mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-09 14:50:19 +00:00
arm64 fixes for -rc2
- Don't error in kexec_file_load if kaslr-seed is missing in device-tree - Fix incorrect argument type passed to iort_match_node_callback() - Fix IORT build failure when CONFIG_IOMMU_API=n - Fix kpti performance regression with new rodata default option - Typo fix -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAlw4mMwACgkQt6xw3ITB YzSPoAf8Ci2O+LAhPHKgbGRCPuM3TCl69zYKD0I3OHbLXOpGk0ykWvYxOPkCHipr DpilFzWXyr0bUjg8GtsUAFlfPuzSCj/UpreRIN6o0+AEHZ5t1RTqxfRaSah5V7Df mDMlvPw8qS05ieIPwz0AOrR/ZxODqWeu9GaiWRbSx2ZH9/e2YL1dnHfcZ+77CsWZ Wdb99aVT5UcLbPmAtj/0hs+o6NekjwGt70JCBytXP6lJM/Hh7SeNNjJPNnKvisag GYHg/Vn5uA37/80iLkXq5J/pu1mrDqEZO1/KfZcmQ1umnCm2CLJNKDoJc3kGLVhT wZYv8TLY0i42fJ2m03yp8v8lKf/29w== =9NUe -----END PGP SIGNATURE----- Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "Another handful of arm64 fixes here. Most of the complication comes from improving our kpti code to avoid lengthy pauses (30+ seconds) during boot when we rewrite the page tables. There are also a couple of IORT fixes that came in via Lorenzo. Summary: - Don't error in kexec_file_load if kaslr-seed is missing in device-tree - Fix incorrect argument type passed to iort_match_node_callback() - Fix IORT build failure when CONFIG_IOMMU_API=n - Fix kpti performance regression with new rodata default option - Typo fix" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: kexec_file: return successfully even if kaslr-seed doesn't exist ACPI/IORT: Fix rc_dma_get_range() arm64: kpti: Avoid rewriting early page tables when KASLR is enabled arm64: asm-prototypes: Fix fat-fingered typo in comment ACPI/IORT: Fix build when CONFIG_IOMMU_API=n
This commit is contained in:
commit
c3405d6899
@ -2,7 +2,7 @@
|
||||
#ifndef __ASM_PROTOTYPES_H
|
||||
#define __ASM_PROTOTYPES_H
|
||||
/*
|
||||
* CONFIG_MODEVERIONS requires a C declaration to generate the appropriate CRC
|
||||
* CONFIG_MODVERSIONS requires a C declaration to generate the appropriate CRC
|
||||
* for each symbol. Since commit:
|
||||
*
|
||||
* 4efca4ed05cbdfd1 ("kbuild: modversions for EXPORT_SYMBOL() for asm")
|
||||
|
@ -16,6 +16,8 @@
|
||||
#ifndef __ASM_MMU_H
|
||||
#define __ASM_MMU_H
|
||||
|
||||
#include <asm/cputype.h>
|
||||
|
||||
#define MMCF_AARCH32 0x1 /* mm context flag for AArch32 executables */
|
||||
#define USER_ASID_BIT 48
|
||||
#define USER_ASID_FLAG (UL(1) << USER_ASID_BIT)
|
||||
@ -44,6 +46,45 @@ static inline bool arm64_kernel_unmapped_at_el0(void)
|
||||
cpus_have_const_cap(ARM64_UNMAP_KERNEL_AT_EL0);
|
||||
}
|
||||
|
||||
static inline bool arm64_kernel_use_ng_mappings(void)
|
||||
{
|
||||
bool tx1_bug;
|
||||
|
||||
/* What's a kpti? Use global mappings if we don't know. */
|
||||
if (!IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0))
|
||||
return false;
|
||||
|
||||
/*
|
||||
* Note: this function is called before the CPU capabilities have
|
||||
* been configured, so our early mappings will be global. If we
|
||||
* later determine that kpti is required, then
|
||||
* kpti_install_ng_mappings() will make them non-global.
|
||||
*/
|
||||
if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE))
|
||||
return arm64_kernel_unmapped_at_el0();
|
||||
|
||||
/*
|
||||
* KASLR is enabled so we're going to be enabling kpti on non-broken
|
||||
* CPUs regardless of their susceptibility to Meltdown. Rather
|
||||
* than force everybody to go through the G -> nG dance later on,
|
||||
* just put down non-global mappings from the beginning.
|
||||
*/
|
||||
if (!IS_ENABLED(CONFIG_CAVIUM_ERRATUM_27456)) {
|
||||
tx1_bug = false;
|
||||
#ifndef MODULE
|
||||
} else if (!static_branch_likely(&arm64_const_caps_ready)) {
|
||||
extern const struct midr_range cavium_erratum_27456_cpus[];
|
||||
|
||||
tx1_bug = is_midr_in_range_list(read_cpuid_id(),
|
||||
cavium_erratum_27456_cpus);
|
||||
#endif
|
||||
} else {
|
||||
tx1_bug = __cpus_have_const_cap(ARM64_WORKAROUND_CAVIUM_27456);
|
||||
}
|
||||
|
||||
return !tx1_bug && kaslr_offset() > 0;
|
||||
}
|
||||
|
||||
typedef void (*bp_hardening_cb_t)(void);
|
||||
|
||||
struct bp_hardening_data {
|
||||
|
@ -37,8 +37,8 @@
|
||||
#define _PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)
|
||||
#define _PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)
|
||||
|
||||
#define PTE_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PTE_NG : 0)
|
||||
#define PMD_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PMD_SECT_NG : 0)
|
||||
#define PTE_MAYBE_NG (arm64_kernel_use_ng_mappings() ? PTE_NG : 0)
|
||||
#define PMD_MAYBE_NG (arm64_kernel_use_ng_mappings() ? PMD_SECT_NG : 0)
|
||||
|
||||
#define PROT_DEFAULT (_PROT_DEFAULT | PTE_MAYBE_NG)
|
||||
#define PROT_SECT_DEFAULT (_PROT_SECT_DEFAULT | PMD_MAYBE_NG)
|
||||
|
@ -553,7 +553,7 @@ static const struct midr_range arm64_repeat_tlbi_cpus[] = {
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CAVIUM_ERRATUM_27456
|
||||
static const struct midr_range cavium_erratum_27456_cpus[] = {
|
||||
const struct midr_range cavium_erratum_27456_cpus[] = {
|
||||
/* Cavium ThunderX, T88 pass 1.x - 2.1 */
|
||||
MIDR_RANGE(MIDR_THUNDERX, 0, 0, 1, 1),
|
||||
/* Cavium ThunderX, T81 pass 1.0 */
|
||||
|
@ -983,7 +983,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
|
||||
|
||||
/* Useful for KASLR robustness */
|
||||
if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
|
||||
return true;
|
||||
return kaslr_offset() > 0;
|
||||
|
||||
/* Don't force KPTI for CPUs that are not vulnerable */
|
||||
if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
|
||||
@ -1003,7 +1003,12 @@ kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused)
|
||||
static bool kpti_applied = false;
|
||||
int cpu = smp_processor_id();
|
||||
|
||||
if (kpti_applied)
|
||||
/*
|
||||
* We don't need to rewrite the page-tables if either we've done
|
||||
* it already or we have KASLR enabled and therefore have not
|
||||
* created any global mappings at all.
|
||||
*/
|
||||
if (kpti_applied || kaslr_offset() > 0)
|
||||
return;
|
||||
|
||||
remap_fn = (void *)__pa_symbol(idmap_kpti_install_ng_mappings);
|
||||
|
@ -475,6 +475,7 @@ ENDPROC(__primary_switched)
|
||||
|
||||
ENTRY(kimage_vaddr)
|
||||
.quad _text - TEXT_OFFSET
|
||||
EXPORT_SYMBOL(kimage_vaddr)
|
||||
|
||||
/*
|
||||
* If we're fortunate enough to boot at EL2, ensure that the world is
|
||||
|
@ -87,7 +87,9 @@ static int setup_dtb(struct kimage *image,
|
||||
|
||||
/* add kaslr-seed */
|
||||
ret = fdt_delprop(dtb, off, FDT_PROP_KASLR_SEED);
|
||||
if (ret && (ret != -FDT_ERR_NOTFOUND))
|
||||
if (ret == -FDT_ERR_NOTFOUND)
|
||||
ret = 0;
|
||||
else if (ret)
|
||||
goto out;
|
||||
|
||||
if (rng_is_initialized()) {
|
||||
|
@ -876,7 +876,7 @@ int iort_iommu_msi_get_resv_regions(struct device *dev, struct list_head *head)
|
||||
return (resv == its->its_count) ? resv : -ENODEV;
|
||||
}
|
||||
#else
|
||||
static inline const struct iommu_ops *iort_fwspec_iommu_ops(struct device *dev);
|
||||
static inline const struct iommu_ops *iort_fwspec_iommu_ops(struct device *dev)
|
||||
{ return NULL; }
|
||||
static inline int iort_add_device_replay(const struct iommu_ops *ops,
|
||||
struct device *dev)
|
||||
@ -952,9 +952,10 @@ static int rc_dma_get_range(struct device *dev, u64 *size)
|
||||
{
|
||||
struct acpi_iort_node *node;
|
||||
struct acpi_iort_root_complex *rc;
|
||||
struct pci_bus *pbus = to_pci_dev(dev)->bus;
|
||||
|
||||
node = iort_scan_node(ACPI_IORT_NODE_PCI_ROOT_COMPLEX,
|
||||
iort_match_node_callback, dev);
|
||||
iort_match_node_callback, &pbus->dev);
|
||||
if (!node || node->revision < 1)
|
||||
return -ENODEV;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user