xref: /OK3568_Linux_fs/kernel/arch/arm64/include/asm/spectre.h (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0-only */
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun  * Interface for managing mitigations for Spectre vulnerabilities.
4*4882a593Smuzhiyun  *
5*4882a593Smuzhiyun  * Copyright (C) 2020 Google LLC
6*4882a593Smuzhiyun  * Author: Will Deacon <will@kernel.org>
7*4882a593Smuzhiyun  */
8*4882a593Smuzhiyun 
9*4882a593Smuzhiyun #ifndef __ASM_SPECTRE_H
10*4882a593Smuzhiyun #define __ASM_SPECTRE_H
11*4882a593Smuzhiyun 
12*4882a593Smuzhiyun #define BP_HARDEN_EL2_SLOTS 4
13*4882a593Smuzhiyun #define __BP_HARDEN_HYP_VECS_SZ	((BP_HARDEN_EL2_SLOTS - 1) * SZ_2K)
14*4882a593Smuzhiyun 
15*4882a593Smuzhiyun #ifndef __ASSEMBLY__
16*4882a593Smuzhiyun 
17*4882a593Smuzhiyun #include <linux/percpu.h>
18*4882a593Smuzhiyun 
19*4882a593Smuzhiyun #include <asm/cpufeature.h>
20*4882a593Smuzhiyun #include <asm/virt.h>
21*4882a593Smuzhiyun 
22*4882a593Smuzhiyun /* Watch out, ordering is important here. */
23*4882a593Smuzhiyun enum mitigation_state {
24*4882a593Smuzhiyun 	SPECTRE_UNAFFECTED,
25*4882a593Smuzhiyun 	SPECTRE_MITIGATED,
26*4882a593Smuzhiyun 	SPECTRE_VULNERABLE,
27*4882a593Smuzhiyun };
28*4882a593Smuzhiyun 
29*4882a593Smuzhiyun struct task_struct;
30*4882a593Smuzhiyun 
31*4882a593Smuzhiyun /*
32*4882a593Smuzhiyun  * Note: the order of this enum corresponds to __bp_harden_hyp_vecs and
33*4882a593Smuzhiyun  * we rely on having the direct vectors first.
34*4882a593Smuzhiyun  */
35*4882a593Smuzhiyun enum arm64_hyp_spectre_vector {
36*4882a593Smuzhiyun 	/*
37*4882a593Smuzhiyun 	 * Take exceptions directly to __kvm_hyp_vector. This must be
38*4882a593Smuzhiyun 	 * 0 so that it used by default when mitigations are not needed.
39*4882a593Smuzhiyun 	 */
40*4882a593Smuzhiyun 	HYP_VECTOR_DIRECT,
41*4882a593Smuzhiyun 
42*4882a593Smuzhiyun 	/*
43*4882a593Smuzhiyun 	 * Bounce via a slot in the hypervisor text mapping of
44*4882a593Smuzhiyun 	 * __bp_harden_hyp_vecs, which contains an SMC call.
45*4882a593Smuzhiyun 	 */
46*4882a593Smuzhiyun 	HYP_VECTOR_SPECTRE_DIRECT,
47*4882a593Smuzhiyun 
48*4882a593Smuzhiyun 	/*
49*4882a593Smuzhiyun 	 * Bounce via a slot in a special mapping of __bp_harden_hyp_vecs
50*4882a593Smuzhiyun 	 * next to the idmap page.
51*4882a593Smuzhiyun 	 */
52*4882a593Smuzhiyun 	HYP_VECTOR_INDIRECT,
53*4882a593Smuzhiyun 
54*4882a593Smuzhiyun 	/*
55*4882a593Smuzhiyun 	 * Bounce via a slot in a special mapping of __bp_harden_hyp_vecs
56*4882a593Smuzhiyun 	 * next to the idmap page, which contains an SMC call.
57*4882a593Smuzhiyun 	 */
58*4882a593Smuzhiyun 	HYP_VECTOR_SPECTRE_INDIRECT,
59*4882a593Smuzhiyun };
60*4882a593Smuzhiyun 
61*4882a593Smuzhiyun typedef void (*bp_hardening_cb_t)(void);
62*4882a593Smuzhiyun 
63*4882a593Smuzhiyun struct bp_hardening_data {
64*4882a593Smuzhiyun 	enum arm64_hyp_spectre_vector	slot;
65*4882a593Smuzhiyun 	bp_hardening_cb_t		fn;
66*4882a593Smuzhiyun };
67*4882a593Smuzhiyun 
68*4882a593Smuzhiyun DECLARE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);
69*4882a593Smuzhiyun 
70*4882a593Smuzhiyun /* Called during entry so must be __always_inline */
arm64_apply_bp_hardening(void)71*4882a593Smuzhiyun static __always_inline void arm64_apply_bp_hardening(void)
72*4882a593Smuzhiyun {
73*4882a593Smuzhiyun 	struct bp_hardening_data *d;
74*4882a593Smuzhiyun 
75*4882a593Smuzhiyun 	if (!cpus_have_const_cap(ARM64_SPECTRE_V2))
76*4882a593Smuzhiyun 		return;
77*4882a593Smuzhiyun 
78*4882a593Smuzhiyun 	d = this_cpu_ptr(&bp_hardening_data);
79*4882a593Smuzhiyun 	if (d->fn)
80*4882a593Smuzhiyun 		d->fn();
81*4882a593Smuzhiyun }
82*4882a593Smuzhiyun 
83*4882a593Smuzhiyun enum mitigation_state arm64_get_spectre_v2_state(void);
84*4882a593Smuzhiyun bool has_spectre_v2(const struct arm64_cpu_capabilities *cap, int scope);
85*4882a593Smuzhiyun void spectre_v2_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
86*4882a593Smuzhiyun 
87*4882a593Smuzhiyun bool has_spectre_v3a(const struct arm64_cpu_capabilities *cap, int scope);
88*4882a593Smuzhiyun void spectre_v3a_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
89*4882a593Smuzhiyun 
90*4882a593Smuzhiyun enum mitigation_state arm64_get_spectre_v4_state(void);
91*4882a593Smuzhiyun bool has_spectre_v4(const struct arm64_cpu_capabilities *cap, int scope);
92*4882a593Smuzhiyun void spectre_v4_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
93*4882a593Smuzhiyun void spectre_v4_enable_task_mitigation(struct task_struct *tsk);
94*4882a593Smuzhiyun 
95*4882a593Smuzhiyun enum mitigation_state arm64_get_meltdown_state(void);
96*4882a593Smuzhiyun enum mitigation_state arm64_get_spectre_bhb_state(void);
97*4882a593Smuzhiyun bool is_spectre_bhb_affected(const struct arm64_cpu_capabilities *entry, int scope);
98*4882a593Smuzhiyun u8 spectre_bhb_loop_affected(int scope);
99*4882a593Smuzhiyun void spectre_bhb_enable_mitigation(const struct arm64_cpu_capabilities *__unused);
100*4882a593Smuzhiyun #endif	/* __ASSEMBLY__ */
101*4882a593Smuzhiyun #endif	/* __ASM_SPECTRE_H */
102