[PATCH 0/3] arm64: proton-pack: Add Spectre-BSE mitigation for Cortex-A7{2,3,5}
James Morse
james.morse at arm.com
Wed Jan 22 09:47:33 PST 2025
Hello!
Spectre-BSE is a variant of Spectre-BHB that abuses a power-saving mode
on some older cores to dodge the BHB mitigation applied to the branch predictor.
Only A72r0 actually needs anything doing - this is basically a bug in the
published BHB mitigation sequence that was published for A72r0. This
series moves A72r0 to use the WA1 firmware call for mitigation, and adds
the necessary reporting parts for user-space to discover which parts of
BHB/BSE are mitigated or vulnerable.
WA1 is used instead of WA3 which was new for BHB because we can't rely
on hypervisors not to use the 'local' workaround, and for Spectre-BSE
we don't need to worry about discovery via. (Which is why WA3 exists -
for cores not vulnerable to the issue mititaged by WA1).
Arm's description of this vulnerability can be found here:
https://developer.arm.com/Arm%20Security%20Center/Spectre-BSE
This series is based on arm64/for-next/core, and can be retrieved from:
https://git.kernel.org/pub/scm/linux/kernel/git/morse/linux.git/log/?h=spectre_bse/v1
Backports of this version can also be found under spectre_bse/backports
of the above repo.
Because this vulnerability is hard to expoit, but the cost of mitigating
it is high - the mitigation is disabled by default. (see the last
patch). To enable the mitigation, a command-line argument is needed:
'spectre_bse'.
This series adds more things to the vulnerability reporting file:
| morse at adam:~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
| Mitigation: CSV2, BHB, but not BSE
or:
| Mitigation: CSV2, BHB, BSE
(KVM maintainers are on CC as this changes which mitigation KVM enables,
and there is some hypervisor reasoning in the last patch)
Thanks,
James Morse (3):
arm64: proton-pack: Move the loop and firmware enable sequences into
helpers
arm64: proton-pack: Add Spectre-BSE mitigation for Cortex-A7{2,3,5}
arm64: proton-pack: Prefer WA1 for BHB on Cortex-A72 r0pX
arch/arm64/include/asm/assembler.h | 4 +-
arch/arm64/include/asm/spectre.h | 1 +
arch/arm64/kernel/proton-pack.c | 230 +++++++++++++++++++++++------
3 files changed, 191 insertions(+), 44 deletions(-)
--
2.39.2
More information about the linux-arm-kernel
mailing list