Stijn Tintel 6c075777d5 kernel: add missing ARM64_SSBD symbol
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.

This mitigates CVE-2018-3639 on ARM64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 77e3e706ce0dfe653a28e088bdcf0acddead0091)
2018-08-06 09:17:31 +02:00
..
2017-05-03 23:20:12 +08:00
2018-08-06 09:17:31 +02:00
2016-12-16 07:56:35 +01:00
2017-06-29 04:46:59 +02:00
2018-01-09 14:40:54 +01:00

This is intended to be used with LEDE project to provide image for use with
QEMU ARM virt machine.

Run with qemu-system-arm

	# boot with initramfs embedded in
	qemu-system-arm -nographic -M virt -m 64 -kernel openwrt-armvirt-32-zImage-initramfs

	# boot with accel=kvm
	qemu-system-arm -nographic -M virt,accel=kvm -cpu host -m 64 -kernel
	openwrt-armvirt-32-zImage-initramfs

	# boot with a separate rootfs
	qemu-system-arm -nographic -M virt -m 64 -kernel openwrt-armvirt-32-zImage \
	  -drive file=openwrt-armvirt-32-root.ext4,format=raw,if=virtio -append 'root=/dev/vda rootwait'

	# boot with local dir as rootfs
	qemu-system-arm -nographic -M virt -m 64 -kernel openwrt-armvirt-32-zImage \
	  -fsdev local,id=rootdev,path=root-armvirt/,security_model=none \
	  -device virtio-9p-pci,fsdev=rootdev,mount_tag=/dev/root \
	  -append 'rootflags=trans=virtio,version=9p2000.L,cache=loose rootfstype=9p'

Run with kvmtool

	# start a named machine
	lkvm run -k openwrt-armvirt-32-zImage -i openwrt-armvirt-32-rootfs.cpio --name armvirt0

	# start with virtio-9p rootfs
	lkvm run -k openwrt-armvirt-32-zImage -d root-armvirt/

	# stop "armvirt0"
	lkvm stop --name armvirt0

	# stop all
	lkvm stop --all

The multi-platform ARMv8 target can be used with QEMU:

	qemu-system-aarch64 -machine virt -cpu cortex-a57 -nographic \
		-kernel openwrt-armvirt-64-Image-initramfs \