File xsa398-2.patch of Package xen.24553
# Commit 599616d70eb886b9ad0ef9d6b51693ce790504ba
# Date 2022-03-08 16:38:02 +0000
# Author Bertrand Marquis <bertrand.marquis@arm.com>
# Committer Andrew Cooper <andrew.cooper3@citrix.com>
xen/arm: move errata CSV2 check earlier
CSV2 availability check is done after printing to the user that
workaround 1 will be used. Move the check before to prevent saying to the
user that workaround 1 is used when it is not because it is not needed.
This will also allow to reuse install_bp_hardening_vec function for
other use cases.
Code previously returning "true", now returns "0" to conform to
enable_smccc_arch_workaround_1 returning an int and surrounding code
doing a "return 0" if workaround is not needed.
This is part of XSA-398 / CVE-2022-23960.
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Reviewed-by: Julien Grall <julien@xen.org>
--- a/xen/arch/arm/cpuerrata.c
+++ b/xen/arch/arm/cpuerrata.c
@@ -102,13 +102,6 @@ install_bp_hardening_vec(const struct ar
printk(XENLOG_INFO "CPU%u will %s on exception entry\n",
smp_processor_id(), desc);
- /*
- * No need to install hardened vector when the processor has
- * ID_AA64PRF0_EL1.CSV2 set.
- */
- if ( cpu_data[smp_processor_id()].pfr64.csv2 )
- return true;
-
spin_lock(&bp_lock);
/*
@@ -167,6 +160,13 @@ static int enable_smccc_arch_workaround_
if ( !entry->matches(entry) )
return 0;
+ /*
+ * No need to install hardened vector when the processor has
+ * ID_AA64PRF0_EL1.CSV2 set.
+ */
+ if ( cpu_data[smp_processor_id()].pfr64.csv2 )
+ return 0;
+
if ( smccc_ver < SMCCC_VERSION(1, 1) )
goto warn;