Hi All,
I pushed a draft version of backport to git://git.linaro.org/kernel/linux-linaro-stable.git lts-v4.9-kpti
The backport based on arm tree: https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti
The following commit aren't included for couple reasons: a, bpf patch included in LTS; b falkor isn't supported in LTS c, PAN isn't supported on LTS;
bpf: prevent out-of-bounds speculation arm64: Implement branch predictor hardening for Falkor arm64: kpti: Fix the interaction between ASID switching and software PAN arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR perf: arm_spe: Fail device probe when arm64_kernel_unmapped_at_el0() arm64: erratum: Work around Falkor erratum #E1003 in trampoline code arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN arm64: mm: Rename post_ttbr0_update_workaround arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
The kernelci testing show it can boot on 82 boards but failed on 12 boards on latest commit c9966001e6cac2e7c9f8 https://kernelci.org/boot/all/job/lsk/branch/linux-linaro-lsk-v4.9-test/kern...
Debug show the failure is due to __bp_harden_hyp_vecs_start isn't mapped during booting. So guess I missed some commits from arch/arm/kvm/arm.c to virt/kvm/arm/arm.c when doing pick up: d00aff63b0b arm64: KVM: Use per-CPU vector when BP hardening is enabled
Any hints are appreciated! kvm_arch_init -> init_hyp_mode(conditionally) ->kvm_map_vectors -> create_hyp_mappings(__bp_harden_hyp_vecs_start)
Regards Alex
CPU features: detected feature: 32-bit EL0 Support [ 0.092699] CPU features: detected feature: Kernel page table isolation (KPTI) [ 0.100912] Unable to handle kernel paging request at virtual address ffff800000095000 [ 0.101805] pgd = ffff000008e81000 [ 0.102224] [ffff800000095000] *pgd=000000005eff8003, *pud=000000005eff7003, *pmd=000000005eff6003, *pte=00e0000040095f93 [ 0.104045] Internal error: Oops: 9600004f [#1] PREEMPT SMP [ 0.104710] Modules linked in: [ 0.105400] CPU: 0 PID: 10 Comm: migration/0 Not tainted 4.9.78-00038-gc996600-dirty #67 [ 0.105993] Hardware name: linux,dummy-virt (DT) [ 0.106548] task: ffff80001d86f080 task.stack: ffff80001d8a8000 [ 0.108086] PC is at __memcpy+0xc0/0x180 [ 0.108422] LR is at enable_psci_bp_hardening+0x190/0x218 [ 0.108830] pc : [<ffff0000083786c0>] lr : [<ffff00000808ca98>] pstate: 800000c5 [ 0.109294] sp : ffff80001d8abcd0
[PATCH 01/38] arm64: mm: Use non-global mappings for kernel space [PATCH 02/38] arm64: mm: Move ASID from TTBR0 to TTBR1 [PATCH 03/38] arm64: mm: Allocate ASIDs in pairs [PATCH 04/38] arm64: mm: Add arm64_kernel_unmapped_at_el0 helper [PATCH 05/38] arm64: mm: Invalidate both kernel and user ASIDs when [PATCH 06/38] arm64: factor out entry stack manipulation [PATCH 07/38] arm64: entry.S: move SError handling into a C function [PATCH 08/38] module: extend 'rodata=off' boot cmdline parameter to [PATCH 09/38] arm64: entry: Add exception trampoline page for [PATCH 10/38] arm64: mm: Map entry trampoline into trampoline and [PATCH 11/38] arm64: entry: Explicitly pass exception level to [PATCH 12/38] arm64: entry: Hook up entry trampoline to exception [PATCH 13/38] arm64: tls: Avoid unconditional zeroing of tpidrro_el0 [PATCH 14/38] arm64: entry: Add fake CPU feature for unmapping the [PATCH 15/38] arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 [PATCH 16/38] arm64: kaslr: Put kernel vectors address in separate [PATCH 17/38] arm64: cpufeature: Pass capability structure to [PATCH 18/38] arm64: Allow checking of a CPU-local erratum [PATCH 19/38] arm64: capabilities: Handle duplicate entries for a [PATCH 20/38] arm64: use RET instruction for exiting the trampoline [PATCH 21/38] arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig [PATCH 22/38] arm64: Take into account ID_AA64PFR0_EL1.CSV3 [PATCH 23/38] drivers/firmware: Expose psci_get_version through [PATCH 24/38] mm: Introduce lm_alias [PATCH 25/38] arm64: Move post_ttbr_update_workaround to C code [PATCH 26/38] arm64: Add skeleton to harden the branch predictor [PATCH 27/38] arm64: KVM: Use per-CPU vector when BP hardening is [PATCH 28/38] arm64: KVM: Make PSCI_VERSION a fast path [PATCH 29/38] arm64: cpu_errata: Allow an erratum to be match for all [PATCH 30/38] arm64: cputype: Add missing MIDR values for Cortex-A72 [PATCH 31/38] arm64: Implement branch predictor hardening for [PATCH 32/38] arm64: cputype: Add MIDR values for Cavium ThunderX2 [PATCH 33/38] arm: Add BTB invalidation on switch_mm for Cortex-A9, [PATCH 34/38] arm: KVM: Invalidate BTB on guest exit [PATCH 35/38] arm: Add icache invalidation on switch_mm for [PATCH 36/38] arm: KVM: Invalidate icache on guest exit for [PATCH 37/38] arm: Invalidate BTB on prefetch abort outside of user [PATCH 38/38] arm: Invalidate icache on prefetch abort outside of