HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS328467

Implement mitigation for Spectre version 2 attacks on ARMv7.
rS328467
Actions

Description

Implement mitigation for Spectre version 2 attacks on ARMv7.

Similarly as we already do for arm64, for mitigation is necessary to
flush branch predictor when we:

  • do task switch
  • receive prefetch abort on non-userspace address

The user can disable this mitigation by setting 'machdep.disable_bp_hardening'
sysctl variable, or it can check actual system status by reading
'machdep.spectre_v2_safe'

The situation is complicated by fact that:

  • for Cortex-A8, the BPIALL instruction is effectively NOP until the IBE bit in ACTLR is set.
  • for Cortex-A15, the BPIALL is always NOP. The branch predictor can be only flushed by doing ICIALLU with special bit (Enable invalidates of BTB) set in ACTLR.

Since access to the ACTLR register is locked to secure monitor/firmware on
most boards, they will also need update of firmware / U-boot.
In worst case, when secure monitor is on-chip ROM (e.g. PandaBoard),
the board is unfixable.

MFC after: 2 weeks
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D13931

Details

Provenance
mmelAuthored on
Reviewer
imp
Differential Revision
D13931: Implement mitigation for Spectre Version 2 attacks on ARMv7.
Parents
rS328466: Fix pmap_fault().
Branches
Unknown
Tags
Unknown

Changes (8)

PathSize
head/
sys/
arm/
arm/
include/

rS328467

View Options

head/sys/arm/arm/cpuinfo.c

Loading...
View Options

head/sys/arm/arm/genassym.c

Loading...
View Options

head/sys/arm/arm/machdep.c

Loading...
View Options

head/sys/arm/arm/mp_machdep.c

Loading...
View Options

head/sys/arm/arm/swtch-v6.S

Loading...
View Options

head/sys/arm/arm/trap-v6.c

Loading...
View Options

head/sys/arm/include/cpuinfo.h

Loading...
View Options

head/sys/arm/include/pcpu.h

Loading...