You've already forked android_kernel_samsung_ot8
mirror of
https://github.com/gta7lite/android_kernel_samsung_ot8.git
synced 2026-02-08 17:24:41 -08:00
f55d7b567a
Squashed commit of the following: includes 22 changes commit d396bed6599e0836d21eef2b3e5d8e1e5bf2a1c2 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:42 2022 +0000 [ALPS07034142] arm64: Use the clearbhb instruction in mitigations commit 228a26b912287934789023b4132ba76065d9491c upstream. Future CPUs may implement a clearbhb instruction that is sufficient to mitigate SpectreBHB. CPUs that implement this instruction, but not CSV2.3 must be affected by Spectre-BHB. Add support to use this instruction as the BHB mitigation on CPUs that support it. The instruction is in the hint space, so it will be treated by a NOP as older CPUs. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> [ modified for stable: Use a KVM vector template instead of alternatives ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> CR-Id: ALPS07034142 Feature: Google Security Patch Change-Id: I0f4ac7011a7272263b712dfeba955c15248415d6 commit 5d79db56aea941c4f8d992ba7e231758ee387f4e Author: Joey Gouly <joey.gouly@arm.com> Date: Fri Mar 18 17:48:41 2022 +0000 [ALPS07034142] arm64: add ID_AA64ISAR2_EL1 sys register commit 9e45365f1469ef2b934f9d035975dbc9ad352116 upstream. This is a new ID register, introduced in 8.7. Signed-off-by: Joey Gouly <joey.gouly@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Marc Zyngier <maz@kernel.org> Cc: James Morse <james.morse@arm.com> Cc: Alexandru Elisei <alexandru.elisei@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: Reiji Watanabe <reijiw@google.com> Acked-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20211210165432.8106-3-joey.gouly@arm.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Ib68cf6230d3b01dc473db44354969262842b2c06 CR-Id: ALPS07034142 Feature: Google Security Patch commit 080bd4588fe6c55b11b12d4633bcc402a610f2d7 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:40 2022 +0000 [ALPS07034142] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated commit a5905d6af492ee6a4a2205f0d550b3f931b03d03 upstream. KVM allows the guest to discover whether the ARCH_WORKAROUND SMCCC are implemented, and to preserve that state during migration through its firmware register interface. Add the necessary boiler plate for SMCCC_ARCH_WORKAROUND_3. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> [ kvm code moved to virt/kvm/arm, removed fw regs ABI. Added 32bit stub ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Id29e97b6d698272f470b31deda653b7a085a4ff3 CR-Id: ALPS07034142 Feature: Google Security Patch commit 955516ba4ef155cfbbf68c18f4715d3e238851ef Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:39 2022 +0000 [ALPS07034142] arm64: Mitigate spectre style branch history side channels commit 558c303c9734af5a813739cd284879227f7297d2 upstream. Speculation attacks against some high-performance processors can make use of branch history to influence future speculation. When taking an exception from user-space, a sequence of branches or a firmware call overwrites or invalidates the branch history. The sequence of branches is added to the vectors, and should appear before the first indirect branch. For systems using KPTI the sequence is added to the kpti trampoline where it has a free register as the exit from the trampoline is via a ret. For systems not using KPTI, the same register tricks are used to free up a register in the vectors. For the firmware call, arch-workaround-3 clobbers 4 registers, so there is no choice but to save them to the EL1 stack. This only happens for entry from EL0, so if we take an exception due to the stack access, it will not become re-entrant. For KVM, the existing branch-predictor-hardening vectors are used. When a spectre version of these vectors is in use, the firmware call is sufficient to mitigate against Spectre-BHB. For the non-spectre versions, the sequence of branches is added to the indirect vector. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Cc: <stable@kernel.org> # <v5.17.x 72bb9dcb6c33c arm64: Add Cortex-X2 CPU part definition Cc: <stable@kernel.org> # <v5.16.x 2d0d656700d67 arm64: Add Neoverse-N2, Cortex-A710 CPU part definition Cc: <stable@kernel.org> # <v5.10.x 8a6b88e66233f arm64: Add part number for Arm Cortex-A77 [ modified for stable, moved code to cpu_errata.c removed bitmap of mitigations, use kvm template infrastructure ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Ie2a988ff4a032eee858456a92af965437180017b CR-Id: ALPS07034142 Feature: Google Security Patch commit 171fe8596e3bc5055a3255fffb36efac3eebcdd6 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:38 2022 +0000 [ALPS07034142] KVM: arm64: Add templates for BHB mitigation sequences KVM writes the Spectre-v2 mitigation template at the beginning of each vector when a CPU requires a specific sequence to run. Because the template is copied, it can not be modified by the alternatives at runtime. As the KVM template code is intertwined with the bp-hardening callbacks, all templates must have a bp-hardening callback. Add templates for calling ARCH_WORKAROUND_3 and one for each value of K in the brancy-loop. Identify these sequences by a new parameter template_start, and add a copy of install_bp_hardening_cb() that is able to install them. Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I0a7aeefc82428e5419315dd72bda9e2e2b269766 CR-Id: ALPS07034142 Feature: Google Security Patch commit c1ad4ec1ae654560919065c7a4aafefb8e659dfb Author: Anshuman Khandual <anshuman.khandual@arm.com> Date: Fri Mar 18 17:48:23 2022 +0000 [ALPS07034142] arm64: Add Cortex-X2 CPU part definition commit 72bb9dcb6c33cfac80282713c2b4f2b254cd24d1 upstream. Add the CPU Partnumbers for the new Arm designs. Cc: Will Deacon <will@kernel.org> Cc: Suzuki Poulose <suzuki.poulose@arm.com> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Anshuman Khandual <anshuman.khandual@arm.com> Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com> Link: https://lore.kernel.org/r/1642994138-25887-2-git-send-email-anshuman.khandual@arm.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I82583d1d1917d3d0d444ed5a1cc7d2d2738cdf76 CR-Id: ALPS07034142 Feature: Google Security Patch commit 50e5453508d2c87fdf957d43db47f0cd3fa6173b Author: Suzuki K Poulose <suzuki.poulose@arm.com> Date: Fri Mar 18 17:48:22 2022 +0000 [ALPS07034142] arm64: Add Neoverse-N2, Cortex-A710 CPU part definition arm64: Add Neoverse-N2, Cortex-A710 CPU part definition commit 2d0d656700d67239a57afaf617439143d8dac9be upstream. Add the CPU Partnumbers for the new Arm designs. Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Will Deacon <will@kernel.org> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Reviewed-by: Anshuman Khandual <anshuman.khandual@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Link: https://lore.kernel.org/r/20211019163153.3692640-2-suzuki.poulose@arm.com Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> CR-Id: ALPS07034142 Feature: Google Security Patch Change-Id: Ifa494df58110effb99330eabf971a092598abdb5 commit 0ac707380244c9cdce111ca1cc7ab1a95be3b6c4 Author: Rob Herring <robh@kernel.org> Date: Fri Mar 18 17:48:21 2022 +0000 [ALPS07034142] arm64: Add part number for Arm Cortex-A77 commit 8a6b88e66233f5f1779b0a1342aa9dc030dddcd5 upstream. Add the MIDR part number info for the Arm Cortex-A77. Signed-off-by: Rob Herring <robh@kernel.org> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will@kernel.org> Link: https://lore.kernel.org/r/20201028182839.166037-1-robh@kernel.org Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I82418ea059bf1b0ad41a4f2f7eaef67f4be82e54 CR-Id: ALPS07034142 Feature: Google Security Patch commit 8a1a67c8ba2e95b4a22e50a9f42707de17bb2112 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:37 2022 +0000 [ALPS07034142] arm64: proton-pack: Report Spectre-BHB vulnerabilities as arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 commit dee435be76f4117410bbd90573a881fd33488f37 upstream. Speculation attacks against some high-performance processors can make use of branch history to influence future speculation as part of a spectre-v2 attack. This is not mitigated by CSV2, meaning CPUs that previously reported Not affected are now moderately mitigated by CSV2. Update the value in /sys/devices/system/cpu/vulnerabilities/spectre_v2 to also show the state of the BHB mitigation. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> [ code move to cpu_errata.c for backport ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I6b6531630467b6e35bd219080fc835fdf188f392 CR-Id: ALPS07034142 Feature: Google Security Patch commit e3ea46f20a4444777686383b9cad7efec9616c85 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:36 2022 +0000 [ALPS07034142] arm64: Add percpu vectors for EL1 commit bd09128d16fac3c34b80bd6a29088ac632e8ce09 upstream. The Spectre-BHB workaround adds a firmware call to the vectors. This is needed on some CPUs, but not others. To avoid the unaffected CPU in a big/little pair from making the firmware call, create per cpu vectors. The per-cpu vectors only apply when returning from EL0. Systems using KPTI can use the canonical full-fat vectors directly at EL1, the trampoline exit code will switch to this_cpu_vector on exit to EL0. Systems not using KPTI should always use this_cpu_vector. this_cpu_vector will point at a vector in tramp_vecs or __bp_harden_el1_vectors, depending on whether KPTI is in use. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I7befe4fbe7f3be6632e83a62dde23327ba1de6c3 CR-Id: ALPS07034142 Feature: Google Security Patch commit ca2f23dc29cabb29266f271b4578d01e3c80926f Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:35 2022 +0000 [ALPS07034142] arm64: entry: Add macro for reading symbol addresses from arm64: entry: Add macro for reading symbol addresses from the trampoline commit b28a8eebe81c186fdb1a0078263b30576c8e1f42 upstream. The trampoline code needs to use the address of symbols in the wider kernel, e.g. vectors. PC-relative addressing wouldnt work as the trampoline code doesnt run at the address the linker expected. tramp_ventry uses a literal pool, unless CONFIG_RANDOMIZE_BASE is set, in which case it uses the data page as a literal pool because the data page can be unmapped when running in user-space, which is required for CPUs vulnerable to meltdown. Pull this logic out as a macro, instead of adding a third copy of it. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I180923da4b5916dd0a2998825ea11d47bcecac4b CR-Id: ALPS07034142 Feature: Google Security Patch commit 2a94828beddcbac598caf10001bda67f42ca06ec Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:34 2022 +0000 [ALPS07034142] arm64: entry: Add vectors that have the bhb mitigation seq arm64: entry: Add vectors that have the bhb mitigation sequences commit ba2689234be92024e5635d30fe744f4853ad97db upstream. Some CPUs affected by Spectre-BHB need a sequence of branches, or a firmware call to be run before any indirect branch. This needs to go in the vectors. No CPU needs both. While this can be patched in, it would run on all CPUs as there is a single set of vectors. If only one part of a big/little combination is affected, the unaffected CPUs have to run the mitigation too. Create extra vectors that include the sequence. Subsequent patches will allow affected CPUs to select this set of vectors. Later patches will modify the loop count to match what the CPU requires. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I8a188d295b89122c379e6704e0700c1e67ef14be CR-Id: ALPS07034142 Feature: Google Security Patch commit d5b29c850e3e3b6d52b27e3cb0dd738154eebf22 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:33 2022 +0000 [ALPS07034142] arm64: entry: Add non-kpti __bp_harden_el1_vectors for mit arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations commit aff65393fa1401e034656e349abd655cfe272de0 upstream. kpti is an optional feature, for systems not using kpti a set of vectors for the spectre-bhb mitigations is needed. Add another set of vectors, __bp_harden_el1_vectors, that will be used if a mitigation is needed and kpti is not in use. The EL1 ventries are repeated verbatim as there is no additional work needed for entry from EL1. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Idee1e078f7b23507e439faf8be5177480aa14852 CR-Id: ALPS07034142 Feature: Google Security Patch commit 2cee894e0912da8f860ffde13b0016fdc1c463c6 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:32 2022 +0000 [ALPS07034142] arm64: entry: Allow the trampoline text to occupy multiple arm64: entry: Allow the trampoline text to occupy multiple pages commit a9c406e6462ff14956d690de7bbe5131a5677dc9 upstream. Adding a second set of vectors to .entry.tramp.text will make it larger than a single 4K page. Allow the trampoline text to occupy up to three pages by adding two more fixmap slots. Previous changes to tramp_valias allowed it to reach beyond a single page. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I2339eb373cf969f55065a735960d50d4963d8936 CR-Id: ALPS07034142 Feature: Google Security Patch commit 07f86758e798f65b326857f072f2b0b67dd53fbf Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:31 2022 +0000 [ALPS07034142] arm64: entry: Make the kpti trampolines kpti sequence opt arm64: entry: Make the kpti trampolines kpti sequence optional commit c47e4d04ba0f1ea17353d85d45f611277507e07a upstream. Spectre-BHB needs to add sequences to the vectors. Having one global set of vectors is a problem for big/little systems where the sequence is costly on cpus that are not vulnerable. Making the vectors per-cpu in the style of KVMs bh_harden_hyp_vecs requires the vectors to be generated by macros. Make the kpti re-mapping of the kernel optional, so the macros can be used without kpti. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Ia8066a1b00866dc35eb98e0f74ac1ea02adfc719 CR-Id: ALPS07034142 Feature: Google Security Patch commit dcb92042a16434ff3e84db1c4c5990cc688822e2 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:30 2022 +0000 [ALPS07034142] arm64: entry: Move trampoline macros out of ifdefd sectio arm64: entry: Move trampoline macros out of ifdefd section commit 13d7a08352a83ef2252aeb464a5e08dfc06b5dfd upstream. The macros for building the kpti trampoline are all behind CONFIG_UNMAP_KERNEL_AT_EL0, and in a region that outputs to the .entry.tramp.text section. Move the macros out so they can be used to generate other kinds of trampoline. Only the symbols need to be guarded by CONFIG_UNMAP_KERNEL_AT_EL0 and appear in the .entry.tramp.text section. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I5a6c8241e34942de68a889a939fa1b85dea9e983 CR-Id: ALPS07034142 Feature: Google Security Patch commit fd7b6dd59f0bdac7fc2dcb32d9c3da10234fdf33 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:29 2022 +0000 [ALPS07034142] arm64: entry: Dont assume tramp_vectors is the start of t arm64: entry: Dont assume tramp_vectors is the start of the vectors commit ed50da7764535f1e24432ded289974f2bf2b0c5a upstream. The tramp_ventry macro uses tramp_vectors as the address of the vectors when calculating which ventry in the full fat vectors to branch to. While there is one set of tramp_vectors, this will be true. Adding multiple sets of vectors will break this assumption. Move the generation of the vectors to a macro, and pass the start of the vectors as an argument to tramp_ventry. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Ieda0bf449f5f94d1fb96a7e54514139e7a6b4d8e CR-Id: ALPS07034142 Feature: Google Security Patch commit 0478842f88da9e6623d45b6bb85b97d6f6f0a6a3 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:28 2022 +0000 [ALPS07034142] arm64: entry: Allow tramp_alias to access symbols after th arm64: entry: Allow tramp_alias to access symbols after the 4K boundary commit 6c5bf79b69f911560fbf82214c0971af6e58e682 upstream. Systems using kpti enter and exit the kernel through a trampoline mapping that is always mapped, even when the kernel is not. tramp_valias is a macro to find the address of a symbol in the trampoline mapping. Adding extra sets of vectors will expand the size of the entry.tramp.text section to beyond 4K. tramp_valias will be unable to generate addresses for symbols beyond 4K as it uses the 12 bit immediate of the add instruction. As there are now two registers available when tramp_alias is called, use the extra register to avoid the 4K limit of the 12 bit immediate. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I0e4c57f2ebc5a3dba9031af18dd00fa45aec4c57 CR-Id: ALPS07034142 Feature: Google Security Patch commit 6f1bd53f8ea51afa346a859f1f73f03db4e84bcc Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:27 2022 +0000 [ALPS07034142] arm64: entry: Move the trampoline data page before the tex arm64: entry: Move the trampoline data page before the text page commit c091fb6ae059cda563b2a4d93fdbc548ef34e1d6 upstream. The trampoline code has a data page that holds the address of the vectors, which is unmapped when running in user-space. This ensures that with CONFIG_RANDOMIZE_BASE, the randomised address of the kernel cant be discovered until after the kernel has been mapped. If the trampoline text page is extended to include multiple sets of vectors, it will be larger than a single page, making it tricky to find the data page without knowing the size of the trampoline text pages, which will vary with PAGE_SIZE. Move the data page to appear before the text page. This allows the data page to be found without knowing the size of the trampoline text pages. tramp_vectors is used to refer to the beginning of the .entry.tramp.text section, do that explicitly. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I8dcd3a58a0612fdc264c51d1f993573350c8eb17 CR-Id: ALPS07034142 Feature: Google Security Patch commit d26a38420bf3fe88187f7977711bf63611c49400 Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:26 2022 +0000 [ALPS07034142] arm64: entry: Free up another register on kptis tramp_exit arm64: entry: Free up another register on kptis tramp_exit path commit 03aff3a77a58b5b52a77e00537a42090ad57b80b upstream. Kpti stashes x30 in far_el1 while it uses x30 for all its work. Making the vectors a per-cpu data structure will require a second register. Allow tramp_exit two registers before it unmaps the kernel, by leaving x30 on the stack, and stashing x29 in far_el1. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I1a76213dfbdc9c86302287023bdaaee8c8d88f02 CR-Id: ALPS07034142 Feature: Google Security Patch commit 161484376542dd7dfd6630eed171fd506210431b Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:25 2022 +0000 [ALPS07034142] arm64: entry: Make the trampoline cleanup optional commit d739da1694a0eaef0358a42b76904b611539b77b upstream. Subsequent patches will add additional sets of vectors that use the same tricks as the kpti vectors to reach the full-fat vectors. The full-fat vectors contain some cleanup for kpti that is patched in by alternatives when kpti is in use. Once there are additional vectors, the cleanup will be needed in more cases. But on big/little systems, the cleanup would be harmful if no trampoline vector were in use. Instead of forcing CPUs that dont need a trampoline vector to use one, make the trampoline cleanup optional. Entry at the top of the vectors will skip the cleanup. The trampoline vectors can then skip the first instruction, triggering the cleanup to run. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: I862c14bc6aa773b3466709b8c21302cc03f0d50f CR-Id: ALPS07034142 Feature: Google Security Patch commit 1616891d4ca0aff02104ca3b2f81eb30a4f14c4f Author: James Morse <james.morse@arm.com> Date: Fri Mar 18 17:48:24 2022 +0000 [ALPS07034142] arm64: entry.S: Add ventry overflow sanity checks commit 4330e2c5c04c27bebf89d34e0bc14e6943413067 upstream. Subsequent patches add even more code to the ventry slots. Ensure kernels that overflow a ventry slot dont get built. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> CR-Id: ALPS07034142 Feature: Google Security Patch Change-Id: I2d88e401394117c06ff5ca82a187f483f845c814 MTK-Commit-Id: 81bd7c24bbee6dd29e9036b615ded89fa6a83e98 Signed-off-by: sunny.kuo <sunny.kuo@mediatek.com> CR-Id: ALPS07034142 Feature: Google Security Patch Change-Id: I3d22a1bf5ec1be0b73f816a91c858786ab9593f7