From 0594061ee6fbd63d428e70cab4c82171f87f7604 Mon Sep 17 00:00:00 2001 From: Andrew Turner Date: Tue, 31 Jul 2018 12:53:27 +0000 Subject: Implement the SSBD (CVE-2018-3639) workaround on arm64 This calls into the Arm Trusted Firmware to enable and disable the workaround for the Speculative Store Bypass Disable (SSBD) issue, also known as Spectre Variant 4. As this may have a large performance overhead, and how exploitable SSBD is is unknown we follow the Linux lead of allowing the administrator to select between always on, always off, or only enabled in the kernel, with the latter being the default. PR: 228955 Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D15819 --- sys/dev/psci/smccc.c | 9 +++++++++ sys/dev/psci/smccc.h | 3 +++ 2 files changed, 12 insertions(+) (limited to 'sys/dev/psci') diff --git a/sys/dev/psci/smccc.c b/sys/dev/psci/smccc.c index 9641a49e34ff..b59bf659eec5 100644 --- a/sys/dev/psci/smccc.c +++ b/sys/dev/psci/smccc.c @@ -91,3 +91,12 @@ smccc_arch_workaround_1(void) ("SMCCC arch workaround 1 called with an invalid SMCCC interface")); return (psci_call(SMCCC_ARCH_WORKAROUND_1, 0, 0, 0)); } + +int +smccc_arch_workaround_2(bool enable) +{ + + KASSERT(smccc_version != SMCCC_VERSION_1_0, + ("SMCCC arch workaround 2 called with an invalid SMCCC interface")); + return (psci_call(SMCCC_ARCH_WORKAROUND_2, enable ? 1 : 0, 0, 0)); +} diff --git a/sys/dev/psci/smccc.h b/sys/dev/psci/smccc.h index 1047ba86055c..223f688fa80e 100644 --- a/sys/dev/psci/smccc.h +++ b/sys/dev/psci/smccc.h @@ -59,6 +59,8 @@ SMCCC_FUNC_ID(SMCCC_FAST_CALL, SMCCC_32BIT_CALL, 0, 1) #define SMCCC_ARCH_WORKAROUND_1 \ SMCCC_FUNC_ID(SMCCC_FAST_CALL, SMCCC_32BIT_CALL, 0, 0x8000) +#define SMCCC_ARCH_WORKAROUND_2 \ + SMCCC_FUNC_ID(SMCCC_FAST_CALL, SMCCC_32BIT_CALL, 0, 0x7fff) /* The return values from ARM DEN 0070A. */ #define SMCCC_RET_SUCCESS 0 @@ -67,6 +69,7 @@ int32_t smccc_arch_features(uint32_t); int smccc_arch_workaround_1(void); +int smccc_arch_workaround_2(bool); #endif /* _PSCI_SMCCC_H_ */ -- cgit v1.3