armstub8: Add PSCI monitor support for BCM2711 #121
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This monitor is used to workaround few issues in
Cortex-A72 CPU used in BCM2711:
* CVE-2017-5715 aka Spectre-v2. Invalidate the Branch Target
Buffer (BTB) on entry to EL3 by disabling and enabling the MMU.
* CVE-2018-3639 aka Spectre-v4. Set or clean bit 55
(Disable load pass store) of CPUACTLR_EL1, when requested
by SMCCC_ARCH_WORKAROUND_2.
* Prevent speculative execution past ERET.
* Implement workaround for AT speculative behaviour
This work is based on Oleksandr RPi3 psci-monitor [1] and
Arm Trusted Firmware [2].
Mitigation's are implemented according "ARM DEN 0070A" [3].
CVE workarounds could be controlled via Linux command line
options [4]: nospectre_v2 and ssbd=
Validation was done using Ghostbusters [5] and Google's Safeside
project [6].
Supported functions include:
PSCI_VERSION
PSCI_CPU_OFF
PSCI_CPU_ON
PSCI_AFFINITY_INFO
PSCI_MIGRATE_INFO_TYPE
PSCI_MIGRATE_INFO_UP_CPU
PSCI_SYSTEM_OFF
PSCI_SYSTEM_RESET
PSCI_FEATURES
SMCCC_VERSION
SMCCC_ARCH_WORKAROUND_1
SMCCC_ARCH_WORKAROUND_2
As side effect of this now Linux kexec is working.
Performance degradation was evaluated using Phoronix hackbench
and it is around 6% in combined case, I would say.
"Hackbench - Count: 4 - Type: Process"
00 = spectre_v2: Vulnerable, spec_store_bypass: Vulnerable
01 = spectre_v2: Mitigated, spec_store_bypass: Vulnerable
02 = spectre_v2: Vulnerable, spec_store_bypass: Mitigated
03 = spectre_v2: Mitigated, spec_store_bypass: Mitigated
04 = no PSCI monitor at all
05 = no PSCI monitor at all
Run-1 | Run-2 | Run-3, seconds
----------------------------------------
00 | 100.689 | 100.215 | 100.749
01 | 103.386 | 104.627 | 104.387
02 | 104.519 | 105.383 | 104.611
03 | 107.084 | 106.081 | 107.269
04 | 101.301 | 101.894 | 102.564
05 | 100.302 | 101.85 | 99.912
Details could be found here [7].
[1] https://github.com/gonzoua/rpi3-psci-monitor
[2] https://github.com/Arm-Software/arm-trusted-firmware
[3] "Firmware interfaces for mitigating cache speculation vulnerabilities"
[4] https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
[5] https://github.com/Sultanic/Ghostbusters.git
[6] https://github.com/google/safeside.git
[7] https://openbenchmarking.org/result/2103024-HA-PSCIMON0014,2103020-HA-PSCIMON0130,2103027-HA-PSCIMON0242,2103028-HA-PSCIMON0310,2103021-HA-PSCIMON0401,2103021-HA-PSCIMON0524
Signed-off-by: Ivan T. Ivanov <[email protected]>
|
Why do you think this should be the standard ARMv8 stub, given that it is so easy for distributions to provide there own? And are you the author? Your GitHub userid does not make this obvious. |
|
Well, they are distributions that are using this stub, like openSUSE. This work is heavily based on TF-A and RPi3 monitor, as stated in commit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This monitor is used to workaround few issues in
Cortex-A72 CPU used in BCM2711:
Buffer (BTB) on entry to EL3 by disabling and enabling the MMU.
(Disable load pass store) of CPUACTLR_EL1, when requested
by SMCCC_ARCH_WORKAROUND_2.
This work is based on Oleksandr RPi3 psci-monitor [1] and
Arm Trusted Firmware [2].
Mitigation's are implemented according "ARM DEN 0070A" [3].
CVE workarounds could be controlled via Linux command line
options [4]: nospectre_v2 and ssbd=
Validation was done using Ghostbusters [5] and Google's Safeside
project [6].
Supported functions include:
PSCI_VERSION
PSCI_CPU_OFF
PSCI_CPU_ON
PSCI_AFFINITY_INFO
PSCI_MIGRATE_INFO_TYPE
PSCI_MIGRATE_INFO_UP_CPU
PSCI_SYSTEM_OFF
PSCI_SYSTEM_RESET
PSCI_FEATURES
SMCCC_VERSION
SMCCC_ARCH_WORKAROUND_1
SMCCC_ARCH_WORKAROUND_2
As side effect of this now Linux kexec is working.
Performance degradation was evaluated using Phoronix hackbench
and it is around 6% in combined case, I would say.
"Hackbench - Count: 4 - Type: Process"
00 = spectre_v2: Vulnerable, spec_store_bypass: Vulnerable
01 = spectre_v2: Mitigated, spec_store_bypass: Vulnerable
02 = spectre_v2: Vulnerable, spec_store_bypass: Mitigated
03 = spectre_v2: Mitigated, spec_store_bypass: Mitigated
04 = no PSCI monitor at all
05 = no PSCI monitor at all
00 | 100.689 | 100.215 | 100.749
01 | 103.386 | 104.627 | 104.387
02 | 104.519 | 105.383 | 104.611
03 | 107.084 | 106.081 | 107.269
04 | 101.301 | 101.894 | 102.564
05 | 100.302 | 101.85 | 99.912
Details could be found here [7].
[1] https://github.com/gonzoua/rpi3-psci-monitor
[2] https://github.com/Arm-Software/arm-trusted-firmware
[3] "Firmware interfaces for mitigating cache speculation vulnerabilities"
[4] https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
[5] https://github.com/Sultanic/Ghostbusters.git
[6] https://github.com/google/safeside.git
[7] https://openbenchmarking.org/result/2103024-HA-PSCIMON0014,2103020-HA-PSCIMON0130,2103027-HA-PSCIMON0242,2103028-HA-PSCIMON0310,2103021-HA-PSCIMON0401,2103021-HA-PSCIMON0524
Signed-off-by: Ivan T. Ivanov [email protected]