arm64: Enable ARM64_HARDEN_EL2_VECTORS on Cortex-A57 and A72

Cortex-A57 and A72 are vulnerable to the so-called "variant 3a" of
Meltdown, where an attacker can speculatively obtain the value
of a privileged system register.

By enabling ARM64_HARDEN_EL2_VECTORS on these CPUs, obtaining
VBAR_EL2 is not disclosing the hypervisor mappings anymore.

Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>

diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 8cf6b60..aacdc11 100644 (file)
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -425,6 +425,18 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
                .enable = enable_smccc_arch_workaround_1,
        },
 #endif
+#ifdef CONFIG_HARDEN_EL2_VECTORS
+       {
+               .desc = "Cortex-A57 EL2 vector hardening",
+               .capability = ARM64_HARDEN_EL2_VECTORS,
+               MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
+       },
+       {
+               .desc = "Cortex-A72 EL2 vector hardening",
+               .capability = ARM64_HARDEN_EL2_VECTORS,
+               MIDR_ALL_VERSIONS(MIDR_CORTEX_A72),
+       },
+#endif
        {
        }
 };