| Message ID | 20241209094310.2.Ia3dfc0afadbfbee81bb2efb0672262470973dd08@changeid (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | arm64: errata: Add Qualcomm CPUs to the Spectre mitigation lists | expand |
On Mon, Dec 09, 2024 at 09:43:12AM -0800, Douglas Anderson wrote: > Qualcomm Kryo 200-series Gold cores appear to have a derivative of an > ARM Cortex A73 in them. Since A73 needs Spectre mitigation then the > Kyro 200-series Gold cores also should need Spectre mitigation. > > Signed-off-by: Douglas Anderson <dianders@chromium.org> > --- > I don't really have any good way to test this patch but it seems > likely it's needed. If nothing else the claim is that that Qualcomm > Kyro 280 CPU is vulnerable [1] but I don't see any mitigations in the > kernel for it. > > NOTE: presumably this patch won't actually do much on its own because > (I believe) it requires a firmware update to go with it. Why? is_spectre_bhb_fw_affected() returns true if (cpu in list OR fw mitigated) > > [1] https://spectreattack.com/spectre.pdf > > arch/arm64/kernel/proton-pack.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/arm64/kernel/proton-pack.c b/arch/arm64/kernel/proton-pack.c > index e149efadff20..0437be7c83bc 100644 > --- a/arch/arm64/kernel/proton-pack.c > +++ b/arch/arm64/kernel/proton-pack.c > @@ -925,6 +925,7 @@ static bool is_spectre_bhb_fw_affected(int scope) > static const struct midr_range spectre_bhb_firmware_mitigated_list[] = { > MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), > MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), > + MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_2XX_GOLD), > {}, > }; > bool cpu_in_list = is_midr_in_range_list(read_cpuid_id(), > -- > 2.47.0.338.g60cca15819-goog >
> > NOTE: presumably this patch won't actually do much on its own because > > (I believe) it requires a firmware update to go with it. > > Why? is_spectre_bhb_fw_affected() returns true if (cpu in list OR fw > mitigated) That affects reporting, but the mitigation works by making an ARM_SMCCC_ARCH_WORKAROUND_3 Secure Monitor Call to firmware, and that only works if that call is implemented in firmware. Trusted-Firmware-A is currently the only open source firmware I'm aware of that implements this call, and it only supports Kryo 4 and 6 upstream (not 2 or 3). So in order for this patch to actually be able to do anything other than report that the mitigation is missing, it would need to run on devices that either use a downstream fork of TF-A with added Kryo 2/3 support (I doubt this exists because AFAIK Kryo 4 was Qualcomm's first attempt to use TF-A) or use some other proprietary kind of Secure Monitor firmware that has this SMC and mitigation implemented separately. (It seems unlikely that Qualcomm did this in their QTEE firmware, since if they had they would have probably also added the MIDRs here to Linux to activate it.)
On Mon, Dec 09, 2024 at 03:34:59PM -0800, Julius Werner wrote: > > > NOTE: presumably this patch won't actually do much on its own because > > > (I believe) it requires a firmware update to go with it. > > > > Why? is_spectre_bhb_fw_affected() returns true if (cpu in list OR fw > > mitigated) > > That affects reporting, but the mitigation works by making an > ARM_SMCCC_ARCH_WORKAROUND_3 Secure Monitor Call to firmware, and that > only works if that call is implemented in firmware. Trusted-Firmware-A > is currently the only open source firmware I'm aware of that > implements this call, and it only supports Kryo 4 and 6 upstream (not > 2 or 3). > > So in order for this patch to actually be able to do anything other > than report that the mitigation is missing, it would need to run on > devices that either use a downstream fork of TF-A with added Kryo 2/3 > support (I doubt this exists because AFAIK Kryo 4 was Qualcomm's first > attempt to use TF-A) or use some other proprietary kind of Secure > Monitor firmware that has this SMC and mitigation implemented > separately. (It seems unlikely that Qualcomm did this in their QTEE > firmware, since if they had they would have probably also added the > MIDRs here to Linux to activate it.) Ack, thanks for the detailed explanation.
diff --git a/arch/arm64/kernel/proton-pack.c b/arch/arm64/kernel/proton-pack.c index e149efadff20..0437be7c83bc 100644 --- a/arch/arm64/kernel/proton-pack.c +++ b/arch/arm64/kernel/proton-pack.c @@ -925,6 +925,7 @@ static bool is_spectre_bhb_fw_affected(int scope) static const struct midr_range spectre_bhb_firmware_mitigated_list[] = { MIDR_ALL_VERSIONS(MIDR_CORTEX_A73), MIDR_ALL_VERSIONS(MIDR_CORTEX_A75), + MIDR_ALL_VERSIONS(MIDR_QCOM_KRYO_2XX_GOLD), {}, }; bool cpu_in_list = is_midr_in_range_list(read_cpuid_id(),
Qualcomm Kryo 200-series Gold cores appear to have a derivative of an ARM Cortex A73 in them. Since A73 needs Spectre mitigation then the Kyro 200-series Gold cores also should need Spectre mitigation. Signed-off-by: Douglas Anderson <dianders@chromium.org> --- I don't really have any good way to test this patch but it seems likely it's needed. If nothing else the claim is that that Qualcomm Kyro 280 CPU is vulnerable [1] but I don't see any mitigations in the kernel for it. NOTE: presumably this patch won't actually do much on its own because (I believe) it requires a firmware update to go with it. [1] https://spectreattack.com/spectre.pdf arch/arm64/kernel/proton-pack.c | 1 + 1 file changed, 1 insertion(+)