From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by mx.groups.io with SMTP id smtpd.web10.90602.1673309323026806114 for ; Mon, 09 Jan 2023 16:08:43 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@canonical.com header.s=20210705 header.b=pGkyP8D3; spf=pass (domain: canonical.com, ip: 185.125.188.122, mailfrom: dann.frazier@canonical.com) Received: from mail-il1-f198.google.com (mail-il1-f198.google.com [209.85.166.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id D5E183F5D7 for ; Tue, 10 Jan 2023 00:08:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1673309320; bh=a6oW+JkyEJiveCcdd9udxszAXzjkfHDqNaY3gGjFLWM=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=pGkyP8D3S0SkC1pX0Z/ti1/GQ7T0rNCKELnzkXOMYmSvjfeVTxhE7WNVd0hRH68Du kXTaphGdaZ581SimKMSqAbRTljIiDaU4fqYmli69b1L79JCBp/QmcYQEJLFYcBS0mo m5XM+blAjIJqffL+zul6dnhQ1YJ+plpdIvZhVW8LLl82F/0vw7NhyBqvKODg6soFcu AmmjWENwXcn4CbmgpQ23gZeXwNBq9WWwt37zsHTz6254tyy7fxFslo46UHL2oTR7UK MjlntAwafuU+bqJVDEz8iv1kf88lidAF9lc51Vm0EcXAVyq1cmxmZ6c0Wgfq4naJEy FdmI0a+HxfTlg== Received: by mail-il1-f198.google.com with SMTP id x8-20020a056e021ca800b0030c075dc55dso7234862ill.7 for ; Mon, 09 Jan 2023 16:08:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=a6oW+JkyEJiveCcdd9udxszAXzjkfHDqNaY3gGjFLWM=; b=jWebenuDw/hjdVhW0ECFy7IkoOPA8AHJDsSXpZiDCUNNnAVYrWUHeZrXHd7VQcAAr0 up6lRjBRGiwAeg4MVmDnbuoadJz51Y1GRW78PGJ1LV5pmktzGZtka4MhFwO3uf8ulwRU HDTti1Rp+4CDVnQ6rtiW0DfacunM6sttDKvAZ9NXJ0azAvqbMfHVGZM7u6Ovm0higEHc tvGB07cnzbaEtVwwHAKQnQkpQ5RDUIqnncz3Hm9UT08Uz60ZZ8Hsxb5uxz8+3rkaXmwD 18oeNGBBQ0QU8RlMrvW7pXEvN/eKNPoi3ZBQabRm7R+E+XfkGkHsb6RbDPwR8/XPXdRz MZ/A== X-Gm-Message-State: AFqh2kpLM/gF8FCmt05aMQzLJgs5ZYxnA1cji5H9qBb6HQjLjFf0yJoh XPNg5TLYIxessc+p92RD+KKzuJPx638sAaQuuMjT9FDYVfxkX/iYLLHlkYGJqInO/JoKBAQ4yzF 3TypsrtkU1zIdkJSr/G+JiHHb5Nz1Iyo= X-Received: by 2002:a05:6e02:d89:b0:30d:a431:870e with SMTP id i9-20020a056e020d8900b0030da431870emr4703775ilj.12.1673309319412; Mon, 09 Jan 2023 16:08:39 -0800 (PST) X-Google-Smtp-Source: AMrXdXsFEvh5zohmASFSiyBf/ZMGMli5kdUjmFBBa0qiEcpiKfhx39p2KxO73HRfZX1B1ujvKWFDJQ== X-Received: by 2002:a05:6e02:d89:b0:30d:a431:870e with SMTP id i9-20020a056e020d8900b0030da431870emr4703761ilj.12.1673309319052; Mon, 09 Jan 2023 16:08:39 -0800 (PST) Received: from xps13.dannf ([38.15.56.166]) by smtp.gmail.com with ESMTPSA id c2-20020a023f42000000b0039decb5b452sm3144257jaf.65.2023.01.09.16.08.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Jan 2023 16:08:38 -0800 (PST) Date: Mon, 9 Jan 2023 17:08:36 -0700 From: "dann frazier" To: Ard Biesheuvel Cc: devel@edk2.groups.io Subject: Re: [PATCH v2 2/2] ArmVirtPkg/ArmVirtQemu: Avoid early ID map on ThunderX Message-ID: References: <20230105162528.1430368-1-ardb@kernel.org> <20230105162528.1430368-2-ardb@kernel.org> MIME-Version: 1.0 In-Reply-To: <20230105162528.1430368-2-ardb@kernel.org> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Jan 05, 2023 at 05:25:28PM +0100, Ard Biesheuvel wrote: > The early ID map used by ArmVirtQemu uses ASID scoped non-global > mappings, as this allows us to switch to the permanent ID map seamlessly > without the need for explicit TLB maintenance. > > However, this triggers a known erratum on ThunderX, which does not > tolerate non-global mappings that are executable at EL1, as this appears > to result in I-cache corruption. (Linux disables the KPTI based Meltdown > mitigation on ThunderX for the same reason) > > So work around this, by detecting the CPU implementor and part number, > and proceeding without the early ID map if a ThunderX CPU is detected. > > Note that this requires the C code to be built with strict alignment > again, as we may end up executing it with the MMU and caches off. > > Signed-off-by: Ard Biesheuvel > --- > ArmVirtPkg/ArmVirtQemu.dsc | 5 +++++ > ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S | 15 +++++++++++++++ > 2 files changed, 20 insertions(+) FTR, this v2 series also worked for me. -dann > diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc > index f77443229e8e..5dd8b6104cca 100644 > --- a/ArmVirtPkg/ArmVirtQemu.dsc > +++ b/ArmVirtPkg/ArmVirtQemu.dsc > @@ -31,6 +31,7 @@ [Defines] > DEFINE SECURE_BOOT_ENABLE = FALSE > DEFINE TPM2_ENABLE = FALSE > DEFINE TPM2_CONFIG_ENABLE = FALSE > + DEFINE CAVIUM_ERRATUM_27456 = FALSE > > # > # Network definition > @@ -117,7 +118,11 @@ [LibraryClasses.common.UEFI_DRIVER] > UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf > > [BuildOptions] > +!if $(CAVIUM_ERRATUM_27456) == TRUE > + GCC:*_*_AARCH64_PP_FLAGS = -DCAVIUM_ERRATUM_27456 > +!else > GCC:*_*_AARCH64_CC_XIPFLAGS == > +!endif > > !include NetworkPkg/NetworkBuildOptions.dsc.inc > > diff --git a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S > index 1787d52fbf51..5ac7c732f6ec 100644 > --- a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S > +++ b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S > @@ -42,6 +42,21 @@ > > > ASM_FUNC(ArmPlatformPeiBootAction) > +#ifdef CAVIUM_ERRATUM_27456 > + /* > + * On Cavium ThunderX, using non-global mappings that are executable at EL1 > + * results in I-cache corruption. So just avoid the early ID mapping there. > + * > + * MIDR implementor 0x43 > + * MIDR part numbers 0xA1 0xA2 (but not 0xAF) > + */ > + mrs x0, midr_el1 // read the MIDR into X0 > + ubfx x1, x0, #24, #8 // grab implementor id > + ubfx x0, x0, #7, #9 // grab part number bits [11:3] > + cmp x1, #0x43 // compare implementor id > + ccmp x0, #0xA0 >> 3, #0, eq // compare part# bits [11:3] > + b.eq 0f > +#endif > mrs x0, CurrentEL // check current exception level > tbnz x0, #3, 0f // omit early ID map if above EL1 >