From patchwork Mon Oct 26 16:21:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bertrand Marquis X-Patchwork-Id: 11857749 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7A0A661C for ; Mon, 26 Oct 2020 16:23:00 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4EA5422284 for ; Mon, 26 Oct 2020 16:23:00 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4EA5422284 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.12430.32366 (Exim 4.92) (envelope-from ) id 1kX5GH-00062f-P0; Mon, 26 Oct 2020 16:22:21 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 12430.32366; Mon, 26 Oct 2020 16:22:21 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GH-00062Y-M0; Mon, 26 Oct 2020 16:22:21 +0000 Received: by outflank-mailman (input) for mailman id 12430; Mon, 26 Oct 2020 16:22:19 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GF-00062L-PW for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:19 +0000 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id 99e5f00d-760e-4ee2-b636-b0d79a51e480; Mon, 26 Oct 2020 16:22:18 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8E33C1042; Mon, 26 Oct 2020 09:22:18 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id DE9023F719; Mon, 26 Oct 2020 09:22:17 -0700 (PDT) Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GF-00062L-PW for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:19 +0000 X-Inumbo-ID: 99e5f00d-760e-4ee2-b636-b0d79a51e480 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id 99e5f00d-760e-4ee2-b636-b0d79a51e480; Mon, 26 Oct 2020 16:22:18 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8E33C1042; Mon, 26 Oct 2020 09:22:18 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id DE9023F719; Mon, 26 Oct 2020 09:22:17 -0700 (PDT) From: Bertrand Marquis To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk Subject: [PATCH v2 1/3] xen/arm: use printk_once for errata warning prints Date: Mon, 26 Oct 2020 16:21:31 +0000 Message-Id: X-Mailer: git-send-email 2.17.1 In-Reply-To: References: Replace usage of warning_add by printk_once with a **** prefix and suffix for errata related warnings. This prevents the need for the assert which is not secure enough to protect this print against wrong usage. Signed-off-by: Bertrand Marquis Reviewed-by: Stefano Stabellini --- xen/arch/arm/cpuerrata.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 0c63dfa779..0430069a84 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -157,7 +157,6 @@ extern char __smccc_workaround_1_smc_start[], __smccc_workaround_1_smc_end[]; static int enable_smccc_arch_workaround_1(void *data) { struct arm_smccc_res res; - static bool warned = false; const struct arm_cpu_capabilities *entry = data; /* @@ -182,13 +181,8 @@ static int enable_smccc_arch_workaround_1(void *data) "call ARM_SMCCC_ARCH_WORKAROUND_1"); warn: - if ( !warned ) - { - ASSERT(system_state < SYS_STATE_active); - warning_add("No support for ARM_SMCCC_ARCH_WORKAROUND_1.\n" - "Please update your firmware.\n"); - warned = true; - } + printk_once("**** No support for ARM_SMCCC_ARCH_WORKAROUND_1. ****\n" + "**** Please update your firmware. ****\n"); return 0; } From patchwork Mon Oct 26 16:21:32 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bertrand Marquis X-Patchwork-Id: 11857751 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EF36E61C for ; Mon, 26 Oct 2020 16:23:35 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C670122284 for ; Mon, 26 Oct 2020 16:23:35 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C670122284 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.12431.32376 (Exim 4.92) (envelope-from ) id 1kX5GI-00063f-9I; Mon, 26 Oct 2020 16:22:22 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 12431.32376; Mon, 26 Oct 2020 16:22:22 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GI-00063N-2j; Mon, 26 Oct 2020 16:22:22 +0000 Received: by outflank-mailman (input) for mailman id 12431; Mon, 26 Oct 2020 16:22:20 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GG-00062S-R0 for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:20 +0000 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTP id 66440a05-ce01-4d1f-b9fd-bf81bda01c1e; Mon, 26 Oct 2020 16:22:20 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DD4311042; Mon, 26 Oct 2020 09:22:19 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C2C2F3F719; Mon, 26 Oct 2020 09:22:18 -0700 (PDT) Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GG-00062S-R0 for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:20 +0000 X-Inumbo-ID: 66440a05-ce01-4d1f-b9fd-bf81bda01c1e Received: from foss.arm.com (unknown [217.140.110.172]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTP id 66440a05-ce01-4d1f-b9fd-bf81bda01c1e; Mon, 26 Oct 2020 16:22:20 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DD4311042; Mon, 26 Oct 2020 09:22:19 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id C2C2F3F719; Mon, 26 Oct 2020 09:22:18 -0700 (PDT) From: Bertrand Marquis To: xen-devel@lists.xenproject.org Cc: Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu Subject: [PATCH v2 2/3] xen: Add an unsecure Taint type Date: Mon, 26 Oct 2020 16:21:32 +0000 Message-Id: X-Mailer: git-send-email 2.17.1 In-Reply-To: References: In-Reply-To: References: Define a new Unsecure taint type to be used to signal a system tainted due to an unsecure configuration or hardware feature/errata. Signed-off-by: Bertrand Marquis Reviewed-by: Stefano Stabellini --- xen/common/kernel.c | 4 +++- xen/include/xen/lib.h | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/xen/common/kernel.c b/xen/common/kernel.c index c3a943f077..7a345ae45e 100644 --- a/xen/common/kernel.c +++ b/xen/common/kernel.c @@ -326,6 +326,7 @@ unsigned int tainted; * 'E' - An error (e.g. a machine check exceptions) has been injected. * 'H' - HVM forced emulation prefix is permitted. * 'M' - Machine had a machine check experience. + * 'U' - Platform is unsecure (usually due to an errata on the platform). * * The string is overwritten by the next call to print_taint(). */ @@ -333,7 +334,8 @@ char *print_tainted(char *str) { if ( tainted ) { - snprintf(str, TAINT_STRING_MAX_LEN, "Tainted: %c%c%c%c", + snprintf(str, TAINT_STRING_MAX_LEN, "Tainted: %c%c%c%c%c", + tainted & TAINT_MACHINE_UNSECURE ? 'U' : ' ', tainted & TAINT_MACHINE_CHECK ? 'M' : ' ', tainted & TAINT_SYNC_CONSOLE ? 'C' : ' ', tainted & TAINT_ERROR_INJECT ? 'E' : ' ', diff --git a/xen/include/xen/lib.h b/xen/include/xen/lib.h index 1983bd6b86..a9679c913d 100644 --- a/xen/include/xen/lib.h +++ b/xen/include/xen/lib.h @@ -193,6 +193,7 @@ uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c); #define TAINT_MACHINE_CHECK (1u << 1) #define TAINT_ERROR_INJECT (1u << 2) #define TAINT_HVM_FEP (1u << 3) +#define TAINT_MACHINE_UNSECURE (1u << 4) extern unsigned int tainted; #define TAINT_STRING_MAX_LEN 20 extern char *print_tainted(char *str); From patchwork Mon Oct 26 16:21:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bertrand Marquis X-Patchwork-Id: 11857747 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8F30B139F for ; Mon, 26 Oct 2020 16:22:51 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 67B502074B for ; Mon, 26 Oct 2020 16:22:51 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 67B502074B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.12432.32389 (Exim 4.92) (envelope-from ) id 1kX5GM-00067e-Gh; Mon, 26 Oct 2020 16:22:26 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 12432.32389; Mon, 26 Oct 2020 16:22:26 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GM-00067V-DK; Mon, 26 Oct 2020 16:22:26 +0000 Received: by outflank-mailman (input) for mailman id 12432; Mon, 26 Oct 2020 16:22:24 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GK-00062L-OP for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:24 +0000 Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id c1702353-f4d9-4f28-b0c4-315701b71e1f; Mon, 26 Oct 2020 16:22:21 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 52B34106F; Mon, 26 Oct 2020 09:22:21 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1DFC23F719; Mon, 26 Oct 2020 09:22:20 -0700 (PDT) Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kX5GK-00062L-OP for xen-devel@lists.xenproject.org; Mon, 26 Oct 2020 16:22:24 +0000 X-Inumbo-ID: c1702353-f4d9-4f28-b0c4-315701b71e1f Received: from foss.arm.com (unknown [217.140.110.172]) by us1-rack-iad1.inumbo.com (Halon) with ESMTP id c1702353-f4d9-4f28-b0c4-315701b71e1f; Mon, 26 Oct 2020 16:22:21 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 52B34106F; Mon, 26 Oct 2020 09:22:21 -0700 (PDT) Received: from e109506-lin.cambridge.arm.com (e109506-lin.cambridge.arm.com [10.1.198.23]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1DFC23F719; Mon, 26 Oct 2020 09:22:20 -0700 (PDT) From: Bertrand Marquis To: xen-devel@lists.xenproject.org Cc: Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu , Volodymyr Babchuk Subject: [PATCH v2 3/3] xen/arm: Warn user on cpu errata 832075 Date: Mon, 26 Oct 2020 16:21:33 +0000 Message-Id: <4d62bc0844576b80e00ea48e318be238a4d73eae.1603728729.git.bertrand.marquis@arm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: In-Reply-To: References: When a Cortex A57 processor is affected by CPU errata 832075, a guest not implementing the workaround for it could deadlock the system. Add a warning during boot informing the user that only trusted guests should be executed on the system. An equivalent warning is already given to the user by KVM on cores affected by this errata. Also taint the hypervisor as unsecure when this errata applies and mention Cortex A57 r0p0 - r1p2 as not security supported in SUPPORT.md Signed-off-by: Bertrand Marquis Reviewed-by: Julien Grall --- SUPPORT.md | 1 + xen/arch/arm/cpuerrata.c | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/SUPPORT.md b/SUPPORT.md index 5fbe5fc444..f7a3b046b0 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -38,6 +38,7 @@ supported in this document. ### ARM v8 Status: Supported + Status, Cortex A57 r0p0 - r1p2, not security supported (Errata 832075) ## Host hardware support diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c index 0430069a84..b35e8cd0b9 100644 --- a/xen/arch/arm/cpuerrata.c +++ b/xen/arch/arm/cpuerrata.c @@ -503,6 +503,19 @@ void check_local_cpu_errata(void) void __init enable_errata_workarounds(void) { enable_cpu_capabilities(arm_errata); + +#ifdef CONFIG_ARM64_ERRATUM_832075 + if ( cpus_have_cap(ARM64_WORKAROUND_DEVICE_LOAD_ACQUIRE) ) + { + printk_once("**** This CPU is affected by the errata 832075. ****\n" + "**** Guests without CPU erratum workarounds ****\n" + "**** can deadlock the system! ****\n" + "**** Only trusted guests should be used. ****\n"); + + /* Taint the machine has being insecure */ + add_taint(TAINT_MACHINE_UNSECURE); + } +#endif } static int cpu_errata_callback(struct notifier_block *nfb,