arm64: Add skeleton to harden the branch predictor against aliasing attacks (0f15adbb) · Commits · 戴 / test

arch/arm64/Kconfig

+17 −0

Original line number	Diff line number	Diff line
		@@ -874,6 +874,23 @@ config UNMAP_KERNEL_AT_EL0

		If unsure, say Y.

		config HARDEN_BRANCH_PREDICTOR
		bool "Harden the branch predictor against aliasing attacks" if EXPERT
		default y
		help
		Speculation attacks against some high-performance processors rely on
		being able to manipulate the branch predictor for a victim context by
		executing aliasing branches in the attacker context. Such attacks
		can be partially mitigated against by clearing internal branch
		predictor state and limiting the prediction logic in some situations.

		This config option will take CPU-specific actions to harden the
		branch predictor against aliasing attacks and may rely on specific
		instruction sequences or control bits being set by the system
		firmware.

		If unsure, say Y.

		menuconfig ARMV8_DEPRECATED
		bool "Emulate deprecated/obsolete ARMv8 instructions"
		depends on COMPAT

+2 −1

Original line number	Diff line number	Diff line
		@@ -42,7 +42,8 @@
		#define ARM64_HAS_DCPOP 21
		#define ARM64_SVE 22
		#define ARM64_UNMAP_KERNEL_AT_EL0 23
		#define ARM64_HARDEN_BRANCH_PREDICTOR 24

		#define ARM64_NCAPS 24
		#define ARM64_NCAPS 25

		#endif /* __ASM_CPUCAPS_H */

+37 −0

Original line number	Diff line number	Diff line
		@@ -41,6 +41,43 @@ static inline bool arm64_kernel_unmapped_at_el0(void)
		cpus_have_const_cap(ARM64_UNMAP_KERNEL_AT_EL0);
		}

		typedef void (*bp_hardening_cb_t)(void);

		struct bp_hardening_data {
		int hyp_vectors_slot;
		bp_hardening_cb_t fn;
		};

		#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
		extern char __bp_harden_hyp_vecs_start[], __bp_harden_hyp_vecs_end[];

		DECLARE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);

		static inline struct bp_hardening_data *arm64_get_bp_hardening_data(void)
		{
		return this_cpu_ptr(&bp_hardening_data);
		}

		static inline void arm64_apply_bp_hardening(void)
		{
		struct bp_hardening_data *d;

		if (!cpus_have_const_cap(ARM64_HARDEN_BRANCH_PREDICTOR))
		return;

		d = arm64_get_bp_hardening_data();
		if (d->fn)
		d->fn();
		}
		#else
		static inline struct bp_hardening_data *arm64_get_bp_hardening_data(void)
		{
		return NULL;
		}

		static inline void arm64_apply_bp_hardening(void) { }
		#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */

		extern void paging_init(void);
		extern void bootmem_init(void);
		extern void __iomem *early_io_map(phys_addr_t phys, unsigned long virt);

+1 −0

+4 −0

Original line number	Diff line number	Diff line
		@@ -53,6 +53,10 @@ arm64-obj-$(CONFIG_ARM64_RELOC_TEST) += arm64-reloc-test.o
		arm64-reloc-test-y := reloc_test_core.o reloc_test_syms.o
		arm64-obj-$(CONFIG_CRASH_DUMP) += crash_dump.o

		ifeq ($(CONFIG_KVM),y)
		arm64-obj-$(CONFIG_HARDEN_BRANCH_PREDICTOR) += bpi.o
		endif

		obj-y += $(arm64-obj-y) vdso/ probes/
		obj-m += $(arm64-obj-m)
		head-y := head.o