-- SRU Verification -- Enabled SSBD v4 in firmware and booted the -proposed kernel, no regressions were found on boot.
- Enable SSBD V4 in firmware. - CAVM_CN99xx# env set core_feature_mask 0x20 core_feature_mask is set to 32 Env Var core_feature_mask set with Value 32 Execute 'env save' Command to make the changes persistent CAVM_CN99xx# env save ----------------------------------- ENV Variable Settings ----------------------------------- Name : Value ----------------------------------- turbo : 0 smt : 4 corefreq : 2199 numcores : 28 icispeed : 1 socnclk : 666 socsclk : 1199 memclk : 2199 ddrspeed_auto : 0 ddrspeed : 2400 progcpufreq : 1 progdevfreq : 1 dmc_node_channel_mask : 0000ffff thermcontrol : 1 thermlimit : 105 enter_debug_shell : 0 dbg_speed_up_ddr_lvl : 0 enable_dram_scrub : 0 ipmbcontrol : 1 ddr_dmt_advanced : 0 cppccontrol : 0 loglevel : 0 uart_params : 115200/8-N-1 none core_feature_mask : 32 sys_feature_mask : 0x00000000 ddr_refresh_rate : 1 fw_feature_mask : 0x00000000 dram_ce_threshold : 500 dram_ce_window : 60 sec dram_ce_leak_rate : 1 msec/error ----------------------------------- CAVM_CN99xx# - Boot the -proposed kernel - ubuntu@helo:~$ uname -a Linux helo 4.15.0-35-generic #38-Ubuntu SMP Wed Sep 12 10:35:16 UTC 2018 aarch64 aarch64 aarch64 GNU/Linux ubuntu@helo:~$ ubuntu@helo:~$ dmesg | grep -i ssbd [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.15.0-35-generic root=UUID=06508e54-5e22-4f62-a30c-56a9268e39be ro ssbd=force-on -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1787993 Title: [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support for arm64 using SMC firmware call to set a hardware chicken bit Status in linux package in Ubuntu: Incomplete Status in linux source package in Bionic: Fix Committed Bug description: [Impact] Spectre v4 mitigation (Speculative Store Bypass Disable) support for arm64 was implemented in the Arm Trusted Firmware with SMCCC v1.1 and SMCCC_ARCH_WORKAROUND_2[1, 2]. Kernel patches were later produced to toggle the workaround, enable it only for the kernel side, both for the host or hypervisor case. [Fix] Original fix: http://lkml.iu.edu/hypermail/linux/kernel/1805.2/05868.html This patchset is a cherry pick of those patches (and prerequisistes) from the stable / linux-4.14.y tree, forward ported to our Bionic kernel. [Test] Boot a patched kernel and add on the cmdline: ssbd=force-on on dmesg you should see something like: [ 0.779901] ssbd: forced from command-line Same goes for the off case: ssbd=force-off [ 0.781002] ssbd: disabled from command-line [Regression Potential] Since it's "new code" to our Bionic kernel, there's some regression potential, but it was a clean pick from linux-4.14.y without almost any modication (except for some mechanical diff to make it apply). 1: https://developer.arm.com/cache-speculation-vulnerability-firmware-specification 2: https://github.com/ARM-software/arm-trusted-firmware/pull/1392 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787993/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp