xref: /openbmc/linux/arch/arm64/kernel/cpu_errata.c (revision 7f2e85840871f199057e65232ebde846192ed989)
1 /*
2  * Contains CPU specific errata definitions
3  *
4  * Copyright (C) 2014 ARM Ltd.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 as
8  * published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17  */
18 
19 #include <linux/types.h>
20 #include <asm/cpu.h>
21 #include <asm/cputype.h>
22 #include <asm/cpufeature.h>
23 
24 static bool __maybe_unused
25 is_affected_midr_range(const struct arm64_cpu_capabilities *entry, int scope)
26 {
27 	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
28 	return MIDR_IS_CPU_MODEL_RANGE(read_cpuid_id(), entry->midr_model,
29 				       entry->midr_range_min,
30 				       entry->midr_range_max);
31 }
32 
33 static bool __maybe_unused
34 is_kryo_midr(const struct arm64_cpu_capabilities *entry, int scope)
35 {
36 	u32 model;
37 
38 	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
39 
40 	model = read_cpuid_id();
41 	model &= MIDR_IMPLEMENTOR_MASK | (0xf00 << MIDR_PARTNUM_SHIFT) |
42 		 MIDR_ARCHITECTURE_MASK;
43 
44 	return model == entry->midr_model;
45 }
46 
47 static bool
48 has_mismatched_cache_line_size(const struct arm64_cpu_capabilities *entry,
49 				int scope)
50 {
51 	WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible());
52 	return (read_cpuid_cachetype() & arm64_ftr_reg_ctrel0.strict_mask) !=
53 		(arm64_ftr_reg_ctrel0.sys_val & arm64_ftr_reg_ctrel0.strict_mask);
54 }
55 
56 static int cpu_enable_trap_ctr_access(void *__unused)
57 {
58 	/* Clear SCTLR_EL1.UCT */
59 	config_sctlr_el1(SCTLR_EL1_UCT, 0);
60 	return 0;
61 }
62 
63 #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
64 #include <asm/mmu_context.h>
65 #include <asm/cacheflush.h>
66 
67 DEFINE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);
68 
69 #ifdef CONFIG_KVM
70 extern char __qcom_hyp_sanitize_link_stack_start[];
71 extern char __qcom_hyp_sanitize_link_stack_end[];
72 extern char __smccc_workaround_1_smc_start[];
73 extern char __smccc_workaround_1_smc_end[];
74 extern char __smccc_workaround_1_hvc_start[];
75 extern char __smccc_workaround_1_hvc_end[];
76 
77 static void __copy_hyp_vect_bpi(int slot, const char *hyp_vecs_start,
78 				const char *hyp_vecs_end)
79 {
80 	void *dst = lm_alias(__bp_harden_hyp_vecs_start + slot * SZ_2K);
81 	int i;
82 
83 	for (i = 0; i < SZ_2K; i += 0x80)
84 		memcpy(dst + i, hyp_vecs_start, hyp_vecs_end - hyp_vecs_start);
85 
86 	flush_icache_range((uintptr_t)dst, (uintptr_t)dst + SZ_2K);
87 }
88 
89 static void __install_bp_hardening_cb(bp_hardening_cb_t fn,
90 				      const char *hyp_vecs_start,
91 				      const char *hyp_vecs_end)
92 {
93 	static int last_slot = -1;
94 	static DEFINE_SPINLOCK(bp_lock);
95 	int cpu, slot = -1;
96 
97 	spin_lock(&bp_lock);
98 	for_each_possible_cpu(cpu) {
99 		if (per_cpu(bp_hardening_data.fn, cpu) == fn) {
100 			slot = per_cpu(bp_hardening_data.hyp_vectors_slot, cpu);
101 			break;
102 		}
103 	}
104 
105 	if (slot == -1) {
106 		last_slot++;
107 		BUG_ON(((__bp_harden_hyp_vecs_end - __bp_harden_hyp_vecs_start)
108 			/ SZ_2K) <= last_slot);
109 		slot = last_slot;
110 		__copy_hyp_vect_bpi(slot, hyp_vecs_start, hyp_vecs_end);
111 	}
112 
113 	__this_cpu_write(bp_hardening_data.hyp_vectors_slot, slot);
114 	__this_cpu_write(bp_hardening_data.fn, fn);
115 	spin_unlock(&bp_lock);
116 }
117 #else
118 #define __qcom_hyp_sanitize_link_stack_start	NULL
119 #define __qcom_hyp_sanitize_link_stack_end	NULL
120 #define __smccc_workaround_1_smc_start		NULL
121 #define __smccc_workaround_1_smc_end		NULL
122 #define __smccc_workaround_1_hvc_start		NULL
123 #define __smccc_workaround_1_hvc_end		NULL
124 
125 static void __install_bp_hardening_cb(bp_hardening_cb_t fn,
126 				      const char *hyp_vecs_start,
127 				      const char *hyp_vecs_end)
128 {
129 	__this_cpu_write(bp_hardening_data.fn, fn);
130 }
131 #endif	/* CONFIG_KVM */
132 
133 static void  install_bp_hardening_cb(const struct arm64_cpu_capabilities *entry,
134 				     bp_hardening_cb_t fn,
135 				     const char *hyp_vecs_start,
136 				     const char *hyp_vecs_end)
137 {
138 	u64 pfr0;
139 
140 	if (!entry->matches(entry, SCOPE_LOCAL_CPU))
141 		return;
142 
143 	pfr0 = read_cpuid(ID_AA64PFR0_EL1);
144 	if (cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_CSV2_SHIFT))
145 		return;
146 
147 	__install_bp_hardening_cb(fn, hyp_vecs_start, hyp_vecs_end);
148 }
149 
150 #include <uapi/linux/psci.h>
151 #include <linux/arm-smccc.h>
152 #include <linux/psci.h>
153 
154 static void call_smc_arch_workaround_1(void)
155 {
156 	arm_smccc_1_1_smc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
157 }
158 
159 static void call_hvc_arch_workaround_1(void)
160 {
161 	arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_WORKAROUND_1, NULL);
162 }
163 
164 static int enable_smccc_arch_workaround_1(void *data)
165 {
166 	const struct arm64_cpu_capabilities *entry = data;
167 	bp_hardening_cb_t cb;
168 	void *smccc_start, *smccc_end;
169 	struct arm_smccc_res res;
170 
171 	if (!entry->matches(entry, SCOPE_LOCAL_CPU))
172 		return 0;
173 
174 	if (psci_ops.smccc_version == SMCCC_VERSION_1_0)
175 		return 0;
176 
177 	switch (psci_ops.conduit) {
178 	case PSCI_CONDUIT_HVC:
179 		arm_smccc_1_1_hvc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
180 				  ARM_SMCCC_ARCH_WORKAROUND_1, &res);
181 		if (res.a0)
182 			return 0;
183 		cb = call_hvc_arch_workaround_1;
184 		smccc_start = __smccc_workaround_1_hvc_start;
185 		smccc_end = __smccc_workaround_1_hvc_end;
186 		break;
187 
188 	case PSCI_CONDUIT_SMC:
189 		arm_smccc_1_1_smc(ARM_SMCCC_ARCH_FEATURES_FUNC_ID,
190 				  ARM_SMCCC_ARCH_WORKAROUND_1, &res);
191 		if (res.a0)
192 			return 0;
193 		cb = call_smc_arch_workaround_1;
194 		smccc_start = __smccc_workaround_1_smc_start;
195 		smccc_end = __smccc_workaround_1_smc_end;
196 		break;
197 
198 	default:
199 		return 0;
200 	}
201 
202 	install_bp_hardening_cb(entry, cb, smccc_start, smccc_end);
203 
204 	return 0;
205 }
206 
207 static void qcom_link_stack_sanitization(void)
208 {
209 	u64 tmp;
210 
211 	asm volatile("mov	%0, x30		\n"
212 		     ".rept	16		\n"
213 		     "bl	. + 4		\n"
214 		     ".endr			\n"
215 		     "mov	x30, %0		\n"
216 		     : "=&r" (tmp));
217 }
218 
219 static int qcom_enable_link_stack_sanitization(void *data)
220 {
221 	const struct arm64_cpu_capabilities *entry = data;
222 
223 	install_bp_hardening_cb(entry, qcom_link_stack_sanitization,
224 				__qcom_hyp_sanitize_link_stack_start,
225 				__qcom_hyp_sanitize_link_stack_end);
226 
227 	return 0;
228 }
229 #endif	/* CONFIG_HARDEN_BRANCH_PREDICTOR */
230 
231 #define MIDR_RANGE(model, min, max) \
232 	.def_scope = SCOPE_LOCAL_CPU, \
233 	.matches = is_affected_midr_range, \
234 	.midr_model = model, \
235 	.midr_range_min = min, \
236 	.midr_range_max = max
237 
238 #define MIDR_ALL_VERSIONS(model) \
239 	.def_scope = SCOPE_LOCAL_CPU, \
240 	.matches = is_affected_midr_range, \
241 	.midr_model = model, \
242 	.midr_range_min = 0, \
243 	.midr_range_max = (MIDR_VARIANT_MASK | MIDR_REVISION_MASK)
244 
245 const struct arm64_cpu_capabilities arm64_errata[] = {
246 #if	defined(CONFIG_ARM64_ERRATUM_826319) || \
247 	defined(CONFIG_ARM64_ERRATUM_827319) || \
248 	defined(CONFIG_ARM64_ERRATUM_824069)
249 	{
250 	/* Cortex-A53 r0p[012] */
251 		.desc = "ARM errata 826319, 827319, 824069",
252 		.capability = ARM64_WORKAROUND_CLEAN_CACHE,
253 		MIDR_RANGE(MIDR_CORTEX_A53, 0x00, 0x02),
254 		.enable = cpu_enable_cache_maint_trap,
255 	},
256 #endif
257 #ifdef CONFIG_ARM64_ERRATUM_819472
258 	{
259 	/* Cortex-A53 r0p[01] */
260 		.desc = "ARM errata 819472",
261 		.capability = ARM64_WORKAROUND_CLEAN_CACHE,
262 		MIDR_RANGE(MIDR_CORTEX_A53, 0x00, 0x01),
263 		.enable = cpu_enable_cache_maint_trap,
264 	},
265 #endif
266 #ifdef CONFIG_ARM64_ERRATUM_832075
267 	{
268 	/* Cortex-A57 r0p0 - r1p2 */
269 		.desc = "ARM erratum 832075",
270 		.capability = ARM64_WORKAROUND_DEVICE_LOAD_ACQUIRE,
271 		MIDR_RANGE(MIDR_CORTEX_A57,
272 			   MIDR_CPU_VAR_REV(0, 0),
273 			   MIDR_CPU_VAR_REV(1, 2)),
274 	},
275 #endif
276 #ifdef CONFIG_ARM64_ERRATUM_834220
277 	{
278 	/* Cortex-A57 r0p0 - r1p2 */
279 		.desc = "ARM erratum 834220",
280 		.capability = ARM64_WORKAROUND_834220,
281 		MIDR_RANGE(MIDR_CORTEX_A57,
282 			   MIDR_CPU_VAR_REV(0, 0),
283 			   MIDR_CPU_VAR_REV(1, 2)),
284 	},
285 #endif
286 #ifdef CONFIG_ARM64_ERRATUM_845719
287 	{
288 	/* Cortex-A53 r0p[01234] */
289 		.desc = "ARM erratum 845719",
290 		.capability = ARM64_WORKAROUND_845719,
291 		MIDR_RANGE(MIDR_CORTEX_A53, 0x00, 0x04),
292 	},
293 #endif
294 #ifdef CONFIG_CAVIUM_ERRATUM_23154
295 	{
296 	/* Cavium ThunderX, pass 1.x */
297 		.desc = "Cavium erratum 23154",
298 		.capability = ARM64_WORKAROUND_CAVIUM_23154,
299 		MIDR_RANGE(MIDR_THUNDERX, 0x00, 0x01),
300 	},
301 #endif
302 #ifdef CONFIG_CAVIUM_ERRATUM_27456
303 	{
304 	/* Cavium ThunderX, T88 pass 1.x - 2.1 */
305 		.desc = "Cavium erratum 27456",
306 		.capability = ARM64_WORKAROUND_CAVIUM_27456,
307 		MIDR_RANGE(MIDR_THUNDERX,
308 			   MIDR_CPU_VAR_REV(0, 0),
309 			   MIDR_CPU_VAR_REV(1, 1)),
310 	},
311 	{
312 	/* Cavium ThunderX, T81 pass 1.0 */
313 		.desc = "Cavium erratum 27456",
314 		.capability = ARM64_WORKAROUND_CAVIUM_27456,
315 		MIDR_RANGE(MIDR_THUNDERX_81XX, 0x00, 0x00),
316 	},
317 #endif
318 #ifdef CONFIG_CAVIUM_ERRATUM_30115
319 	{
320 	/* Cavium ThunderX, T88 pass 1.x - 2.2 */
321 		.desc = "Cavium erratum 30115",
322 		.capability = ARM64_WORKAROUND_CAVIUM_30115,
323 		MIDR_RANGE(MIDR_THUNDERX, 0x00,
324 			   (1 << MIDR_VARIANT_SHIFT) | 2),
325 	},
326 	{
327 	/* Cavium ThunderX, T81 pass 1.0 - 1.2 */
328 		.desc = "Cavium erratum 30115",
329 		.capability = ARM64_WORKAROUND_CAVIUM_30115,
330 		MIDR_RANGE(MIDR_THUNDERX_81XX, 0x00, 0x02),
331 	},
332 	{
333 	/* Cavium ThunderX, T83 pass 1.0 */
334 		.desc = "Cavium erratum 30115",
335 		.capability = ARM64_WORKAROUND_CAVIUM_30115,
336 		MIDR_RANGE(MIDR_THUNDERX_83XX, 0x00, 0x00),
337 	},
338 #endif
339 	{
340 		.desc = "Mismatched cache line size",
341 		.capability = ARM64_MISMATCHED_CACHE_LINE_SIZE,
342 		.matches = has_mismatched_cache_line_size,
343 		.def_scope = SCOPE_LOCAL_CPU,
344 		.enable = cpu_enable_trap_ctr_access,
345 	},
346 #ifdef CONFIG_QCOM_FALKOR_ERRATUM_1003
347 	{
348 		.desc = "Qualcomm Technologies Falkor erratum 1003",
349 		.capability = ARM64_WORKAROUND_QCOM_FALKOR_E1003,
350 		MIDR_RANGE(MIDR_QCOM_FALKOR_V1,
351 			   MIDR_CPU_VAR_REV(0, 0),
352 			   MIDR_CPU_VAR_REV(0, 0)),
353 	},
354 	{
355 		.desc = "Qualcomm Technologies Kryo erratum 1003",
356 		.capability = ARM64_WORKAROUND_QCOM_FALKOR_E1003,
357 		.def_scope = SCOPE_LOCAL_CPU,
358 		.midr_model = MIDR_QCOM_KRYO,
359 		.matches = is_kryo_midr,
360 	},
361 #endif
362 #ifdef CONFIG_QCOM_FALKOR_ERRATUM_1009
363 	{
364 		.desc = "Qualcomm Technologies Falkor erratum 1009",
365 		.capability = ARM64_WORKAROUND_REPEAT_TLBI,
366 		MIDR_RANGE(MIDR_QCOM_FALKOR_V1,
367 			   MIDR_CPU_VAR_REV(0, 0),
368 			   MIDR_CPU_VAR_REV(0, 0)),
369 	},
370 #endif
371 #ifdef CONFIG_ARM64_ERRATUM_858921
372 	{
373 	/* Cortex-A73 all versions */
374 		.desc = "ARM erratum 858921",
375 		.capability = ARM64_WORKAROUND_858921,
376 		MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
377 	},
378 #endif
379 #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
380 	{
381 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
382 		MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
383 		.enable = enable_smccc_arch_workaround_1,
384 	},
385 	{
386 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
387 		MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
388 		.enable = enable_smccc_arch_workaround_1,
389 	},
390 	{
391 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
392 		MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
393 		.enable = enable_smccc_arch_workaround_1,
394 	},
395 	{
396 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
397 		MIDR_ALL_VERSIONS(MIDR_CORTEX_A75),
398 		.enable = enable_smccc_arch_workaround_1,
399 	},
400 	{
401 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
402 		MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR_V1),
403 		.enable = qcom_enable_link_stack_sanitization,
404 	},
405 	{
406 		.capability = ARM64_HARDEN_BP_POST_GUEST_EXIT,
407 		MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR_V1),
408 	},
409 	{
410 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
411 		MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR),
412 		.enable = qcom_enable_link_stack_sanitization,
413 	},
414 	{
415 		.capability = ARM64_HARDEN_BP_POST_GUEST_EXIT,
416 		MIDR_ALL_VERSIONS(MIDR_QCOM_FALKOR),
417 	},
418 	{
419 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
420 		MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN),
421 		.enable = enable_smccc_arch_workaround_1,
422 	},
423 	{
424 		.capability = ARM64_HARDEN_BRANCH_PREDICTOR,
425 		MIDR_ALL_VERSIONS(MIDR_CAVIUM_THUNDERX2),
426 		.enable = enable_smccc_arch_workaround_1,
427 	},
428 #endif
429 	{
430 	}
431 };
432 
433 /*
434  * The CPU Errata work arounds are detected and applied at boot time
435  * and the related information is freed soon after. If the new CPU requires
436  * an errata not detected at boot, fail this CPU.
437  */
438 void verify_local_cpu_errata_workarounds(void)
439 {
440 	const struct arm64_cpu_capabilities *caps = arm64_errata;
441 
442 	for (; caps->matches; caps++) {
443 		if (cpus_have_cap(caps->capability)) {
444 			if (caps->enable)
445 				caps->enable((void *)caps);
446 		} else if (caps->matches(caps, SCOPE_LOCAL_CPU)) {
447 			pr_crit("CPU%d: Requires work around for %s, not detected"
448 					" at boot time\n",
449 				smp_processor_id(),
450 				caps->desc ? : "an erratum");
451 			cpu_die_early();
452 		}
453 	}
454 }
455 
456 void update_cpu_errata_workarounds(void)
457 {
458 	update_cpu_capabilities(arm64_errata, "enabling workaround for");
459 }
460 
461 void __init enable_errata_workarounds(void)
462 {
463 	enable_cpu_capabilities(arm64_errata);
464 }
465