From bc75188cd86247423e72d8fc19bedc8275706ff7 Mon Sep 17 00:00:00 2001 From: Mark Kettenis Date: Fri, 15 Mar 2024 13:26:10 +0000 Subject: According to errata AC03_CPU_12, AmpereOne needs the loopy branches with a loop count of 11 to mitigate Spectre-BHB. And it seems Cortex-A57 was missed when Spectre-BHB mitigation support was added, so add it here as well. ok jsg@ --- sys/arch/arm64/arm64/cpu.c | 26 ++++++++++++++++++++++++-- sys/arch/arm64/arm64/trampoline.S | 11 +++++++++-- 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/sys/arch/arm64/arm64/cpu.c b/sys/arch/arm64/arm64/cpu.c index b11bf3699ac..70f0ae47a3e 100644 --- a/sys/arch/arm64/arm64/cpu.c +++ b/sys/arch/arm64/arm64/cpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.c,v 1.108 2024/03/05 18:42:20 kettenis Exp $ */ +/* $OpenBSD: cpu.c,v 1.109 2024/03/15 13:26:09 kettenis Exp $ */ /* * Copyright (c) 2016 Dale Rahn @@ -52,6 +52,7 @@ #define CPU_IMPL_AMCC 0x50 #define CPU_IMPL_QCOM 0x51 #define CPU_IMPL_APPLE 0x61 +#define CPU_IMPL_AMPERE 0xc0 /* ARM */ #define CPU_PART_CORTEX_A34 0xd02 @@ -115,6 +116,9 @@ #define CPU_PART_BLIZZARD_MAX 0x038 #define CPU_PART_AVALANCHE_MAX 0x039 +/* Ampere */ +#define CPU_PART_AMPERE1 0xac3 + #define CPU_IMPL(midr) (((midr) >> 24) & 0xff) #define CPU_PART(midr) (((midr) >> 4) & 0xfff) #define CPU_VAR(midr) (((midr) >> 20) & 0xf) @@ -201,6 +205,11 @@ struct cpu_cores cpu_cores_apple[] = { { 0, NULL }, }; +struct cpu_cores cpu_cores_ampere[] = { + { CPU_PART_AMPERE1, "AmpereOne" }, + { 0, NULL }, +}; + /* arm cores makers */ const struct implementers { int id; @@ -212,6 +221,7 @@ const struct implementers { { CPU_IMPL_AMCC, "Applied Micro", cpu_cores_amcc }, { CPU_IMPL_QCOM, "Qualcomm", cpu_cores_qcom }, { CPU_IMPL_APPLE, "Apple", cpu_cores_apple }, + { CPU_IMPL_AMPERE, "Ampere", cpu_cores_ampere }, { 0, NULL }, }; @@ -230,6 +240,7 @@ int arm64_has_aes; extern char trampoline_vectors_none[]; extern char trampoline_vectors_loop_8[]; +extern char trampoline_vectors_loop_11[]; extern char trampoline_vectors_loop_24[]; extern char trampoline_vectors_loop_32[]; #if NPSCI > 0 @@ -419,8 +430,10 @@ cpu_identify(struct cpu_info *ci) * But we might still be vulnerable to Spectre-BHB. If we know the * CPU, we can add a branchy loop that cleans the BHB. */ - if (impl == CPU_IMPL_ARM) { + switch (impl) { + case CPU_IMPL_ARM: switch (part) { + case CPU_PART_CORTEX_A57: case CPU_PART_CORTEX_A72: ci->ci_trampoline_vectors = (vaddr_t)trampoline_vectors_loop_8; @@ -444,6 +457,15 @@ cpu_identify(struct cpu_info *ci) (vaddr_t)trampoline_vectors_loop_32; break; } + break; + case CPU_IMPL_AMPERE: + switch (part) { + case CPU_PART_AMPERE1: + ci->ci_trampoline_vectors = + (vaddr_t)trampoline_vectors_loop_11; + break; + } + break; } /* diff --git a/sys/arch/arm64/arm64/trampoline.S b/sys/arch/arm64/arm64/trampoline.S index 79eca168e5b..c08dba0fee1 100644 --- a/sys/arch/arm64/arm64/trampoline.S +++ b/sys/arch/arm64/arm64/trampoline.S @@ -1,4 +1,4 @@ -/* $OpenBSD: trampoline.S,v 1.4 2022/12/10 10:13:58 patrick Exp $ */ +/* $OpenBSD: trampoline.S,v 1.5 2024/03/15 13:26:09 kettenis Exp $ */ /* * Copyright (c) 2018 Mark Kettenis @@ -45,6 +45,12 @@ .macro spectre_bhb_loop_8_late .endm +.macro spectre_bhb_loop_11_early + spectre_bhb_loop 11 +.endm +.macro spectre_bhb_loop_11_late +.endm + .macro spectre_bhb_loop_24_early spectre_bhb_loop 24 .endm @@ -92,7 +98,7 @@ #endif .macro spectre_bhb_clrbhb_early - hint #22 /* clrbhb */ + clrbhb isb .endm .macro spectre_bhb_clrbhb_late @@ -147,6 +153,7 @@ trampoline_vectors_\bhb: trampoline_vectors: tramp_vector none tramp_vector loop_8 + tramp_vector loop_11 tramp_vector loop_24 tramp_vector loop_32 #if NPSCI > 0 -- cgit v1.2.3