arm: Add icache invalidation on switch_mm for Cortex-A15
Marc Zyngier [Thu, 1 Feb 2018 11:07:36 +0000 (11:07 +0000)]
** Not yet queued for inclusion in mainline **

In order to avoid aliasing attacks against the branch predictor,
Cortex-A15 require to invalidate the BTB when switching
from one user context to another. The only way to do so on this
CPU is to perform an ICIALLU, having set ACTLR[0] to 1 from secure
mode.

Change-Id: Ib0083803d75a4399b8225193349a4b490d1776a1
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/1698398
GVS: Gerrit_Virtual_Submit
Reviewed-by: Bibek Basu <bbasu@nvidia.com>
Tested-by: Bibek Basu <bbasu@nvidia.com>

arch/arm/mm/proc-v7-2level.S
arch/arm/mm/proc-v7-3level.S
arch/arm/mm/proc-v7.S

index a0cf0dc..48db623 100644 (file)
  *
  *     It is assumed that:
  *     - we are not using split page tables
- */
+ *
+ *     Cortex-A15 requires ACTLR[0] to be set from secure in order
+ *     for the icache invalidation to also invalidate the BTB.
+  */
+ENTRY(cpu_v7_icinv_switch_mm)
+#ifdef CONFIG_MMU
+       mcr     p15, 0, r0, c7, c5, 0           @ ICIALLU
+       /* Fall through to switch_mm... */
+#endif
+
 ENTRY(cpu_v7_switch_mm)
 #ifdef CONFIG_MMU
        mov     r2, #0
@@ -61,6 +70,7 @@ ENTRY(cpu_v7_switch_mm)
 #endif
        mov     pc, lr
 ENDPROC(cpu_v7_switch_mm)
+ENDPROC(cpu_v7_icinv_switch_mm)
 
 /*
  *     cpu_v7_set_pte_ext(ptep, pte)
index e377cc4..8ba8dfd 100644 (file)
  * Set the translation table base pointer to be pgd_phys (physical address of
  * the new TTB).
  */
+ENTRY(cpu_v7_icinv_switch_mm)
+#ifdef CONFIG_MMU
+       /*
+        * Cortex-A15 requires ACTLR[0] to be set from secure in order
+        * for the icache invalidation to also invalidate the BTB.
+        */
+       mcr     p15, 0, r0, c7, c5, 0           @ ICIALLU
+       /* Fall through to switch_mm... */
+#endif
 ENTRY(cpu_v7_switch_mm)
 #ifdef CONFIG_MMU
        mmid    r2, r2                          @ get mm->context.id
@@ -64,6 +73,7 @@ ENTRY(cpu_v7_switch_mm)
 #endif
        mov     pc, lr
 ENDPROC(cpu_v7_switch_mm)
+ENDPROC(cpu_v7_icinv_switch_mm)
 
 /*
  * cpu_v7_set_pte_ext(ptep, pte)
index d1dea91..aac1d85 100644 (file)
@@ -415,6 +415,26 @@ start_restore_wpt:
 ENDPROC(cpu_v7_do_resume)
 #endif
 
+/*
+ * Cortex-A15
+ */
+       globl_equ       cpu_ca15_proc_init,     cpu_v7_proc_init
+       globl_equ       cpu_ca15_proc_fin,      cpu_v7_proc_fin
+       globl_equ       cpu_ca15_reset,         cpu_v7_reset
+       globl_equ       cpu_ca15_do_idle,       cpu_v7_do_idle
+       globl_equ       cpu_ca15_dcache_clean_area, cpu_v7_dcache_clean_area
+       globl_equ       cpu_ca15_set_pte_ext,   cpu_v7_set_pte_ext
+       globl_equ       cpu_ca15_suspend_size,  cpu_v7_suspend_size
+#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
+       globl_equ       cpu_ca15_switch_mm,     cpu_v7_icinv_switch_mm
+#else
+       globl_equ       cpu_ca15_switch_mm,     cpu_v7_switch_mm
+#endif
+#ifdef CONFIG_ARM_CPU_SUSPEND
+       globl_equ       cpu_ca15_do_suspend,    cpu_v7_do_suspend
+       globl_equ       cpu_ca15_do_resume,     cpu_v7_do_resume
+#endif
+
 #ifdef CONFIG_CPU_PJ4B
        globl_equ       cpu_pj4b_switch_mm,     cpu_v7_switch_mm
        globl_equ       cpu_pj4b_set_pte_ext,   cpu_v7_set_pte_ext
@@ -722,6 +742,7 @@ __v7_setup_stack:
 
        @ define struct processor (see <asm/proc-fns.h> and proc-macros.S)
        define_processor_functions v7, dabort=v7_early_abort, pabort=v7_pabort, suspend=1
+       define_processor_functions ca15, dabort=v7_early_abort, pabort=v7_pabort, suspend=1
 #ifdef CONFIG_CPU_PJ4B
        define_processor_functions pj4b, dabort=v7_early_abort, pabort=v7_pabort, suspend=1
 #endif
@@ -818,7 +839,7 @@ __v7_ca15mp_r3_proc_info:
 __v7_ca15mp_proc_info:
        .long   0x410fc0f0
        .long   0xff0ffff0
-       __v7_proc __v7_ca15mp_setup
+       __v7_proc __v7_ca15mp_setup, proc_fns = ca15_processor_functions
        .size   __v7_ca15mp_proc_info, . - __v7_ca15mp_proc_info
 
        /*