | 75 +++- arch/arm64/include/asm/mmu.h | 50 +++ arch/arm64/include/asm/mmu_context.h | 56 +-- arch/arm64/include/asm/page-def.h | 34 ++ arch/arm64/include/asm/page.h | 12 +- arch/arm64/include/asm/pgtable-hwdef.h | 1 + arch/arm64/include/asm/pgtable-prot.h | 37 +- arch/arm64/include/asm/pgtable.h | 118 +++--- arch/arm64/include/asm/proc-fns.h | 6 - arch/arm64/include/asm/processor.h | 25 +- arch/arm64/include/asm/ptrace.h | 31 +- arch/arm64/include/asm/signal32.h | 2 - arch/arm64/include/asm/stacktrace.h | 61 ++- arch/arm64/include/asm/string.h | 4 + arch/arm64/include/asm/sysreg.h | 103 +++++ arch/arm64/include/asm/thread_info.h | 13 +- arch/arm64/include/asm/tlbflush.h | 16 +- arch/arm64/include/asm/traps.h | 11 + arch/arm64/include/asm/uaccess.h | 38 +- arch/arm64/include/uapi/asm/hwcap.h | 6 + arch/arm64/kernel/Makefile | 4 + arch/arm64/kernel/armv8_deprecated.c | 8 +- arch/arm64/kernel/asm-offsets.c | 7 +- arch/arm64/kernel/bpi.S | 87 ++++ arch/arm64/kernel/cpu_errata.c | 199 +++++++++ arch/arm64/kernel/cpu_ops.c | 6 +- arch/arm64/kernel/cpufeature.c | 212 ++++++---- arch/arm64/kernel/cpuinfo.c | 6 + arch/arm64/kernel/debug-monitors.c | 5 +- arch/arm64/kernel/entry.S | 532 ++++++++++++++++++------- arch/arm64/kernel/head.S | 39 +- arch/arm64/kernel/hibernate.c | 9 +- arch/arm64/kernel/irq.c | 40 +- arch/arm64/kernel/machine_kexec.c | 4 +- arch/arm64/kernel/perf_callchain.c | 1 - arch/arm64/kernel/probes/uprobes.c | 2 +- arch/arm64/kernel/process.c | 25 +- arch/arm64/kernel/ptrace.c | 5 +- arch/arm64/kernel/return_address.c | 1 - arch/arm64/kernel/setup.c | 8 +- arch/arm64/kernel/signal.c | 18 +- arch/arm64/kernel/signal32.c | 2 +- arch/arm64/kernel/smp.c | 14 +- arch/arm64/kernel/stacktrace.c | 60 +-- arch/arm64/kernel/suspend.c | 7 +- arch/arm64/kernel/time.c | 1 - arch/arm64/kernel/traps.c | 114 ++++-- arch/arm64/kernel/vdso.c | 15 + arch/arm64/kernel/vmlinux.lds.S | 40 +- arch/arm64/kvm/hyp/debug-sr.c | 24 +- arch/arm64/kvm/hyp/entry.S | 12 + arch/arm64/kvm/hyp/s2-setup.c | 2 +- arch/arm64/kvm/hyp/switch.c | 31 +- arch/arm64/kvm/sys_regs.c | 282 ++++++++++--- arch/arm64/kvm/vgic-sys-reg-v3.c | 23 +- arch/arm64/lib/Makefile | 2 + arch/arm64/lib/clear_user.S | 4 +- arch/arm64/lib/copy_from_user.S | 4 +- arch/arm64/lib/copy_in_user.S | 4 +- arch/arm64/lib/copy_to_user.S | 4 +- arch/arm64/lib/uaccess_flushcache.c | 47 +++ arch/arm64/mm/cache.S | 41 +- arch/arm64/mm/context.c | 70 ++-- arch/arm64/mm/fault.c | 58 +-- arch/arm64/mm/flush.c | 16 + arch/arm64/mm/mmu.c | 31 ++ arch/arm64/mm/pgd.c | 2 +- arch/arm64/mm/proc.S | 25 +- arch/arm64/xen/hypercall.S | 4 +- debian.master/config/arm64/config.common.arm64 | 2 +- debian.master/config/config.common.ubuntu | 4 + drivers/firmware/efi/libstub/arm64-stub.c | 6 +- drivers/firmware/psci.c | 2 + include/asm-generic/barrier.h | 76 ++++ include/linux/perf_event.h | 7 +- include/linux/psci.h | 1 + include/linux/thread_info.h | 4 + kernel/bpf/arraymap.c | 45 ++- kernel/bpf/hashtab.c | 21 +- kernel/events/core.c | 15 +- kernel/fork.c | 3 +- kernel/trace/bpf_trace.c | 2 +- virt/kvm/arm/arm.c | 8 +- virt/kvm/arm/mmu.c | 40 +- virt/kvm/arm/vgic/vgic-debug.c | 4 +- virt/kvm/arm/vgic/vgic-its.c | 10 +- virt/kvm/arm/vgic/vgic-mmio-v2.c | 47 ++- virt/kvm/arm/vgic/vgic.h | 16 + 124 files changed, 3336 insertions(+), 1017 deletions(-) create mode 100644 Documentation/speculation.txt create mode 100644 arch/arm64/include/asm/asm-bug.h create mode 100644 arch/arm64/include/asm/daifflags.h create mode 100644 arch/arm64/include/asm/page-def.h create mode 100644 arch/arm64/kernel/bpi.S create mode 100644 arch/arm64/lib/uaccess_flushcache.c Acked-by: Kleber Sacilotto de Souza