> On 12 Jan 2018, at 14:37, Warner Losh <i...@bsdimp.com> wrote: > > > > On Fri, Jan 12, 2018 at 7:15 AM, Andrew Turner <and...@freebsd.org > <mailto:and...@freebsd.org>> wrote: > > >> On 12 Jan 2018, at 14:10, Marcin Wojtas <m...@semihalf.com >> <mailto:m...@semihalf.com>> wrote: >> >> Hi Andrew, >> >> >> >> 2018-01-12 15:01 GMT+01:00 Andrew Turner <and...@freebsd.org >> <mailto:and...@freebsd.org>>: >>> Author: andrew >>> Date: Fri Jan 12 14:01:38 2018 >>> New Revision: 327876 >>> URL: https://svnweb.freebsd.org/changeset/base/327876 >>> <https://svnweb.freebsd.org/changeset/base/327876> >>> >>> Log: >>> Workaround Spectre Variant 2 on arm64. >>> >>> We need to handle two cases: >>> >>> 1. One process attacking another process. >>> 2. A process attacking the kernel. >>> >>> For the first case we clear the branch predictor state on context switch >>> between different processes. For the second we do this when taking an >>> instruction abort on a non-userspace address. >>> >>> To clear the branch predictor state a per-CPU function pointer has been >>> added. This is set by the new cpu errata code based on if the CPU is >>> known to be affected. >>> >>> On Cortex-A57, A72, A73, and A75 we call into the PSCI firmware as newer >>> versions of this will clear the branch predictor state for us. >>> >>> It has been reported the ThunderX is unaffected, however the ThunderX2 is >>> vulnerable. The Qualcomm Falkor core is also affected. As FreeBSD doesn't >>> yet run on the ThunderX2 or Falkor no workaround is included for these >>> CPUs. >> >> Regardless ThunderX2 / Falkor work-arounds, do I understand correctly >> that pure CA72 machines, such as Marvell Armada 7k/8k are immune to >> Variant 2 now? > > It is my understanding that the A72 will be immune with this patch and an > updated Arm Trusted Firmware as documented in [1]. > > Andrew > > [1] > https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6 > > <https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6> > > Are you also working on aarch32 mitigation?
No. I think a similar technique could be used, however as aarch32 has instructions to invalidate the branch predictor these can be used directly. Andrew _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
