From patchwork Tue Mar 7 14:04:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 65529 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp2450456wrd; Tue, 7 Mar 2023 06:10:06 -0800 (PST) X-Google-Smtp-Source: AK7set/SDl9ambz+YKNAQpnew3l7lY3AZZlt0nlUL6C7+FSbaflCZD5YqP/VbWIBJwNEu8eD7QEf X-Received: by 2002:a05:6a20:8416:b0:b8:499d:7c9b with SMTP id c22-20020a056a20841600b000b8499d7c9bmr18377214pzd.51.1678198206333; Tue, 07 Mar 2023 06:10:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1678198206; cv=none; d=google.com; s=arc-20160816; b=i/Bl17/rq0Cosp6G2+eHWWWHGZvLNaqsGWDUFpkzR+tlpXvigEurYU76Fy2IP8vKni WAhJKnMCMN464V/CKg7GT1U+cB2BSCC4SZty42V8T0ziEiYhikzi8SxFOHgFjob15iZK OyLCRkNoH+jQ4qzFZKTAT6EO80TKjmzP6I6wEOnXzM5a1KNecqtBnHVdzEETrtdYQ3Ai 2Q7DSzvyP517OMko7CvThdixtkjdGf8HeFeD/gQokyMRSrceMp+N50e4nz0apUQ26hdz dA5K1HX60+x5+9HIW1sotHHKiS8TppyyRSkyUNSv5ySv1hPvzVuGT9xskDkTBgGPwBfH 8aXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BTNQN3WDVNNbkst9j8jDCA63tQRA6cYWfyI9wDQqugI=; b=xfQRSscQUGTUyHtZw8SwFhHDyxW3ymA447m7eCgobiMk8XZsOZVXwutDeKIc2abPIe g0SpBJBX53VuzJjMnEUNRO9Oo3awv1/Ot/EXwFGYPFRfdonyv2bvL7QIo1pXj/DvruSL 4caEvVUlX+rnsYcx9zAkuXfjaAfHUyQhiGmccwf8o4MLSrJ/9/CA8DkH7KsAFkYaFgdd odLSKfhRGHSDVfPBn047k15/YMA4RkXpa0maGm19QfvWwrwoomz9aH6VzH9nJtlOKJPL Ic05/p4U25Osgxd4etnTNoowLMwALPYyByLrhSSG+T/oyUhSu1hy8a7/VjQQW8/WUpBg Jjvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=mNSnk087; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x6-20020aa79566000000b005a8ac9f6462si11908866pfq.72.2023.03.07.06.09.48; Tue, 07 Mar 2023 06:10:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=mNSnk087; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231204AbjCGOIF (ORCPT + 99 others); Tue, 7 Mar 2023 09:08:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229922AbjCGOHk (ORCPT ); Tue, 7 Mar 2023 09:07:40 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 51B278ABDF for ; Tue, 7 Mar 2023 06:07:06 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 5450F61454 for ; Tue, 7 Mar 2023 14:07:05 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C32E0C4339E; Tue, 7 Mar 2023 14:07:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678198024; bh=0KQy78BFjE2XXHrdYNysZXORIwBR4S+/FhQgUDVlHf8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mNSnk087CzN67/StBZFJBuS7EwPop8FwoYrXCt8azLMwSe5R5olrcHbdDsYjs9gQo KI+mnuHO6WyqMrnGFmbID6HwJ3E4IOV5BjI11vGiiRRcSK7ZXOiPksVNWXZfZ1oo4T Uvudy8YGC6p9R1L380O8Qq1CpSs/G6Uo6Ss2lJ3bsgHjjpmPCCE6SK7vn7q8rjUWTr C4Dg+w4mSuJ0X5LP0F3adB5+ws2HXU2xjlSqBS28gdGWiyICI00EWvfFMddnlwzN6l bZdFvRnScCGYjs1JBBkDnnk4LPyrSbPlYWDbUVWw+TbFwn4s7sdUBJLv+hply095e6 KROHmesRFFxDA== From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Catalin Marinas , Will Deacon , Marc Zyngier , Mark Rutland , Ryan Roberts , Anshuman Khandual , Kees Cook Subject: [PATCH v3 11/60] arm64: kaslr: drop special case for ThunderX in kaslr_requires_kpti() Date: Tue, 7 Mar 2023 15:04:33 +0100 Message-Id: <20230307140522.2311461-12-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230307140522.2311461-1-ardb@kernel.org> References: <20230307140522.2311461-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2046; i=ardb@kernel.org; h=from:subject; bh=0KQy78BFjE2XXHrdYNysZXORIwBR4S+/FhQgUDVlHf8=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIYXdRaSuaYdKGecRnTbZ/aoPbHZMclcWbp1kdumz2eqCC 6f/e3d3lLIwiHEwyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIlsncvIcDm1TUglY9JWx6ML b385O7d3eqLEH+4/AXxxfS6Z/xa65jAydK9YMXtCR17AYvM57EpfJO3Z3cxCF/dyTLixLkU4pkG NEQA= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1759718362102465607?= X-GMAIL-MSGID: =?utf-8?q?1759718362102465607?= ThunderX is an obsolete platform that shipped without support for the EFI_RNG_PROTOCOL in its firmware. Now that we no longer misidentify small KASLR offsets as randomization being enabled, we can drop the explicit check for ThunderX as well, given that KASLR is known to be unavailable. Note that we never enable KPTI on these systems, in spite of what this function returns. However, using non-global mappings for code that is executable at EL1 is what tickles the erratum on these cores, regardless of whether KPTI is enabled or not, so non-global mappings should simply never be used here. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/cpu_errata.c | 2 +- arch/arm64/kernel/cpufeature.c | 12 ------------ 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 307faa2b4395ed9f..530bbd6a2f6331fd 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -261,7 +261,7 @@ static const struct midr_range cavium_erratum_23154_cpus[] = { #endif #ifdef CONFIG_CAVIUM_ERRATUM_27456 -const struct midr_range cavium_erratum_27456_cpus[] = { +static const struct midr_range cavium_erratum_27456_cpus[] = { /* Cavium ThunderX, T88 pass 1.x - 2.1 */ MIDR_RANGE(MIDR_THUNDERX, 0, 0, 1, 1), /* Cavium ThunderX, T81 pass 1.0 */ diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 2e3e5513977733b7..e9a138b7e3b22cc7 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1621,18 +1621,6 @@ bool kaslr_requires_kpti(void) return false; } - /* - * Systems affected by Cavium erratum 24756 are incompatible - * with KPTI. - */ - if (IS_ENABLED(CONFIG_CAVIUM_ERRATUM_27456)) { - extern const struct midr_range cavium_erratum_27456_cpus[]; - - if (is_midr_in_range_list(read_cpuid_id(), - cavium_erratum_27456_cpus)) - return false; - } - return kaslr_enabled(); }