Commit d8fbc844 authored by Marc Zyngier's avatar Marc Zyngier Committed by Greg Kroah-Hartman

arm64: ssbd: Restore mitigation status on CPU resume

commit 647d0519b53f440a55df163de21c52a8205431cc upstream.

On a system where firmware can dynamically change the state of the
mitigation, the CPU will always come up with the mitigation enabled,
including when coming back from suspend.

If the user has requested "no mitigation" via a command line option,
let's enforce it by calling into the firmware again to disable it.

Similarily, for a resume from hibernate, the mitigation could have
been disabled by the boot kernel. Let's ensure that it is set
back on in that case.
Acked-by: default avatarWill Deacon <>
Reviewed-by: default avatarMark Rutland <>
Signed-off-by: default avatarMarc Zyngier <>
Signed-off-by: default avatarCatalin Marinas <>
Signed-off-by: default avatarMarc Zyngier <>
Signed-off-by: default avatarGreg Kroah-Hartman <>
parent 42f967de
......@@ -237,6 +237,12 @@ static inline int arm64_get_ssbd_state(void)
void arm64_set_ssbd_mitigation(bool state);
static inline void arm64_set_ssbd_mitigation(bool state) {}
#endif /* __ASSEMBLY__ */
......@@ -258,7 +258,7 @@ void __init arm64_enable_wa2_handling(struct alt_instr *alt,
*updptr = cpu_to_le32(aarch64_insn_gen_nop());
static void arm64_set_ssbd_mitigation(bool state)
void arm64_set_ssbd_mitigation(bool state)
switch (psci_ops.conduit) {
......@@ -308,6 +308,17 @@ int swsusp_arch_suspend(void)
sleep_cpu = -EINVAL;
* Just in case the boot kernel did turn the SSBD
* mitigation off behind our back, let's set the state
* to what we expect it to be.
switch (arm64_get_ssbd_state()) {
......@@ -67,6 +67,14 @@ void notrace __cpu_suspend_exit(void)
if (hw_breakpoint_restore)
* On resume, firmware implementing dynamic mitigation will
* have turned the mitigation on. If the user has forcefully
* disabled it, make sure their wishes are obeyed.
if (arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment