Revert "Emit speculation barriers after ERETs"
This reverts commit 366cb48b89ac012a44c3b45cf861649d1c704d42.
Accidentally pushed directly to main tree.
Bug: 146490856
diff --git a/build/image/check_elf.py b/build/image/check_elf.py
deleted file mode 100644
index e429aa2..0000000
--- a/build/image/check_elf.py
+++ /dev/null
@@ -1,89 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2019 The Hafnium Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#!/usr/bin/env python
-"""Convert a file to binary format.
-
-Calls objcopy to convert a file into raw binary format.
-"""
-
-import argparse
-import os
-import re
-import subprocess
-import sys
-
-HF_ROOT = os.path.dirname(os.path.dirname(os.path.dirname(__file__)))
-CLANG_ROOT = os.path.join(HF_ROOT, "prebuilts", "linux-x64", "clang")
-OBJDUMP = os.path.join(CLANG_ROOT, "bin", "llvm-objdump")
-
-def check_b_146490856(objdump_stdout):
- """ARM64 CPUs speculatively execute instructions after ERET
-
- Check that every ERET is followed by DSB NSH and ISB.
- """
- # Ensure that at least one instance was found, otherwise the regexes are
- # probably wrong.
- found = False
-
- STATE_DEFAULT = 1
- STATE_EXPECT_DSB_NSH = 2
- STATE_EXPECT_ISB = 3
-
- REGEX_ERET = re.compile(r"^\s*[0-9a-f]+:\s*e0 03 9f d6\s*eret$")
- REGEX_DSB_NSH = re.compile(r"^\s*[0-9a-f]+:\s*9f 37 03 d5\s*dsb\s*nsh$")
- REGEX_ISB = re.compile(r"^\s*[0-9a-f]+:\s*df 3f 03 d5\s*isb$")
-
- state = STATE_DEFAULT
- for line in objdump_stdout:
- if state == STATE_DEFAULT:
- if re.match(REGEX_ERET, line):
- found = True
- state = STATE_EXPECT_DSB_NSH
- elif state == STATE_EXPECT_DSB_NSH:
- if re.match(REGEX_DSB_NSH, line):
- state = STATE_EXPECT_ISB
- else:
- raise Exception("ERET not followed by DSB NSH")
- elif state == STATE_EXPECT_ISB:
- if re.match(REGEX_ISB, line):
- state = STATE_DEFAULT
- else:
- raise Exception("ERET not followed by ISB")
-
- if not found:
- raise Exception("Could not find any instance of b/146490856")
-
-def Main():
- parser = argparse.ArgumentParser()
- parser.add_argument("input_elf", help="ELF file to analyze")
- parser.add_argument("stamp_file", help="file to be touched if successful")
- args = parser.parse_args()
-
- objdump_stdout = subprocess.check_output([
- OBJDUMP, "-d", args.input_elf ])
- objdump_stdout = objdump_stdout.splitlines()
-
- check_b_146490856(objdump_stdout)
-
- # Touch `stamp_file`.
- with open(args.stamp_file, "w"):
- pass
-
- return 0
-
-if __name__ == "__main__":
- sys.exit(Main())
diff --git a/build/image/image.gni b/build/image/image.gni
index c9ed98d..f116cb6 100644
--- a/build/image/image.gni
+++ b/build/image/image.gni
@@ -25,15 +25,8 @@
}
output_root += invoker.image_name
- file_root = "${root_out_dir}/${output_root}"
- elf_file = "${file_root}.elf"
- bin_file = "${file_root}.bin"
-
- elf_target = "${target_name}__elf"
- checked_elf_target = "${target_name}__checked_elf"
-
# Link objects together
- executable(elf_target) {
+ executable("${target_name}__elf") {
forward_variables_from(invoker,
[
"cflags",
@@ -54,41 +47,20 @@
"-T",
rebase_path("//build/image/image.ld"),
]
- visibility = [ ":${checked_elf_target}", ":${invoker.target_name}" ]
- }
-
- action(checked_elf_target) {
- forward_variables_from(invoker, [ "testonly" ])
- stamp_file = elf_file + "_check.stamp"
-
- script = "//build/image/check_elf.py"
- deps = [
- ":${elf_target}",
- ]
- args = [
- rebase_path(elf_file),
- rebase_path(stamp_file),
- ]
- outputs = [
- stamp_file,
- ]
visibility = [ ":${invoker.target_name}" ]
}
action(target_name) {
forward_variables_from(invoker, [ "testonly" ])
- script = "//build/image/convert_to_binary.py"
+ file_root = "${root_out_dir}/${output_root}"
+ elf_file = "${file_root}.elf"
+ bin_file = "${file_root}.bin"
- if (defined(invoker.check_binary) && invoker.check_binary == true) {
- deps = [
- ":${checked_elf_target}",
- ]
- } else {
- deps = [
- ":${elf_target}",
- ]
- }
+ script = "//build/image/convert_to_binary.py"
+ deps = [
+ ":${target_name}__elf",
+ ]
args = [
"--input",
rebase_path(elf_file),
@@ -115,10 +87,6 @@
"testonly",
])
image_name = target_name
-
- # Perform checks on the generated binary to prevent regressing on some
- # classes of bugs, typically CPU erratas.
- check_binary = true
}
}
diff --git a/src/arch/aarch64/exception_macros.S b/src/arch/aarch64/exception_macros.S
index 7214e8e..642ee98 100644
--- a/src/arch/aarch64/exception_macros.S
+++ b/src/arch/aarch64/exception_macros.S
@@ -15,23 +15,6 @@
*/
/**
- * From Linux commit 679db70801da9fda91d26caf13bf5b5ccc74e8e8:
- * "Some CPUs can speculate past an ERET instruction and potentially perform
- * speculative accesses to memory before processing the exception return.
- * Since the register state is often controlled by a lower privilege level
- * at the point of an ERET, this could potentially be used as part of a
- * side-channel attack."
- *
- * This macro emits a speculation barrier after the ERET to prevent the CPU
- * from speculating past the exception return.
- */
-.macro eret_with_sb
- eret
- dsb nsh
- isb
-.endm
-
-/**
* Saves the volatile registers onto the stack. This currently takes 14
* instructions, so it can be used in exception handlers with 18 instructions
* left, 2 of which in the same cache line (assuming a 16-byte cache line).
@@ -107,7 +90,7 @@
bl \handler
restore_volatile_from_stack \elx
msr spsel, #0
- eret_with_sb
+ eret
.endm
/**
diff --git a/src/arch/aarch64/hftest/exceptions.S b/src/arch/aarch64/hftest/exceptions.S
index 8e62170..b54e4d2 100644
--- a/src/arch/aarch64/hftest/exceptions.S
+++ b/src/arch/aarch64/hftest/exceptions.S
@@ -113,8 +113,8 @@
skip_elr:
/* Restore register spsr_el1 using x1 as scratch. */
ldr x1, [sp, #8 * 23]
- msr spsr_el1, x1
+ msr spsr_el1, x1
/* Restore x0 & x1, and release stack space. */
ldp x0, x1, [sp], #8 * 24
- eret_with_sb
+ eret
diff --git a/src/arch/aarch64/hypervisor/exceptions.S b/src/arch/aarch64/hypervisor/exceptions.S
index a4c12af..2f47c00 100644
--- a/src/arch/aarch64/hypervisor/exceptions.S
+++ b/src/arch/aarch64/hypervisor/exceptions.S
@@ -518,7 +518,7 @@
/* Restore x0..x3, which we have used as scratch before. */
ldp x2, x3, [x0, #VCPU_REGS + 8 * 2]
ldp x0, x1, [x0, #VCPU_REGS + 8 * 0]
- eret_with_sb
+ eret
.balign 0x40
/**
@@ -526,4 +526,4 @@
*/
restore_from_stack_and_return:
restore_volatile_from_stack el2
- eret_with_sb
+ eret