From owner-svn-src-all@freebsd.org  Fri Jan 12 14:37:55 2018
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85086E6863F
 for <svn-src-all@mailman.ysv.freebsd.org>;
 Fri, 12 Jan 2018 14:37:55 +0000 (UTC)
 (envelope-from wlosh@bsdimp.com)
Received: from mail-it0-x232.google.com (mail-it0-x232.google.com
 [IPv6:2607:f8b0:4001:c0b::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47B966D693
 for <svn-src-all@freebsd.org>; Fri, 12 Jan 2018 14:37:55 +0000 (UTC)
 (envelope-from wlosh@bsdimp.com)
Received: by mail-it0-x232.google.com with SMTP id c16so9288880itc.5
 for <svn-src-all@freebsd.org>; Fri, 12 Jan 2018 06:37:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bsdimp-com.20150623.gappssmtp.com; s=20150623;
 h=mime-version:sender:in-reply-to:references:from:date:message-id
 :subject:to:cc;
 bh=wgSF2+VfuwU8M83moU1SY/WYdvAZyjtzABKKJDb8OuA=;
 b=SM+J2DfitOLPlGSo3FwO/lo6DzJImsVVf7u+Dwy/zgXfEh4GGb4hNuX2e+6uAAA3Xu
 iBYFKfbtKHWyE0+hcsxU5II0XY/83KUJk6iOlIBuorPp/XvTGV7x1C6cOR8sPXxNaPDs
 fhxz+B51EgMhVtFzJJtzAjdiviQsSNuPc4ED5Qe+zRt8V9rkHy4Ym+WkVJkSyf2IIQeh
 AoSho4YXsTeFtJRSf+iLu2K9YhwCJJyE2e6Od28oGNHrFNGpBCM7+cQiDvO+QOV3vBJp
 ImGgCz2GKZWGCBAVvbo3l7YsrMNcsbrknnnUdxC67ivbbMILtlEmwgiCLPN7Y8uqYf+K
 EGog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
 :date:message-id:subject:to:cc;
 bh=wgSF2+VfuwU8M83moU1SY/WYdvAZyjtzABKKJDb8OuA=;
 b=hhvuqWcjziVUji6EgQWbcMZ25yx4++SFDSJUbDJ3cyhQRpR9XYds/OIydXiB/SZUNQ
 2mQcLwlbMlpfuWPUZb98nynQlZ1qSWVfvSfdwcVWwP4tTG9Onk8zHPDpxzo/rzfGXKsb
 L+cqMDgQvvE65nKiF0jfVwRtX31u5CS962lItH1+v7W/lPLVDxJBbphDQl6R36JyQtWM
 vB0bvqW43jHuIyJ6++iQ5UGS2nroGQAqrxyvWQyiUwJjrBhcUtgxJmYer4NOMgEvk/Cl
 Ai6aU3ne2m6kgdmC6P2gQnlEMHmC6G0ODJ8L077FHuvAN8ex4gzEWmxsmqVEflsGPHjI
 BwDQ==
X-Gm-Message-State: AKwxytchovjzKKzqOZWtchZkI367/PmA6a27yOsHmiorekQ7z3sTRxfn
 SxPLfhgyIREVvmTvOTpMqfRQNgLvAI7Uj547LdF3UQ==
X-Google-Smtp-Source: ACJfBotPn1yGWNbdfa/CoiJdfNLhg2UbxHlgrQQwTKTjgkDLuYt8EQHE95pMXfJ3FSTrqumjcLKdcOoXzhnqPBzsVZ8=
X-Received: by 10.36.3.144 with SMTP id e138mr5183691ite.97.1515767874286;
 Fri, 12 Jan 2018 06:37:54 -0800 (PST)
MIME-Version: 1.0
Sender: wlosh@bsdimp.com
Received: by 10.79.199.131 with HTTP; Fri, 12 Jan 2018 06:37:53 -0800 (PST)
X-Originating-IP: [2603:300b:6:5100:18a2:a4f7:170:8dd9]
In-Reply-To: <FEDCB2AD-AFF1-4C10-9191-76601A66BC1D@freebsd.org>
References: <201801121401.w0CE1cW4058239@repo.freebsd.org>
 <CAPv3WKcESa_AL=R-BFwef2GXxHcYsnmbUOV3Zx5qL8WdMS-o3Q@mail.gmail.com>
 <FEDCB2AD-AFF1-4C10-9191-76601A66BC1D@freebsd.org>
From: Warner Losh <imp@bsdimp.com>
Date: Fri, 12 Jan 2018 07:37:53 -0700
X-Google-Sender-Auth: p_Xw6E5vKhNyee-Zw749MfTYgtw
Message-ID: <CANCZdfpfEJcxdGeya1_6jT=RKdT8VUw+Y7Ma2Z=+k6DY_XaG4g@mail.gmail.com>
Subject: Re: svn commit: r327876 - in head/sys/arm64: arm64 include
To: Andrew Turner <andrew@freebsd.org>
Cc: Marcin Wojtas <mw@semihalf.com>,
 src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, 
 svn-src-head@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2018 14:37:55 -0000

On Fri, Jan 12, 2018 at 7:15 AM, Andrew Turner <andrew@freebsd.org> wrote:

>
>
> On 12 Jan 2018, at 14:10, Marcin Wojtas <mw@semihalf.com> wrote:
>
> Hi Andrew,
>
>
>
> 2018-01-12 15:01 GMT+01:00 Andrew Turner <andrew@freebsd.org>:
>
> Author: andrew
> Date: Fri Jan 12 14:01:38 2018
> New Revision: 327876
> URL: https://svnweb.freebsd.org/changeset/base/327876
>
> Log:
>  Workaround Spectre Variant 2 on arm64.
>
>  We need to handle two cases:
>
>  1. One process attacking another process.
>  2. A process attacking the kernel.
>
>  For the first case we clear the branch predictor state on context switch
>  between different processes. For the second we do this when taking an
>  instruction abort on a non-userspace address.
>
>  To clear the branch predictor state a per-CPU function pointer has been
>  added. This is set by the new cpu errata code based on if the CPU is
>  known to be affected.
>
>  On Cortex-A57, A72, A73, and A75 we call into the PSCI firmware as newer
>  versions of this will clear the branch predictor state for us.
>
>  It has been reported the ThunderX is unaffected, however the ThunderX2 is
>  vulnerable. The Qualcomm Falkor core is also affected. As FreeBSD doesn't
>  yet run on the ThunderX2 or Falkor no workaround is included for these
> CPUs.
>
>
> Regardless ThunderX2 / Falkor work-arounds, do I understand correctly
> that pure CA72 machines, such as Marvell Armada 7k/8k are immune to
> Variant 2 now?
>
>
> It is my understanding that the A72 will be immune with this patch and an
> updated Arm Trusted Firmware as documented in [1].
>
> Andrew
>
> [1] https://github.com/ARM-software/arm-trusted-firmware/
> wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6
>

Are you also working on aarch32 mitigation?

Warner