Patch "sched: Fix crash in sched_init_numa()" has been added to the 4.3-stable tree
This is a note to let you know that I've just added the patch titled
sched: Fix crash in sched_init_numa()
to the 4.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
sched-fix-crash-in-sched_init_numa.patch
and it can be found in the queue-4.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
From 9c03ee147193645be4c186d3688232fa438c57c7 Mon Sep 17 00:00:00 2001
From: Raghavendra K T
Date: Sat, 16 Jan 2016 00:31:23 +0530
Subject: sched: Fix crash in sched_init_numa()
From: Raghavendra K T
commit 9c03ee147193645be4c186d3688232fa438c57c7 upstream.
The following PowerPC commit:
c118baf80256 ("arch/powerpc/mm/numa.c: do not allocate bootmem memory for non
existing nodes")
avoids allocating bootmem memory for non existent nodes.
But when DEBUG_PER_CPU_MAPS=y is enabled, my powerNV system failed to boot
because in sched_init_numa(), cpumask_or() operation was done on
unallocated nodes.
Fix that by making cpumask_or() operation only on existing nodes.
[ Tested with and w/o DEBUG_PER_CPU_MAPS=y on x86 and PowerPC. ]
Reported-by: Jan Stancek
Tested-by: Jan Stancek
Signed-off-by: Raghavendra K T
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Link:
http://lkml.kernel.org/r/1452884483-11676-1-git-send-email-raghavendra...@linux.vnet.ibm.com
Signed-off-by: Ingo Molnar
Signed-off-by: Greg Kroah-Hartman
---
kernel/sched/core.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6678,7 +6678,7 @@ static void sched_init_numa(void)
sched_domains_numa_masks[i][j] = mask;
- for (k = 0; k < nr_node_ids; k++) {
+ for_each_node(k) {
if (node_distance(j, k) >
sched_domains_numa_distance[i])
continue;
Patches currently in stable-queue which might be from
raghavendra...@linux.vnet.ibm.com are
queue-4.3/sched-fix-crash-in-sched_init_numa.patch
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
Patch "sched: Fix crash in sched_init_numa()" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled
sched: Fix crash in sched_init_numa()
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
sched-fix-crash-in-sched_init_numa.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
From 9c03ee147193645be4c186d3688232fa438c57c7 Mon Sep 17 00:00:00 2001
From: Raghavendra K T
Date: Sat, 16 Jan 2016 00:31:23 +0530
Subject: sched: Fix crash in sched_init_numa()
From: Raghavendra K T
commit 9c03ee147193645be4c186d3688232fa438c57c7 upstream.
The following PowerPC commit:
c118baf80256 ("arch/powerpc/mm/numa.c: do not allocate bootmem memory for non
existing nodes")
avoids allocating bootmem memory for non existent nodes.
But when DEBUG_PER_CPU_MAPS=y is enabled, my powerNV system failed to boot
because in sched_init_numa(), cpumask_or() operation was done on
unallocated nodes.
Fix that by making cpumask_or() operation only on existing nodes.
[ Tested with and w/o DEBUG_PER_CPU_MAPS=y on x86 and PowerPC. ]
Reported-by: Jan Stancek
Tested-by: Jan Stancek
Signed-off-by: Raghavendra K T
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Cc:
Link:
http://lkml.kernel.org/r/1452884483-11676-1-git-send-email-raghavendra...@linux.vnet.ibm.com
Signed-off-by: Ingo Molnar
Signed-off-by: Greg Kroah-Hartman
---
kernel/sched/core.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6738,7 +6738,7 @@ static void sched_init_numa(void)
sched_domains_numa_masks[i][j] = mask;
- for (k = 0; k < nr_node_ids; k++) {
+ for_each_node(k) {
if (node_distance(j, k) >
sched_domains_numa_distance[i])
continue;
Patches currently in stable-queue which might be from
raghavendra...@linux.vnet.ibm.com are
queue-4.4/sched-fix-crash-in-sched_init_numa.patch
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
Patch "[PATCH stable v4.14 10/32] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 10/32] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64-add-config_ppc_barrier_nospec.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:58 +1100
Subject: [PATCH stable v4.14 10/32] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-11-...@ellerman.id.au>
From: Michael Ellerman
commit 179ab1cbf883575c3a585bcfc0f2160f1d22a149 upstream.
Add a config symbol to encode which platforms support the
barrier_nospec speculation barrier. Currently this is just Book3S 64
but we will add Book3E in a future patch.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/Kconfig |7 ++-
arch/powerpc/include/asm/barrier.h |6 +++---
arch/powerpc/include/asm/setup.h |2 +-
arch/powerpc/kernel/Makefile |3 ++-
arch/powerpc/kernel/module.c |4 +++-
arch/powerpc/kernel/vmlinux.lds.S |4 +++-
arch/powerpc/lib/feature-fixups.c |6 --
7 files changed, 22 insertions(+), 10 deletions(-)
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -164,7 +164,7 @@ config PPC
select GENERIC_CLOCKEVENTS_BROADCASTif SMP
select GENERIC_CMOS_UPDATE
select GENERIC_CPU_AUTOPROBE
- select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64
+ select GENERIC_CPU_VULNERABILITIES if PPC_BARRIER_NOSPEC
select GENERIC_IRQ_SHOW
select GENERIC_IRQ_SHOW_LEVEL
select GENERIC_SMP_IDLE_THREAD
@@ -236,6 +236,11 @@ config PPC
# Please keep this list sorted alphabetically.
#
+config PPC_BARRIER_NOSPEC
+bool
+default y
+depends on PPC_BOOK3S_64
+
config GENERIC_CSUM
def_bool n
--- a/arch/powerpc/include/asm/barrier.h
+++ b/arch/powerpc/include/asm/barrier.h
@@ -76,7 +76,7 @@ do {
\
___p1; \
})
-#ifdef CONFIG_PPC_BOOK3S_64
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
/*
* Prevent execution of subsequent instructions until preceding branches have
* been fully resolved and are no longer executing speculatively.
@@ -86,10 +86,10 @@ do {
\
// This also acts as a compiler barrier due to the memory clobber.
#define barrier_nospec() asm (stringify_in_c(barrier_nospec_asm) ::: "memory")
-#else /* !CONFIG_PPC_BOOK3S_64 */
+#else /* !CONFIG_PPC_BARRIER_NOSPEC */
#define barrier_nospec_asm
#define barrier_nospec()
-#endif
+#endif /* CONFIG_PPC_BARRIER_NOSPEC */
#include
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -56,7 +56,7 @@ void setup_barrier_nospec(void);
void do_barrier_nospec_fixups(bool enable);
extern bool barrier_nospec_enabled;
-#ifdef CONFIG_PPC_BOOK3S_64
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
void do_barrier_nospec_fixups_range(bool enable, void *start, void *end);
#else
static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
--- a/arch/powerpc/kernel/Makefile
+++ b/arch/powerpc/kernel/Makefile
@@ -45,9 +45,10 @@ obj-$(CONFIG_VDSO32) += vdso32/
obj-$(CONFIG_PPC_WATCHDOG) += watchdog.o
obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o
obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_ppc970.o cpu_setup_pa6t.o
-obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_power.o security.o
+obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_power.o
obj-$(CONFIG_PPC_BOOK3S_64)+= mce.o mce_power.o
obj-$(CONFIG_PPC_BOOK3E_64)+= exceptions-64e.o idle_book3e.o
+obj-$(CONFIG_PPC_BARRIER_NOSPEC) += security.o
obj-$(CONFIG_PPC64)+= vdso64/
obj-$(CONFIG_ALTIVEC) += vecemu.o
obj-$(CONFIG_PPC_970_NAP) += idle_power4.o
--- a/arch/powerpc/kernel/module.c
+++ b/arch/powerpc/kernel/module.c
@@ -72,13 +72,15 @@ int module_finalize(const Elf_Ehdr *hdr,
do_feature_fixups(powerpc_firmware_features,
(void *)sect->sh_addr,
(void *)sect->sh_addr + sect->sh_size);
+#endif /* CONFIG_PPC64 */
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
sect = find_section(hdr, sechdrs, "__spec_barrier_fixup");
if (sect != NULL)
do_barrier_nospec_fixups_range(barrier_nospec_enabled,
Patch "[PATCH stable v4.14 11/32] powerpc/64: Call setup_barrier_nospec() from setup_arch()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 11/32] powerpc/64: Call setup_barrier_nospec() from
setup_arch()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:59 +1100
Subject: [PATCH stable v4.14 11/32] powerpc/64: Call setup_barrier_nospec()
from setup_arch()
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-12-...@ellerman.id.au>
From: Michael Ellerman
commit af375eefbfb27cbb5b831984e66d724a40d26b5c upstream.
Currently we require platform code to call setup_barrier_nospec(). But
if we add an empty definition for the !CONFIG_PPC_BARRIER_NOSPEC case
then we can call it in setup_arch().
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |4
arch/powerpc/kernel/setup-common.c |2 ++
arch/powerpc/platforms/powernv/setup.c |1 -
arch/powerpc/platforms/pseries/setup.c |1 -
4 files changed, 6 insertions(+), 2 deletions(-)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -52,7 +52,11 @@ enum l1d_flush_type {
void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types);
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
void setup_barrier_nospec(void);
+#else
+static inline void setup_barrier_nospec(void) { };
+#endif
void do_barrier_nospec_fixups(bool enable);
extern bool barrier_nospec_enabled;
--- a/arch/powerpc/kernel/setup-common.c
+++ b/arch/powerpc/kernel/setup-common.c
@@ -937,6 +937,8 @@ void __init setup_arch(char **cmdline_p)
if (ppc_md.setup_arch)
ppc_md.setup_arch();
+ setup_barrier_nospec();
+
paging_init();
/* Initialize the MMU context management stuff. */
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -123,7 +123,6 @@ static void pnv_setup_rfi_flush(void)
security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
setup_rfi_flush(type, enable);
- setup_barrier_nospec();
}
static void __init pnv_setup_arch(void)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -534,7 +534,6 @@ void pseries_setup_rfi_flush(void)
security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR);
setup_rfi_flush(types, enable);
- setup_barrier_nospec();
}
static void __init pSeries_setup_arch(void)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_
Patch "[PATCH stable v4.14 08/32] powerpc/64: Disable the speculation barrier from the command line" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 08/32] powerpc/64: Disable the speculation barrier from
the command line
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:56 +1100
Subject: [PATCH stable v4.14 08/32] powerpc/64: Disable the speculation barrier
from the command line
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-9-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit cf175dc315f90185128fb061dc05b6fbb211aa2f upstream.
The speculation barrier can be disabled from the command line
with the parameter: "nospectre_v1".
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -16,6 +16,7 @@
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
bool barrier_nospec_enabled;
+static bool no_nospec;
static void enable_barrier_nospec(bool enable)
{
@@ -42,9 +43,18 @@ void setup_barrier_nospec(void)
enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) &&
security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR);
- enable_barrier_nospec(enable);
+ if (!no_nospec)
+ enable_barrier_nospec(enable);
}
+static int __init handle_nospectre_v1(char *p)
+{
+ no_nospec = true;
+
+ return 0;
+}
+early_param("nospectre_v1", handle_nospectre_v1);
+
#ifdef CONFIG_DEBUG_FS
static int barrier_nospec_set(void *data, u64 val)
{
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 12/32] powerpc/64: Make meltdown reporting Book3S 64 specific" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 12/32] powerpc/64: Make meltdown reporting Book3S 64
specific
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:00 +1100
Subject: [PATCH stable v4.14 12/32] powerpc/64: Make meltdown reporting Book3S
64 specific
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-13-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit 406d2b6ae3420f5bb2b3db6986dc6f0b6dbb637b upstream.
In a subsequent patch we will enable building security.c for Book3E.
However the NXP platforms are not vulnerable to Meltdown, so make the
Meltdown vulnerability reporting PPC_BOOK3S_64 specific.
Signed-off-by: Diana Craciun
[mpe: Split out of larger patch]
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |2 ++
1 file changed, 2 insertions(+)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs
device_initcall(barrier_nospec_debugfs_init);
#endif /* CONFIG_DEBUG_FS */
+#ifdef CONFIG_PPC_BOOK3S_64
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
bool thread_priv;
@@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device
return sprintf(buf, "Vulnerable\n");
}
+#endif
ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
char *buf)
{
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 09/32] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific." has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 09/32] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific. to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:25:57 +1100 Subject: [PATCH stable v4.14 09/32] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific. To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-10-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 6453b532f2c8856a80381e6b9a1f5ea2f12294df upstream. NXP Book3E platforms are not vulnerable to speculative store bypass, so make the mitigations PPC_BOOK3S_64 specific. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/security.c |2 ++ 1 file changed, 2 insertions(+) --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -176,6 +176,7 @@ ssize_t cpu_show_spectre_v2(struct devic return s.len; } +#ifdef CONFIG_PPC_BOOK3S_64 /* * Store-forwarding barrier support. */ @@ -323,3 +324,4 @@ static __init int stf_barrier_debugfs_in } device_initcall(stf_barrier_debugfs_init); #endif /* CONFIG_DEBUG_FS */ +#endif /* CONFIG_PPC_BOOK3S_64 */ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 16/32] powerpc/64s: Add new security feature flags for count cache flush" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 16/32] powerpc/64s: Add new security feature flags for count cache flush to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:04 +1100 Subject: [PATCH stable v4.14 16/32] powerpc/64s: Add new security feature flags for count cache flush To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-17-...@ellerman.id.au> From: Michael Ellerman commit dc8c6cce9a26a51fc19961accb978217a3ba8c75 upstream. Add security feature flags to indicate the need for software to flush the count cache on context switch, and for the presence of a hardware assisted count cache flush. Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/security_features.h |6 ++ 1 file changed, 6 insertions(+) --- a/arch/powerpc/include/asm/security_features.h +++ b/arch/powerpc/include/asm/security_features.h @@ -59,6 +59,9 @@ static inline bool security_ftr_enabled( // Indirect branch prediction cache disabled #define SEC_FTR_COUNT_CACHE_DISABLED 0x0020ull +// bcctr 2,0,0 triggers a hardware assisted count cache flush +#define SEC_FTR_BCCTR_FLUSH_ASSIST 0x0800ull + // Features indicating need for Spectre/Meltdown mitigations @@ -74,6 +77,9 @@ static inline bool security_ftr_enabled( // Firmware configuration indicates user favours security over performance #define SEC_FTR_FAVOUR_SECURITY0x0200ull +// Software required to flush count cache on context switch +#define SEC_FTR_FLUSH_COUNT_CACHE 0x0400ull + // Features enabled by default #define SEC_FTR_DEFAULT \ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 21/32] powerpc/fsl: Add macro to flush the branch predictor" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 21/32] powerpc/fsl: Add macro to flush the branch predictor to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:09 +1100 Subject: [PATCH stable v4.14 21/32] powerpc/fsl: Add macro to flush the branch predictor To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-22-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 1cbf8990d79ff69da8ad09e8a3df014e1494462b upstream. The BUCSR register can be used to invalidate the entries in the branch prediction mechanisms. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/ppc_asm.h | 10 ++ 1 file changed, 10 insertions(+) --- a/arch/powerpc/include/asm/ppc_asm.h +++ b/arch/powerpc/include/asm/ppc_asm.h @@ -802,4 +802,14 @@ END_FTR_SECTION_IFCLR(CPU_FTR_601) stringify_in_c(.long (_target) - . ;) \ stringify_in_c(.previous) +#ifdef CONFIG_PPC_FSL_BOOK3E +#define BTB_FLUSH(reg) \ + lis reg,BUCSR_INIT@h; \ + ori reg,reg,BUCSR_INIT@l; \ + mtspr SPRN_BUCSR,reg; \ + isync; +#else +#define BTB_FLUSH(reg) +#endif /* CONFIG_PPC_FSL_BOOK3E */ + #endif /* _ASM_POWERPC_PPC_ASM_H */ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 24/32] powerpc/fsl: Add nospectre_v2 command line argument" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 24/32] powerpc/fsl: Add nospectre_v2 command line
argument
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-add-nospectre_v2-command-line-argument.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:12 +1100
Subject: [PATCH stable v4.14 24/32] powerpc/fsl: Add nospectre_v2 command line
argument
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-25-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit f633a8ad636efb5d4bba1a047d4a0f1ef719aa06 upstream.
When the command line argument is present, the Spectre variant 2
mitigations are disabled.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |5 +
arch/powerpc/kernel/security.c | 21 +
2 files changed, 26 insertions(+)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -66,6 +66,11 @@ void do_barrier_nospec_fixups_range(bool
static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
#endif
+#ifdef CONFIG_PPC_FSL_BOOK3E
+void setup_spectre_v2(void);
+#else
+static inline void setup_spectre_v2(void) {};
+#endif
void do_btb_flush_fixups(void);
#endif /* !__ASSEMBLY__ */
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -26,6 +26,10 @@ static enum count_cache_flush_type count
bool barrier_nospec_enabled;
static bool no_nospec;
+static bool btb_flush_enabled;
+#ifdef CONFIG_PPC_FSL_BOOK3E
+static bool no_spectrev2;
+#endif
static void enable_barrier_nospec(bool enable)
{
@@ -101,6 +105,23 @@ static __init int barrier_nospec_debugfs
device_initcall(barrier_nospec_debugfs_init);
#endif /* CONFIG_DEBUG_FS */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+static int __init handle_nospectre_v2(char *p)
+{
+ no_spectrev2 = true;
+
+ return 0;
+}
+early_param("nospectre_v2", handle_nospectre_v2);
+void setup_spectre_v2(void)
+{
+ if (no_spectrev2)
+ do_btb_flush_fixups();
+ else
+ btb_flush_enabled = true;
+}
+#endif /* CONFIG_PPC_FSL_BOOK3E */
+
#ifdef CONFIG_PPC_BOOK3S_64
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/p
Patch "[PATCH stable v4.14 01/32] powerpc/64s: Add support for ori barrier_nospec patching" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 01/32] powerpc/64s: Add support for ori barrier_nospec
patching
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:49 +1100
Subject: [PATCH stable v4.14 01/32] powerpc/64s: Add support for ori
barrier_nospec patching
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-2-...@ellerman.id.au>
From: Michael Ellerman
From: Michal Suchanek
commit 2eea7f067f495e33b8b116b35b5988ab2b8aec55 upstream.
Based on the RFI patching. This is required to be able to disable the
speculation barrier.
Only one barrier type is supported and it does nothing when the
firmware does not enable it. Also re-patching modules is not supported
So the only meaningful thing that can be done is patching out the
speculation barrier at boot when the user says it is not wanted.
Signed-off-by: Michal Suchanek
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/barrier.h|2 +-
arch/powerpc/include/asm/feature-fixups.h |9 +
arch/powerpc/include/asm/setup.h |1 +
arch/powerpc/kernel/security.c|9 +
arch/powerpc/kernel/vmlinux.lds.S |7 +++
arch/powerpc/lib/feature-fixups.c | 27 +++
6 files changed, 54 insertions(+), 1 deletion(-)
--- a/arch/powerpc/include/asm/barrier.h
+++ b/arch/powerpc/include/asm/barrier.h
@@ -81,7 +81,7 @@ do {
\
* Prevent execution of subsequent instructions until preceding branches have
* been fully resolved and are no longer executing speculatively.
*/
-#define barrier_nospec_asm ori 31,31,0
+#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; nop
// This also acts as a compiler barrier due to the memory clobber.
#define barrier_nospec() asm (stringify_in_c(barrier_nospec_asm) ::: "memory")
--- a/arch/powerpc/include/asm/feature-fixups.h
+++ b/arch/powerpc/include/asm/feature-fixups.h
@@ -211,6 +211,14 @@ label##3: \
FTR_ENTRY_OFFSET 951b-952b; \
.popsection;
+#define NOSPEC_BARRIER_FIXUP_SECTION \
+953: \
+ .pushsection __barrier_nospec_fixup,"a";\
+ .align 2; \
+954: \
+ FTR_ENTRY_OFFSET 953b-954b; \
+ .popsection;
+
#ifndef __ASSEMBLY__
#include
@@ -219,6 +227,7 @@ extern long stf_barrier_fallback;
extern long __start___stf_entry_barrier_fixup,
__stop___stf_entry_barrier_fixup;
extern long __start___stf_exit_barrier_fixup, __stop___stf_exit_barrier_fixup;
extern long __start___rfi_flush_fixup, __stop___rfi_flush_fixup;
+extern long __start___barrier_nospec_fixup, __stop___barrier_nospec_fixup;
void apply_feature_fixups(void);
void setup_feature_keys(void);
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -52,6 +52,7 @@ enum l1d_flush_type {
void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types);
+void do_barrier_nospec_fixups(bool enable);
#endif /* !__ASSEMBLY__ */
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -10,10 +10,19 @@
#include
#include
+#include
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
+static bool barrier_nospec_enabled;
+
+static void enable_barrier_nospec(bool enable)
+{
+ barrier_nospec_enabled = enable;
+ do_barrier_nospec_fixups(enable);
+}
+
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
bool thread_priv;
--- a/arch/powerpc/kernel/vmlinux.lds.S
+++ b/arch/powerpc/kernel/vmlinux.lds.S
@@ -153,6 +153,13 @@ SECTIONS
*(__rfi_flush_fixup)
__stop___rfi_flush_fixup = .;
}
+
+ . = ALIGN(8);
+ __spec_barrier_fixup : AT(ADDR(__spec_barrier_fixup) - LOAD_OFFSET) {
+ __start___barrier_nospec_fixup = .;
+ *(__barrier_nospec_fixup)
+ __stop___barrier_nospec_fixup = .;
+ }
#endif
EXCEPTION_TABLE(0)
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -277,6 +
Patch "[PATCH stable v4.14 17/32] powerpc/64s: Add support for software count cache flush" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 17/32] powerpc/64s: Add support for software count
cache flush
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-add-support-for-software-count-cache-flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:05 +1100
Subject: [PATCH stable v4.14 17/32] powerpc/64s: Add support for software count
cache flush
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-18-...@ellerman.id.au>
From: Michael Ellerman
commit ee13cb249fabdff8b90aaff61add347749280087 upstream.
Some CPU revisions support a mode where the count cache needs to be
flushed by software on context switch. Additionally some revisions may
have a hardware accelerated flush, in which case the software flush
sequence can be shortened.
If we detect the appropriate flag from firmware we patch a branch
into _switch() which takes us to a count cache flush sequence.
That sequence in turn may be patched to return early if we detect that
the CPU supports accelerating the flush sequence in hardware.
Add debugfs support for reporting the state of the flush, as well as
runtime disabling it.
And modify the spectre_v2 sysfs file to report the state of the
software flush.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/asm-prototypes.h|6 +
arch/powerpc/include/asm/security_features.h |1
arch/powerpc/kernel/entry_64.S | 54 ++
arch/powerpc/kernel/security.c | 98 +--
4 files changed, 154 insertions(+), 5 deletions(-)
--- a/arch/powerpc/include/asm/asm-prototypes.h
+++ b/arch/powerpc/include/asm/asm-prototypes.h
@@ -126,4 +126,10 @@ extern int __ucmpdi2(u64, u64);
void _mcount(void);
unsigned long prepare_ftrace_return(unsigned long parent, unsigned long ip);
+/* Patch sites */
+extern s32 patch__call_flush_count_cache;
+extern s32 patch__flush_count_cache_return;
+
+extern long flush_count_cache;
+
#endif /* _ASM_POWERPC_ASM_PROTOTYPES_H */
--- a/arch/powerpc/include/asm/security_features.h
+++ b/arch/powerpc/include/asm/security_features.h
@@ -22,6 +22,7 @@ enum stf_barrier_type {
void setup_stf_barrier(void);
void do_stf_barrier_fixups(enum stf_barrier_type types);
+void setup_count_cache_flush(void);
static inline void security_ftr_set(unsigned long feature)
{
--- a/arch/powerpc/kernel/entry_64.S
+++ b/arch/powerpc/kernel/entry_64.S
@@ -25,6 +25,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -497,6 +498,57 @@ _GLOBAL(ret_from_kernel_thread)
li r3,0
b .Lsyscall_exit
+#ifdef CONFIG_PPC_BOOK3S_64
+
+#define FLUSH_COUNT_CACHE \
+1: nop;\
+ patch_site 1b, patch__call_flush_count_cache
+
+
+#define BCCTR_FLUSH.long 0x4c400420
+
+.macro nops number
+ .rept \number
+ nop
+ .endr
+.endm
+
+.balign 32
+.global flush_count_cache
+flush_count_cache:
+ /* Save LR into r9 */
+ mflrr9
+
+ .rept 64
+ bl .+4
+ .endr
+ b 1f
+ nops6
+
+ .balign 32
+ /* Restore LR */
+1: mtlrr9
+ li r9,0x7fff
+ mtctr r9
+
+ BCCTR_FLUSH
+
+2: nop
+ patch_site 2b patch__flush_count_cache_return
+
+ nops3
+
+ .rept 278
+ .balign 32
+ BCCTR_FLUSH
+ nops7
+ .endr
+
+ blr
+#else
+#define FLUSH_COUNT_CACHE
+#endif /* CONFIG_PPC_BOOK3S_64 */
+
/*
* This routine switches between two different tasks. The process
* state of one is saved on its kernel stack. Then the state
@@ -528,6 +580,8 @@ _GLOBAL(_switch)
std r23,_CCR(r1)
std r1,KSP(r3) /* Set old stack pointer */
+ FLUSH_COUNT_CACHE
+
/*
* On SMP kernels, care must be taken because a task may be
* scheduled off CPUx and on to CPUy. Memory ordering must be
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -9,12 +9,21 @@
#include
#include
+#include
+#include
#include
#include
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
+enum count_cache_flush_type {
+ COUNT_CACHE_FLUSH_NONE = 0x1,
+ COUNT_CACHE_FLUSH_SW= 0x2,
+ COUNT_CACHE_FLUSH_HW= 0x4,
+};
+static enum count_cache_flush_type count_cache_flush_type;
+
bool barrier_nospec_enabled;
static bool no_nospec;
@@ -159,17 +168,29 @@ ssize_t cpu_show
Patch "[PATCH stable v4.14 03/32] powerpc/64s: Enable barrier_nospec based on firmware settings" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 03/32] powerpc/64s: Enable barrier_nospec based on
firmware settings
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:51 +1100
Subject: [PATCH stable v4.14 03/32] powerpc/64s: Enable barrier_nospec based on
firmware settings
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-4-...@ellerman.id.au>
From: Michael Ellerman
From: Michal Suchanek
commit cb3d6759a93c6d0aea1c10deb6d00e111c29c19c upstream.
Check what firmware told us and enable/disable the barrier_nospec as
appropriate.
We err on the side of enabling the barrier, as it's no-op on older
systems, see the comment for more detail.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |1
arch/powerpc/kernel/security.c | 59 +
arch/powerpc/platforms/powernv/setup.c |1
arch/powerpc/platforms/pseries/setup.c |1
4 files changed, 62 insertions(+)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -52,6 +52,7 @@ enum l1d_flush_type {
void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types);
+void setup_barrier_nospec(void);
void do_barrier_nospec_fixups(bool enable);
extern bool barrier_nospec_enabled;
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -23,6 +23,65 @@ static void enable_barrier_nospec(bool e
do_barrier_nospec_fixups(enable);
}
+void setup_barrier_nospec(void)
+{
+ bool enable;
+
+ /*
+* It would make sense to check SEC_FTR_SPEC_BAR_ORI31 below as well.
+* But there's a good reason not to. The two flags we check below are
+* both are enabled by default in the kernel, so if the hcall is not
+* functional they will be enabled.
+* On a system where the host firmware has been updated (so the ori
+* functions as a barrier), but on which the hypervisor (KVM/Qemu) has
+* not been updated, we would like to enable the barrier. Dropping the
+* check for SEC_FTR_SPEC_BAR_ORI31 achieves that. The only downside is
+* we potentially enable the barrier on systems where the host firmware
+* is not updated, but that's harmless as it's a no-op.
+*/
+ enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) &&
+security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR);
+
+ enable_barrier_nospec(enable);
+}
+
+#ifdef CONFIG_DEBUG_FS
+static int barrier_nospec_set(void *data, u64 val)
+{
+ switch (val) {
+ case 0:
+ case 1:
+ break;
+ default:
+ return -EINVAL;
+ }
+
+ if (!!val == !!barrier_nospec_enabled)
+ return 0;
+
+ enable_barrier_nospec(!!val);
+
+ return 0;
+}
+
+static int barrier_nospec_get(void *data, u64 *val)
+{
+ *val = barrier_nospec_enabled ? 1 : 0;
+ return 0;
+}
+
+DEFINE_SIMPLE_ATTRIBUTE(fops_barrier_nospec,
+ barrier_nospec_get, barrier_nospec_set, "%llu\n");
+
+static __init int barrier_nospec_debugfs_init(void)
+{
+ debugfs_create_file("barrier_nospec", 0600, powerpc_debugfs_root, NULL,
+ &fops_barrier_nospec);
+ return 0;
+}
+device_initcall(barrier_nospec_debugfs_init);
+#endif /* CONFIG_DEBUG_FS */
+
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
bool thread_priv;
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -123,6 +123,7 @@ static void pnv_setup_rfi_flush(void)
security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
setup_rfi_flush(type, enable);
+ setup_barrier_nospec();
}
static void __init pnv_setup_arch(void)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -534,6 +534,7 @@ void pseries_setup_rfi_flush(void)
security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR);
setup_rfi_flush(types, enable);
+ setup_barrier_nospec();
}
static void __init pSeries_setup_arch(void)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.
Patch "[PATCH stable v4.14 06/32] powerpc/64s: Enhance the information in cpu_show_spectre_v1()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 06/32] powerpc/64s: Enhance the information in cpu_show_spectre_v1() to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:25:54 +1100 Subject: [PATCH stable v4.14 06/32] powerpc/64s: Enhance the information in cpu_show_spectre_v1() To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-7-...@ellerman.id.au> From: Michael Ellerman From: Michal Suchanek commit a377514519b9a20fa1ea9adddbb4129573129cef upstream. We now have barrier_nospec as mitigation so print it in cpu_show_spectre_v1() when enabled. Signed-off-by: Michal Suchanek Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/security.c |3 +++ 1 file changed, 3 insertions(+) --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -120,6 +120,9 @@ ssize_t cpu_show_spectre_v1(struct devic if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR)) return sprintf(buf, "Not affected\n"); + if (barrier_nospec_enabled) + return sprintf(buf, "Mitigation: __user pointer sanitization\n"); + return sprintf(buf, "Vulnerable\n"); } Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 02/32] powerpc/64s: Patch barrier_nospec in modules" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 02/32] powerpc/64s: Patch barrier_nospec in modules
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-patch-barrier_nospec-in-modules.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:50 +1100
Subject: [PATCH stable v4.14 02/32] powerpc/64s: Patch barrier_nospec in modules
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-3-...@ellerman.id.au>
From: Michael Ellerman
From: Michal Suchanek
commit 815069ca57c142eb71d27439bc27f41a433a67b3 upstream.
Note that unlike RFI which is patched only in kernel the nospec state
reflects settings at the time the module was loaded.
Iterating all modules and re-patching every time the settings change
is not implemented.
Based on lwsync patching.
Signed-off-by: Michal Suchanek
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |7 +++
arch/powerpc/kernel/module.c |6 ++
arch/powerpc/kernel/security.c|2 +-
arch/powerpc/lib/feature-fixups.c | 16 +---
4 files changed, 27 insertions(+), 4 deletions(-)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -53,6 +53,13 @@ enum l1d_flush_type {
void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types);
void do_barrier_nospec_fixups(bool enable);
+extern bool barrier_nospec_enabled;
+
+#ifdef CONFIG_PPC_BOOK3S_64
+void do_barrier_nospec_fixups_range(bool enable, void *start, void *end);
+#else
+static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
+#endif
#endif /* !__ASSEMBLY__ */
--- a/arch/powerpc/kernel/module.c
+++ b/arch/powerpc/kernel/module.c
@@ -72,6 +72,12 @@ int module_finalize(const Elf_Ehdr *hdr,
do_feature_fixups(powerpc_firmware_features,
(void *)sect->sh_addr,
(void *)sect->sh_addr + sect->sh_size);
+
+ sect = find_section(hdr, sechdrs, "__spec_barrier_fixup");
+ if (sect != NULL)
+ do_barrier_nospec_fixups_range(barrier_nospec_enabled,
+ (void *)sect->sh_addr,
+ (void *)sect->sh_addr + sect->sh_size);
#endif
sect = find_section(hdr, sechdrs, "__lwsync_fixup");
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -15,7 +15,7 @@
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
-static bool barrier_nospec_enabled;
+bool barrier_nospec_enabled;
static void enable_barrier_nospec(bool enable)
{
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -278,14 +278,14 @@ void do_rfi_flush_fixups(enum l1d_flush_
: "unknown");
}
-void do_barrier_nospec_fixups(bool enable)
+void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void
*fixup_end)
{
unsigned int instr, *dest;
long *start, *end;
int i;
- start = PTRRELOC(&__start___barrier_nospec_fixup),
- end = PTRRELOC(&__stop___barrier_nospec_fixup);
+ start = fixup_start;
+ end = fixup_end;
instr = 0x6000; /* nop */
@@ -304,6 +304,16 @@ void do_barrier_nospec_fixups(bool enabl
printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
}
+void do_barrier_nospec_fixups(bool enable)
+{
+ void *start, *end;
+
+ start = PTRRELOC(&__start___barrier_nospec_fixup),
+ end = PTRRELOC(&__stop___barrier_nospec_fixup);
+
+ do_barrier_nospec_fixups_range(enable, start, end);
+}
+
#endif /* CONFIG_PPC_BOOK3S_64 */
void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spect
Patch "[PATCH stable v4.14 15/32] powerpc/asm: Add a patch_site macro & helpers for patching instructions" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 15/32] powerpc/asm: Add a patch_site macro & helpers
for patching instructions
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:03 +1100
Subject: [PATCH stable v4.14 15/32] powerpc/asm: Add a patch_site macro &
helpers for patching instructions
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-16-...@ellerman.id.au>
From: Michael Ellerman
commit 06d0bbc6d0f56dacac3a79900e9a9a0d5972d818 upstream.
Add a macro and some helper C functions for patching single asm
instructions.
The gas macro means we can do something like:
1:nop
patch_site 1b, patch__foo
Which is less visually distracting than defining a GLOBAL symbol at 1,
and also doesn't pollute the symbol table which can confuse eg. perf.
These are obviously similar to our existing feature sections, but are
not automatically patched based on CPU/MMU features, rather they are
designed to be manually patched by C code at some arbitrary point.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/code-patching-asm.h | 18 ++
arch/powerpc/include/asm/code-patching.h |2 ++
arch/powerpc/lib/code-patching.c | 16
3 files changed, 36 insertions(+)
create mode 100644 arch/powerpc/include/asm/code-patching-asm.h
--- /dev/null
+++ b/arch/powerpc/include/asm/code-patching-asm.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright 2018, Michael Ellerman, IBM Corporation.
+ */
+#ifndef _ASM_POWERPC_CODE_PATCHING_ASM_H
+#define _ASM_POWERPC_CODE_PATCHING_ASM_H
+
+/* Define a "site" that can be patched */
+.macro patch_site label name
+ .pushsection ".rodata"
+ .balign 4
+ .global \name
+\name:
+ .4byte \label - .
+ .popsection
+.endm
+
+#endif /* _ASM_POWERPC_CODE_PATCHING_ASM_H */
--- a/arch/powerpc/include/asm/code-patching.h
+++ b/arch/powerpc/include/asm/code-patching.h
@@ -32,6 +32,8 @@ unsigned int create_cond_branch(const un
int patch_branch(unsigned int *addr, unsigned long target, int flags);
int patch_instruction(unsigned int *addr, unsigned int instr);
int raw_patch_instruction(unsigned int *addr, unsigned int instr);
+int patch_instruction_site(s32 *addr, unsigned int instr);
+int patch_branch_site(s32 *site, unsigned long target, int flags);
int instr_is_relative_branch(unsigned int instr);
int instr_is_relative_link_branch(unsigned int instr);
--- a/arch/powerpc/lib/code-patching.c
+++ b/arch/powerpc/lib/code-patching.c
@@ -206,6 +206,22 @@ int patch_branch(unsigned int *addr, uns
return patch_instruction(addr, create_branch(addr, target, flags));
}
+int patch_branch_site(s32 *site, unsigned long target, int flags)
+{
+ unsigned int *addr;
+
+ addr = (unsigned int *)((unsigned long)site + *site);
+ return patch_instruction(addr, create_branch(addr, target, flags));
+}
+
+int patch_instruction_site(s32 *site, unsigned int instr)
+{
+ unsigned int *addr;
+
+ addr = (unsigned int *)((unsigned long)site + *site);
+ return patch_instruction(addr, instr);
+}
+
bool is_offset_in_branch_range(long offset)
{
/*
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/po
Patch "[PATCH stable v4.14 13/32] powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 13/32] powerpc/fsl: Add barrier_nospec implementation
for NXP PowerPC Book3E
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:01 +1100
Subject: [PATCH stable v4.14 13/32] powerpc/fsl: Add barrier_nospec
implementation for NXP PowerPC Book3E
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-14-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit ebcd1bfc33c7a90df941df68a6e5d4018c022fba upstream.
Implement the barrier_nospec as a isync;sync instruction sequence.
The implementation uses the infrastructure built for BOOK3S 64.
Signed-off-by: Diana Craciun
[mpe: Split out of larger patch]
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/Kconfig |2 +-
arch/powerpc/include/asm/barrier.h |8 +++-
arch/powerpc/lib/feature-fixups.c | 31 +++
3 files changed, 39 insertions(+), 2 deletions(-)
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -239,7 +239,7 @@ config PPC
config PPC_BARRIER_NOSPEC
bool
default y
-depends on PPC_BOOK3S_64
+depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E
config GENERIC_CSUM
def_bool n
--- a/arch/powerpc/include/asm/barrier.h
+++ b/arch/powerpc/include/asm/barrier.h
@@ -76,12 +76,18 @@ do {
\
___p1; \
})
+#ifdef CONFIG_PPC_BOOK3S_64
+#define NOSPEC_BARRIER_SLOT nop
+#elif defined(CONFIG_PPC_FSL_BOOK3E)
+#define NOSPEC_BARRIER_SLOT nop; nop
+#endif
+
#ifdef CONFIG_PPC_BARRIER_NOSPEC
/*
* Prevent execution of subsequent instructions until preceding branches have
* been fully resolved and are no longer executing speculatively.
*/
-#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; nop
+#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; NOSPEC_BARRIER_SLOT
// This also acts as a compiler barrier due to the memory clobber.
#define barrier_nospec() asm (stringify_in_c(barrier_nospec_asm) ::: "memory")
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -318,6 +318,37 @@ void do_barrier_nospec_fixups(bool enabl
}
#endif /* CONFIG_PPC_BARRIER_NOSPEC */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void
*fixup_end)
+{
+ unsigned int instr[2], *dest;
+ long *start, *end;
+ int i;
+
+ start = fixup_start;
+ end = fixup_end;
+
+ instr[0] = PPC_INST_NOP;
+ instr[1] = PPC_INST_NOP;
+
+ if (enable) {
+ pr_info("barrier-nospec: using isync; sync as speculation
barrier\n");
+ instr[0] = PPC_INST_ISYNC;
+ instr[1] = PPC_INST_SYNC;
+ }
+
+ for (i = 0; start < end; start++, i++) {
+ dest = (void *)start + *start;
+
+ pr_devel("patching dest %lx\n", (unsigned long)dest);
+ patch_instruction(dest, instr[0]);
+ patch_instruction(dest + 1, instr[1]);
+ }
+
+ printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
+}
+#endif /* CONFIG_PPC_FSL_BOOK3E */
+
void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
{
long *start, *end;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-a
Patch "[PATCH stable v4.14 20/32] powerpc/fsl: Add infrastructure to fixup branch predictor flush" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 20/32] powerpc/fsl: Add infrastructure to fixup branch
predictor flush
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:08 +1100
Subject: [PATCH stable v4.14 20/32] powerpc/fsl: Add infrastructure to fixup
branch predictor flush
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-21-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit 76a5eaa38b15dda92cd6964248c39b5a6f3a4e9d upstream.
In order to protect against speculation attacks (Spectre
variant 2) on NXP PowerPC platforms, the branch predictor
should be flushed when the privillege level is changed.
This patch is adding the infrastructure to fixup at runtime
the code sections that are performing the branch predictor flush
depending on a boot arg parameter which is added later in a
separate patch.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/feature-fixups.h | 12
arch/powerpc/include/asm/setup.h |2 ++
arch/powerpc/kernel/vmlinux.lds.S |8
arch/powerpc/lib/feature-fixups.c | 23 +++
4 files changed, 45 insertions(+)
--- a/arch/powerpc/include/asm/feature-fixups.h
+++ b/arch/powerpc/include/asm/feature-fixups.h
@@ -219,6 +219,17 @@ label##3: \
FTR_ENTRY_OFFSET 953b-954b; \
.popsection;
+#define START_BTB_FLUSH_SECTION\
+955: \
+
+#define END_BTB_FLUSH_SECTION \
+956: \
+ .pushsection __btb_flush_fixup,"a"; \
+ .align 2; \
+957: \
+ FTR_ENTRY_OFFSET 955b-957b; \
+ FTR_ENTRY_OFFSET 956b-957b; \
+ .popsection;
#ifndef __ASSEMBLY__
#include
@@ -228,6 +239,7 @@ extern long __start___stf_entry_barrier_
extern long __start___stf_exit_barrier_fixup, __stop___stf_exit_barrier_fixup;
extern long __start___rfi_flush_fixup, __stop___rfi_flush_fixup;
extern long __start___barrier_nospec_fixup, __stop___barrier_nospec_fixup;
+extern long __start__btb_flush_fixup, __stop__btb_flush_fixup;
void apply_feature_fixups(void);
void setup_feature_keys(void);
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -66,6 +66,8 @@ void do_barrier_nospec_fixups_range(bool
static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
#endif
+void do_btb_flush_fixups(void);
+
#endif /* !__ASSEMBLY__ */
#endif /* _ASM_POWERPC_SETUP_H */
--- a/arch/powerpc/kernel/vmlinux.lds.S
+++ b/arch/powerpc/kernel/vmlinux.lds.S
@@ -164,6 +164,14 @@ SECTIONS
}
#endif /* CONFIG_PPC_BARRIER_NOSPEC */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+ . = ALIGN(8);
+ __spec_btb_flush_fixup : AT(ADDR(__spec_btb_flush_fixup) - LOAD_OFFSET)
{
+ __start__btb_flush_fixup = .;
+ *(__btb_flush_fixup)
+ __stop__btb_flush_fixup = .;
+ }
+#endif
EXCEPTION_TABLE(0)
NOTES :kernel :notes
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -347,6 +347,29 @@ void do_barrier_nospec_fixups_range(bool
printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
}
+
+static void patch_btb_flush_section(long *curr)
+{
+ unsigned int *start, *end;
+
+ start = (void *)curr + *curr;
+ end = (void *)curr + *(curr + 1);
+ for (; start < end; start++) {
+ pr_devel("patching dest %lx\n", (unsigned long)start);
+ patch_instruction(start, PPC_INST_NOP);
+ }
+}
+
+void do_btb_flush_fixups(void)
+{
+ long *start, *end;
+
+ start = PTRRELOC(&__start__btb_flush_fixup);
+ end = PTRRELOC(&__stop__btb_flush_fixup);
+
+ for (; start < end; start += 2)
+ patch_btb_flush_section(start);
+}
#endif /* CONFIG_PPC_FSL_BOOK3E */
void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-regis
Patch "[PATCH stable v4.14 05/32] powerpc/64: Use barrier_nospec in syscall entry" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 05/32] powerpc/64: Use barrier_nospec in syscall entry to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-64-use-barrier_nospec-in-syscall-entry.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:25:53 +1100 Subject: [PATCH stable v4.14 05/32] powerpc/64: Use barrier_nospec in syscall entry To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-6-...@ellerman.id.au> From: Michael Ellerman commit 51973a815c6b46d7b23b68d6af371ad1c9d503ca upstream. Our syscall entry is done in assembly so patch in an explicit barrier_nospec. Based on a patch by Michal Suchanek. Signed-off-by: Michal Suchanek Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/entry_64.S | 10 ++ 1 file changed, 10 insertions(+) --- a/arch/powerpc/kernel/entry_64.S +++ b/arch/powerpc/kernel/entry_64.S @@ -36,6 +36,7 @@ #include #include #include +#include #include #ifdef CONFIG_PPC_BOOK3S #include @@ -179,6 +180,15 @@ system_call: /* label this so stack tr clrldi r8,r8,32 15: slwir0,r0,4 + + barrier_nospec_asm + /* +* Prevent the load of the handler below (based on the user-passed +* system call number) being speculatively executed until the test +* against NR_syscalls and branch to .Lsyscall_enosys above has +* committed. +*/ + ldx r12,r11,r0 /* Fetch system call handler [ptr] */ mtctr r12 bctrl /* Call handler */ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 28/32] powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 28/32] powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:16 +1100 Subject: [PATCH stable v4.14 28/32] powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-29-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 3bc8ea8603ae4c1e09aca8de229ad38b8091fcb3 upstream. If the user choses not to use the mitigations, replace the code sequence with nops. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/setup-common.c |1 + 1 file changed, 1 insertion(+) --- a/arch/powerpc/kernel/setup-common.c +++ b/arch/powerpc/kernel/setup-common.c @@ -938,6 +938,7 @@ void __init setup_arch(char **cmdline_p) ppc_md.setup_arch(); setup_barrier_nospec(); + setup_spectre_v2(); paging_init(); Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 19/32] powerpc/powernv: Query firmware for count cache flush settings" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 19/32] powerpc/powernv: Query firmware for count cache
flush settings
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:07 +1100
Subject: [PATCH stable v4.14 19/32] powerpc/powernv: Query firmware for count
cache flush settings
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-20-...@ellerman.id.au>
From: Michael Ellerman
commit 99d54754d3d5f896a8f616b0b6520662bc99d66b upstream.
Look for fw-features properties to determine the appropriate settings
for the count cache flush, and then call the generic powerpc code to
set it up based on the security feature flags.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/powernv/setup.c |7 +++
1 file changed, 7 insertions(+)
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -77,6 +77,12 @@ static void init_fw_feat_flags(struct de
if (fw_feature_is("enabled", "fw-count-cache-disabled", np))
security_ftr_set(SEC_FTR_COUNT_CACHE_DISABLED);
+ if (fw_feature_is("enabled", "fw-count-cache-flush-bcctr2,0,0", np))
+ security_ftr_set(SEC_FTR_BCCTR_FLUSH_ASSIST);
+
+ if (fw_feature_is("enabled",
"needs-count-cache-flush-on-context-switch", np))
+ security_ftr_set(SEC_FTR_FLUSH_COUNT_CACHE);
+
/*
* The features below are enabled by default, so we instead look to see
* if firmware has *disabled* them, and clear them if so.
@@ -123,6 +129,7 @@ static void pnv_setup_rfi_flush(void)
security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
setup_rfi_flush(type, enable);
+ setup_count_cache_flush();
}
static void __init pnv_setup_arch(void)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 18/32] powerpc/pseries: Query hypervisor for count cache flush settings" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 18/32] powerpc/pseries: Query hypervisor for count cache flush settings to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:06 +1100 Subject: [PATCH stable v4.14 18/32] powerpc/pseries: Query hypervisor for count cache flush settings To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-19-...@ellerman.id.au> From: Michael Ellerman commit ba72dc171954b782a79d25e0f4b3ed91090c3b1e upstream. Use the existing hypercall to determine the appropriate settings for the count cache flush, and then call the generic powerpc code to set it up based on the security feature flags. Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/hvcall.h |2 ++ arch/powerpc/platforms/pseries/setup.c |7 +++ 2 files changed, 9 insertions(+) --- a/arch/powerpc/include/asm/hvcall.h +++ b/arch/powerpc/include/asm/hvcall.h @@ -340,10 +340,12 @@ #define H_CPU_CHAR_BRANCH_HINTS_HONORED(1ull << 58) // IBM bit 5 #define H_CPU_CHAR_THREAD_RECONFIG_CTRL(1ull << 57) // IBM bit 6 #define H_CPU_CHAR_COUNT_CACHE_DISABLED(1ull << 56) // IBM bit 7 +#define H_CPU_CHAR_BCCTR_FLUSH_ASSIST (1ull << 54) // IBM bit 9 #define H_CPU_BEHAV_FAVOUR_SECURITY(1ull << 63) // IBM bit 0 #define H_CPU_BEHAV_L1D_FLUSH_PR (1ull << 62) // IBM bit 1 #define H_CPU_BEHAV_BNDS_CHK_SPEC_BAR (1ull << 61) // IBM bit 2 +#define H_CPU_BEHAV_FLUSH_COUNT_CACHE (1ull << 58) // IBM bit 5 /* Flag values used in H_REGISTER_PROC_TBL hcall */ #define PROC_TABLE_OP_MASK 0x18 --- a/arch/powerpc/platforms/pseries/setup.c +++ b/arch/powerpc/platforms/pseries/setup.c @@ -484,6 +484,12 @@ static void init_cpu_char_feature_flags( if (result->character & H_CPU_CHAR_COUNT_CACHE_DISABLED) security_ftr_set(SEC_FTR_COUNT_CACHE_DISABLED); + if (result->character & H_CPU_CHAR_BCCTR_FLUSH_ASSIST) + security_ftr_set(SEC_FTR_BCCTR_FLUSH_ASSIST); + + if (result->behaviour & H_CPU_BEHAV_FLUSH_COUNT_CACHE) + security_ftr_set(SEC_FTR_FLUSH_COUNT_CACHE); + /* * The features below are enabled by default, so we instead look to see * if firmware has *disabled* them, and clear them if so. @@ -534,6 +540,7 @@ void pseries_setup_rfi_flush(void) security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR); setup_rfi_flush(types, enable); + setup_count_cache_flush(); } static void __init pSeries_setup_arch(void) Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-pr
Patch "[PATCH stable v4.14 22/32] powerpc/fsl: Fix spectre_v2 mitigations reporting" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 22/32] powerpc/fsl: Fix spectre_v2 mitigations reporting
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:10 +1100
Subject: [PATCH stable v4.14 22/32] powerpc/fsl: Fix spectre_v2 mitigations
reporting
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-23-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit 7d8bad99ba5a22892f0cad6881289fdc3875a930 upstream.
Currently for CONFIG_PPC_FSL_BOOK3E the spectre_v2 file is incorrect:
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
"Mitigation: Software count cache flush"
Which is wrong. Fix it to report vulnerable for now.
Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush")
Cc: sta...@vger.kernel.org # v4.19+
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -22,7 +22,7 @@ enum count_cache_flush_type {
COUNT_CACHE_FLUSH_SW= 0x2,
COUNT_CACHE_FLUSH_HW= 0x4,
};
-static enum count_cache_flush_type count_cache_flush_type;
+static enum count_cache_flush_type count_cache_flush_type =
COUNT_CACHE_FLUSH_NONE;
bool barrier_nospec_enabled;
static bool no_nospec;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 31/32] powerpc/fsl: Fix the flush of branch predictor." has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 31/32] powerpc/fsl: Fix the flush of branch predictor.
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-fix-the-flush-of-branch-predictor.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:19 +1100
Subject: [PATCH stable v4.14 31/32] powerpc/fsl: Fix the flush of branch
predictor.
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-32-...@ellerman.id.au>
From: Michael Ellerman
From: Christophe Leroy
commit 27da80719ef132cf8c80eb406d5aeb37dddf78cc upstream.
The commit identified below adds MC_BTB_FLUSH macro only when
CONFIG_PPC_FSL_BOOK3E is defined. This results in the following error
on some configs (seen several times with kisskb randconfig_defconfig)
arch/powerpc/kernel/exceptions-64e.S:576: Error: Unrecognized opcode:
`mc_btb_flush'
make[3]: *** [scripts/Makefile.build:367: arch/powerpc/kernel/exceptions-64e.o]
Error 1
make[2]: *** [scripts/Makefile.build:492: arch/powerpc/kernel] Error 2
make[1]: *** [Makefile:1043: arch/powerpc] Error 2
make: *** [Makefile:152: sub-make] Error 2
This patch adds a blank definition of MC_BTB_FLUSH for other cases.
Fixes: 10c5e83afd4a ("powerpc/fsl: Flush the branch predictor at each kernel
entry (64bit)")
Cc: Diana Craciun
Signed-off-by: Christophe Leroy
Reviewed-by: Daniel Axtens
Reviewed-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/exceptions-64e.S |1 +
1 file changed, 1 insertion(+)
--- a/arch/powerpc/kernel/exceptions-64e.S
+++ b/arch/powerpc/kernel/exceptions-64e.S
@@ -348,6 +348,7 @@ ret_from_mc_except:
#define GEN_BTB_FLUSH
#define CRIT_BTB_FLUSH
#define DBG_BTB_FLUSH
+#define MC_BTB_FLUSH
#define GDBELL_BTB_FLUSH
#endif
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 30/32] powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 30/32] powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:18 +1100 Subject: [PATCH stable v4.14 30/32] powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-31-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 039daac5526932ec731e4499613018d263af8b3e upstream. Fixed the following build warning: powerpc-linux-gnu-ld: warning: orphan section `__btb_flush_fixup' from `arch/powerpc/kernel/head_44x.o' being placed in section `__btb_flush_fixup'. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/head_booke.h | 18 -- 1 file changed, 12 insertions(+), 6 deletions(-) --- a/arch/powerpc/kernel/head_booke.h +++ b/arch/powerpc/kernel/head_booke.h @@ -32,6 +32,16 @@ */ #define THREAD_NORMSAVE(offset)(THREAD_NORMSAVES + (offset * 4)) +#ifdef CONFIG_PPC_FSL_BOOK3E +#define BOOKE_CLEAR_BTB(reg) \ +START_BTB_FLUSH_SECTION \ + BTB_FLUSH(reg) \ +END_BTB_FLUSH_SECTION +#else +#define BOOKE_CLEAR_BTB(reg) +#endif + + #define NORMAL_EXCEPTION_PROLOG(intno) \ mtspr SPRN_SPRG_WSCRATCH0, r10; /* save one register */ \ mfspr r10, SPRN_SPRG_THREAD; \ @@ -43,9 +53,7 @@ andi. r11, r11, MSR_PR; /* check whether user or kernel*/\ mr r11, r1; \ beq 1f; \ -START_BTB_FLUSH_SECTION\ - BTB_FLUSH(r11) \ -END_BTB_FLUSH_SECTION \ + BOOKE_CLEAR_BTB(r11)\ /* if from user, start at top of this thread's kernel stack */ \ lwz r11, THREAD_INFO-THREAD(r10);\ ALLOC_STACK_FRAME(r11, THREAD_SIZE); \ @@ -131,9 +139,7 @@ END_BTB_FLUSH_SECTION \ stw r9,_CCR(r8);/* save CR on stack*/\ mfspr r11,exc_level_srr1; /* check whether user or kernel*/\ DO_KVM BOOKE_INTERRUPT_##intno exc_level_srr1; \ -START_BTB_FLUSH_SECTION \ - BTB_FLUSH(r10) \ -END_BTB_FLUSH_SECTION \ + BOOKE_CLEAR_BTB(r10)\ andi. r11,r11,MSR_PR; \ mfspr r11,SPRN_SPRG_THREAD; /* if from user, start at top of */\ lwz r11,THREAD_INFO-THREAD(r11); /* this thread's kernel stack */\ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predicto
Patch "[PATCH stable v4.14 27/32] powerpc/fsl: Flush branch predictor when entering KVM" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 27/32] powerpc/fsl: Flush branch predictor when entering KVM to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:15 +1100 Subject: [PATCH stable v4.14 27/32] powerpc/fsl: Flush branch predictor when entering KVM To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-28-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit e7aa61f47b23afbec41031bc47ca8d6cb6516abc upstream. Switching from the guest to host is another place where the speculative accesses can be exploited. Flush the branch predictor when entering KVM. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kvm/bookehv_interrupts.S |4 1 file changed, 4 insertions(+) --- a/arch/powerpc/kvm/bookehv_interrupts.S +++ b/arch/powerpc/kvm/bookehv_interrupts.S @@ -75,6 +75,10 @@ PPC_LL r1, VCPU_HOST_STACK(r4) PPC_LL r2, HOST_R2(r1) +START_BTB_FLUSH_SECTION + BTB_FLUSH(r10) +END_BTB_FLUSH_SECTION + mfspr r10, SPRN_PID lwz r8, VCPU_HOST_PID(r4) PPC_LL r11, VCPU_SHARED(r4) Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 26/32] powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 26/32] powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:14 +1100 Subject: [PATCH stable v4.14 26/32] powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-27-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 7fef436295bf6c05effe682c8797dfcb0deb112a upstream. In order to protect against speculation attacks on indirect branches, the branch predictor is flushed at kernel entry to protect for the following situations: - userspace process attacking another userspace process - userspace process attacking the kernel Basically when the privillege level change (i.e.the kernel is entered), the branch predictor state is flushed. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/head_booke.h |6 ++ arch/powerpc/kernel/head_fsl_booke.S | 15 +++ 2 files changed, 21 insertions(+) --- a/arch/powerpc/kernel/head_booke.h +++ b/arch/powerpc/kernel/head_booke.h @@ -43,6 +43,9 @@ andi. r11, r11, MSR_PR; /* check whether user or kernel*/\ mr r11, r1; \ beq 1f; \ +START_BTB_FLUSH_SECTION\ + BTB_FLUSH(r11) \ +END_BTB_FLUSH_SECTION \ /* if from user, start at top of this thread's kernel stack */ \ lwz r11, THREAD_INFO-THREAD(r10);\ ALLOC_STACK_FRAME(r11, THREAD_SIZE); \ @@ -128,6 +131,9 @@ stw r9,_CCR(r8);/* save CR on stack*/\ mfspr r11,exc_level_srr1; /* check whether user or kernel*/\ DO_KVM BOOKE_INTERRUPT_##intno exc_level_srr1; \ +START_BTB_FLUSH_SECTION \ + BTB_FLUSH(r10) \ +END_BTB_FLUSH_SECTION \ andi. r11,r11,MSR_PR; \ mfspr r11,SPRN_SPRG_THREAD; /* if from user, start at top of */\ lwz r11,THREAD_INFO-THREAD(r11); /* this thread's kernel stack */\ --- a/arch/powerpc/kernel/head_fsl_booke.S +++ b/arch/powerpc/kernel/head_fsl_booke.S @@ -452,6 +452,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) mfcrr13 stw r13, THREAD_NORMSAVE(3)(r10) DO_KVM BOOKE_INTERRUPT_DTLB_MISS SPRN_SRR1 +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION mfspr r10, SPRN_DEAR /* Get faulting address */ /* If we are faulting a kernel address, we have to use the @@ -546,6 +553,14 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) mfcrr13 stw r13, THREAD_NORMSAVE(3)(r10) DO_KVM BOOKE_INTERRUPT_ITLB_MISS SPRN_SRR1 +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION + mfspr r10, SPRN_SRR0 /* Get faulting address */ /* If we are faulting a kernel address, we have to use the Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting
Patch "[PATCH stable v4.14 25/32] powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 25/32] powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:13 +1100 Subject: [PATCH stable v4.14 25/32] powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-26-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 10c5e83afd4a3f01712d97d3bb1ae34d5b74a185 upstream. In order to protect against speculation attacks on indirect branches, the branch predictor is flushed at kernel entry to protect for the following situations: - userspace process attacking another userspace process - userspace process attacking the kernel Basically when the privillege level change (i.e. the kernel is entered), the branch predictor state is flushed. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/entry_64.S |5 + arch/powerpc/kernel/exceptions-64e.S | 26 +- arch/powerpc/mm/tlb_low_64e.S|7 +++ 3 files changed, 37 insertions(+), 1 deletion(-) --- a/arch/powerpc/kernel/entry_64.S +++ b/arch/powerpc/kernel/entry_64.S @@ -78,6 +78,11 @@ END_FTR_SECTION_IFSET(CPU_FTR_TM) std r0,GPR0(r1) std r10,GPR1(r1) beq 2f /* if from kernel mode */ +#ifdef CONFIG_PPC_FSL_BOOK3E +START_BTB_FLUSH_SECTION + BTB_FLUSH(r10) +END_BTB_FLUSH_SECTION +#endif ACCOUNT_CPU_USER_ENTRY(r13, r10, r11) 2: std r2,GPR2(r1) std r3,GPR3(r1) --- a/arch/powerpc/kernel/exceptions-64e.S +++ b/arch/powerpc/kernel/exceptions-64e.S @@ -295,7 +295,8 @@ ret_from_mc_except: andi. r10,r11,MSR_PR; /* save stack pointer */\ beq 1f; /* branch around if supervisor */ \ ld r1,PACAKSAVE(r13); /* get kernel stack coming from usr */\ -1: cmpdi cr1,r1,0; /* check if SP makes sense */ \ +1: type##_BTB_FLUSH\ + cmpdi cr1,r1,0; /* check if SP makes sense */ \ bge-cr1,exc_##n##_bad_stack;/* bad stack (TODO: out of line) */ \ mfspr r10,SPRN_##type##_SRR0; /* read SRR0 before touching stack */ @@ -327,6 +328,29 @@ ret_from_mc_except: #define SPRN_MC_SRR0 SPRN_MCSRR0 #define SPRN_MC_SRR1 SPRN_MCSRR1 +#ifdef CONFIG_PPC_FSL_BOOK3E +#define GEN_BTB_FLUSH \ + START_BTB_FLUSH_SECTION \ + beq 1f; \ + BTB_FLUSH(r10) \ + 1: \ + END_BTB_FLUSH_SECTION + +#define CRIT_BTB_FLUSH \ + START_BTB_FLUSH_SECTION \ + BTB_FLUSH(r10) \ + END_BTB_FLUSH_SECTION + +#define DBG_BTB_FLUSH CRIT_BTB_FLUSH +#define MC_BTB_FLUSH CRIT_BTB_FLUSH +#define GDBELL_BTB_FLUSH GEN_BTB_FLUSH +#else +#define GEN_BTB_FLUSH +#define CRIT_BTB_FLUSH +#define DBG_BTB_FLUSH +#define GDBELL_BTB_FLUSH +#endif + #define NORMAL_EXCEPTION_PROLOG(n, intnum, addition) \ EXCEPTION_PROLOG(n, intnum, GEN, addition##_GEN(n)) --- a/arch/powerpc/mm/tlb_low_64e.S +++ b/arch/powerpc/mm/tlb_low_64e.S @@ -69,6 +69,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) std r15,EX_TLB_R15(r12) std r10,EX_TLB_CR(r12) #ifdef CONFIG_PPC_FSL_BOOK3E +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION std r7,EX_TLB_R7(r12) #endif TLB_MISS_PROLOG_STATS Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/
Patch "[PATCH stable v4.14 14/32] powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 14/32] powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:02 +1100 Subject: [PATCH stable v4.14 14/32] powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-15-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit c28218d4abbf4f2035495334d8bfcba64bda4787 upstream. Used barrier_nospec to sanitize the syscall table. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/entry_32.S | 10 ++ 1 file changed, 10 insertions(+) --- a/arch/powerpc/kernel/entry_32.S +++ b/arch/powerpc/kernel/entry_32.S @@ -33,6 +33,7 @@ #include #include #include +#include /* * MSR_KERNEL is > 0x1 on 4xx/Book-E since it include MSR_CE. @@ -358,6 +359,15 @@ syscall_dotrace_cont: ori r10,r10,sys_call_table@l slwir0,r0,2 bge-66f + + barrier_nospec_asm + /* +* Prevent the load of the handler below (based on the user-passed +* system call number) being speculatively executed until the test +* against NR_syscalls and branch to .66f above has +* committed. +*/ + lwzxr10,r10,r0 /* Fetch system call handler [ptr] */ mtlrr10 addir9,r1,STACK_FRAME_OVERHEAD Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 29/32] powerpc/fsl: Update Spectre v2 reporting" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 29/32] powerpc/fsl: Update Spectre v2 reporting
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-update-spectre-v2-reporting.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:17 +1100
Subject: [PATCH stable v4.14 29/32] powerpc/fsl: Update Spectre v2 reporting
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-30-...@ellerman.id.au>
From: Michael Ellerman
From: Diana Craciun
commit dfa88658fb0583abb92e062c7a9cd5a5b94f2a46 upstream.
Report branch predictor state flush as a mitigation for
Spectre variant 2.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |5 -
1 file changed, 4 insertions(+), 1 deletion(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -212,8 +212,11 @@ ssize_t cpu_show_spectre_v2(struct devic
if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW)
seq_buf_printf(&s, "(hardware accelerated)");
- } else
+ } else if (btb_flush_enabled) {
+ seq_buf_printf(&s, "Mitigation: Branch predictor state flush");
+ } else {
seq_buf_printf(&s, "Vulnerable");
+ }
seq_buf_printf(&s, "\n");
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch
queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch
queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch
queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch
queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch
queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch
queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch
queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch
queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch
queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 23/32] powerpc/fsl: Emulate SPRN_BUCSR register" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 23/32] powerpc/fsl: Emulate SPRN_BUCSR register to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-emulate-sprn_bucsr-register.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:11 +1100 Subject: [PATCH stable v4.14 23/32] powerpc/fsl: Emulate SPRN_BUCSR register To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-24-...@ellerman.id.au> From: Michael Ellerman From: Diana Craciun commit 98518c4d8728656db349f875fcbbc7c126d4c973 upstream. In order to flush the branch predictor the guest kernel performs writes to the BUCSR register which is hypervisor privilleged. However, the branch predictor is flushed at each KVM entry, so the branch predictor has been already flushed, so just return as soon as possible to guest. Signed-off-by: Diana Craciun [mpe: Tweak comment formatting] Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kvm/e500_emulate.c |7 +++ 1 file changed, 7 insertions(+) --- a/arch/powerpc/kvm/e500_emulate.c +++ b/arch/powerpc/kvm/e500_emulate.c @@ -277,6 +277,13 @@ int kvmppc_core_emulate_mtspr_e500(struc vcpu->arch.pwrmgtcr0 = spr_val; break; + case SPRN_BUCSR: + /* +* If we are here, it means that we have already flushed the +* branch predictor, so just return to guest. +*/ + break; + /* extra exceptions */ #ifdef CONFIG_SPE_POSSIBLE case SPRN_IVOR32: Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nxp-powerpc-32-bit-platforms.patch queue-4.14/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.14/powerpc-fsl-add-barrier_nospec-implementation-for-nxp-powerpc-book3e.patch queue-4.14/powerpc-security-fix-spectre_v2-reporting.patch queue-4.14/powerpc-64-disable-the-speculation-barrier-from-the-command-line.patch queue-4.14/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.14/powerpc-64-add-config_ppc_barrier_nospec.patch queue-4.14/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.14/powerpc-64-use-barrier_nospec-in-syscall-entry.patch queue-4.14/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.14/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.14/powerpc-64s-add-new-security-feature-flags-for-count-cache-flush.patch queue-4.14/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_spectre_v1.patch queue-4.14/powerpc-64-call-setup_barrier_nospec-from-setup_arch.patch queue-4.14/powerpc-asm-add-a-patch_site-macro-helpers-for-patching-instructions.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.14/powerpc-64s-enable-barrier_nospec-based-on-firmware-settings.patch queue-4.14/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch queue-4.14/powerpc-powernv-query-firmware-for-count-cache-flush-settings.patch
Patch "[PATCH stable v4.14 04/32] powerpc: Use barrier_nospec in copy_from_user()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 04/32] powerpc: Use barrier_nospec in copy_from_user()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-use-barrier_nospec-in-copy_from_user.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:52 +1100
Subject: [PATCH stable v4.14 04/32] powerpc: Use barrier_nospec in
copy_from_user()
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-5-...@ellerman.id.au>
From: Michael Ellerman
commit ddf35cf3764b5a182b178105f57515b42e2634f8 upstream.
Based on the x86 commit doing the same.
See commit 304ec1b05031 ("x86/uaccess: Use __uaccess_begin_nospec()
and uaccess_try_nospec") and b3bbfb3fb5d2 ("x86: Introduce
__uaccess_begin_nospec() and uaccess_try_nospec") for more detail.
In all cases we are ordering the load from the potentially
user-controlled pointer vs a previous branch based on an access_ok()
check or similar.
Base on a patch from Michal Suchanek.
Signed-off-by: Michal Suchanek
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/uaccess.h | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -238,6 +238,7 @@ do {
\
__chk_user_ptr(ptr);\
if (!is_kernel_addr((unsigned long)__gu_addr)) \
might_fault(); \
+ barrier_nospec(); \
__get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
(x) = (__typeof__(*(ptr)))__gu_val; \
__gu_err; \
@@ -249,8 +250,10 @@ do {
\
__long_type(*(ptr)) __gu_val = 0; \
const __typeof__(*(ptr)) __user *__gu_addr = (ptr); \
might_fault(); \
- if (access_ok(VERIFY_READ, __gu_addr, (size))) \
+ if (access_ok(VERIFY_READ, __gu_addr, (size))) {\
+ barrier_nospec(); \
__get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
+ } \
(x) = (__force __typeof__(*(ptr)))__gu_val;
\
__gu_err; \
})
@@ -261,6 +264,7 @@ do {
\
__long_type(*(ptr)) __gu_val; \
const __typeof__(*(ptr)) __user *__gu_addr = (ptr); \
__chk_user_ptr(ptr);\
+ barrier_nospec(); \
__get_user_size(__gu_val, __gu_addr, (size), __gu_err); \
(x) = (__force __typeof__(*(ptr)))__gu_val; \
__gu_err; \
@@ -288,15 +292,19 @@ static inline unsigned long raw_copy_fro
switch (n) {
case 1:
+ barrier_nospec();
__get_user_size(*(u8 *)to, from, 1, ret);
break;
case 2:
+ barrier_nospec();
__get_user_size(*(u16 *)to, from, 2, ret);
break;
case 4:
+ barrier_nospec();
__get_user_size(*(u32 *)to, from, 4, ret);
break;
case 8:
+ barrier_nospec();
__get_user_size(*(u64 *)to, from, 8, ret);
break;
}
@@ -304,6 +312,7 @@ static inline unsigned long raw_copy_fro
return 0;
}
+ barrier_nospec();
return __copy_tofrom_user((__force void __user *)to, from, n);
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/
Patch "[PATCH stable v4.14 07/32] powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 07/32] powerpc64s: Show ori31 availability in
spectre_v1 sysfs file not v2
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:25:55 +1100
Subject: [PATCH stable v4.14 07/32] powerpc64s: Show ori31 availability in
spectre_v1 sysfs file not v2
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-8-...@ellerman.id.au>
From: Michael Ellerman
commit 6d44acae1937b81cf8115ada8958e04f601f3f2e upstream.
When I added the spectre_v2 information in sysfs, I included the
availability of the ori31 speculation barrier.
Although the ori31 barrier can be used to mitigate v2, it's primarily
intended as a spectre v1 mitigation. Spectre v2 is mitigated by
hardware changes.
So rework the sysfs files to show the ori31 information in the
spectre_v1 file, rather than v2.
Currently we display eg:
$ grep . spectre_v*
spectre_v1:Mitigation: __user pointer sanitization
spectre_v2:Mitigation: Indirect branch cache disabled, ori31 speculation
barrier enabled
After:
$ grep . spectre_v*
spectre_v1:Mitigation: __user pointer sanitization, ori31 speculation barrier
enabled
spectre_v2:Mitigation: Indirect branch cache disabled
Fixes: d6fbe1c55c55 ("powerpc/64s: Wire up cpu_show_spectre_v2()")
Cc: sta...@vger.kernel.org # v4.17+
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 27 +--
1 file changed, 17 insertions(+), 10 deletions(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -117,25 +117,35 @@ ssize_t cpu_show_meltdown(struct device
ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
char *buf)
{
- if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR))
- return sprintf(buf, "Not affected\n");
+ struct seq_buf s;
+
+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+ if (security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR)) {
+ if (barrier_nospec_enabled)
+ seq_buf_printf(&s, "Mitigation: __user pointer
sanitization");
+ else
+ seq_buf_printf(&s, "Vulnerable");
- if (barrier_nospec_enabled)
- return sprintf(buf, "Mitigation: __user pointer
sanitization\n");
+ if (security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31))
+ seq_buf_printf(&s, ", ori31 speculation barrier
enabled");
- return sprintf(buf, "Vulnerable\n");
+ seq_buf_printf(&s, "\n");
+ } else
+ seq_buf_printf(&s, "Not affected\n");
+
+ return s.len;
}
ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
char *buf)
{
- bool bcs, ccd, ori;
struct seq_buf s;
+ bool bcs, ccd;
seq_buf_init(&s, buf, PAGE_SIZE - 1);
bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
- ori = security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31);
if (bcs || ccd) {
seq_buf_printf(&s, "Mitigation: ");
@@ -151,9 +161,6 @@ ssize_t cpu_show_spectre_v2(struct devic
} else
seq_buf_printf(&s, "Vulnerable");
- if (ori)
- seq_buf_printf(&s, ", ori31 speculation barrier enabled");
-
seq_buf_printf(&s, "\n");
return s.len;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from_user.patch
queue-4.14/powerpc-fsl-sanitize-the-syscall-table-for-nx
Patch "[PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
[PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-security-fix-spectre_v2-reporting.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 15:53:50 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:20 +1100
Subject: [PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-33-...@ellerman.id.au>
From: Michael Ellerman
commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream.
When I updated the spectre_v2 reporting to handle software count cache
flush I got the logic wrong when there's no software count cache
enabled at all.
The result is that on systems with the software count cache flush
disabled we print:
Mitigation: Indirect branch cache disabled, Software count cache flush
Which correctly indicates that the count cache is disabled, but
incorrectly says the software count cache flush is enabled.
The root of the problem is that we are trying to handle all
combinations of options. But we know now that we only expect to see
the software count cache flush enabled if the other options are false.
So split the two cases, which simplifies the logic and fixes the bug.
We were also missing a space before "(hardware accelerated)".
The result is we see one of:
Mitigation: Indirect branch serialisation (kernel only)
Mitigation: Indirect branch cache disabled
Mitigation: Software count cache flush
Mitigation: Software count cache flush (hardware accelerated)
Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush")
Cc: sta...@vger.kernel.org # v4.19+
Signed-off-by: Michael Ellerman
Reviewed-by: Michael Neuling
Reviewed-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 23 ---
1 file changed, 8 insertions(+), 15 deletions(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -189,29 +189,22 @@ ssize_t cpu_show_spectre_v2(struct devic
bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
- if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
- bool comma = false;
+ if (bcs || ccd) {
seq_buf_printf(&s, "Mitigation: ");
- if (bcs) {
+ if (bcs)
seq_buf_printf(&s, "Indirect branch serialisation
(kernel only)");
- comma = true;
- }
- if (ccd) {
- if (comma)
- seq_buf_printf(&s, ", ");
- seq_buf_printf(&s, "Indirect branch cache disabled");
- comma = true;
- }
-
- if (comma)
+ if (bcs && ccd)
seq_buf_printf(&s, ", ");
- seq_buf_printf(&s, "Software count cache flush");
+ if (ccd)
+ seq_buf_printf(&s, "Indirect branch cache disabled");
+ } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
+ seq_buf_printf(&s, "Mitigation: Software count cache flush");
if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW)
- seq_buf_printf(&s, "(hardware accelerated)");
+ seq_buf_printf(&s, " (hardware accelerated)");
} else if (btb_flush_enabled) {
seq_buf_printf(&s, "Mitigation: Branch predictor state flush");
} else {
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch
queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch
queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch
queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch
queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch
queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch
queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.14/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.14/powerpc-64-make-meltdown-reporting-book3s-64-specific.patch
queue-4.14/powerpc-64s-add-support-for-ori-barrier_nospec-patching.patch
queue-4.14/powerpc-use-barrier_nospec-in-copy_from
Patch "powerpc/fsl: Add infrastructure to fixup branch predictor flush" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/fsl: Add infrastructure to fixup branch predictor flush
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 16:04:51 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:08 +1100
Subject: powerpc/fsl: Add infrastructure to fixup branch predictor flush
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-21-...@ellerman.id.au>
From: Diana Craciun
commit 76a5eaa38b15dda92cd6964248c39b5a6f3a4e9d upstream.
In order to protect against speculation attacks (Spectre
variant 2) on NXP PowerPC platforms, the branch predictor
should be flushed when the privillege level is changed.
This patch is adding the infrastructure to fixup at runtime
the code sections that are performing the branch predictor flush
depending on a boot arg parameter which is added later in a
separate patch.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/feature-fixups.h | 12
arch/powerpc/include/asm/setup.h |2 ++
arch/powerpc/kernel/vmlinux.lds.S |8
arch/powerpc/lib/feature-fixups.c | 23 +++
4 files changed, 45 insertions(+)
--- a/arch/powerpc/include/asm/feature-fixups.h
+++ b/arch/powerpc/include/asm/feature-fixups.h
@@ -221,6 +221,17 @@ label##3: \
FTR_ENTRY_OFFSET 953b-954b; \
.popsection;
+#define START_BTB_FLUSH_SECTION\
+955: \
+
+#define END_BTB_FLUSH_SECTION \
+956: \
+ .pushsection __btb_flush_fixup,"a"; \
+ .align 2; \
+957: \
+ FTR_ENTRY_OFFSET 955b-957b; \
+ FTR_ENTRY_OFFSET 956b-957b; \
+ .popsection;
#ifndef __ASSEMBLY__
#include
@@ -230,6 +241,7 @@ extern long __start___stf_entry_barrier_
extern long __start___stf_exit_barrier_fixup, __stop___stf_exit_barrier_fixup;
extern long __start___rfi_flush_fixup, __stop___rfi_flush_fixup;
extern long __start___barrier_nospec_fixup, __stop___barrier_nospec_fixup;
+extern long __start__btb_flush_fixup, __stop__btb_flush_fixup;
void apply_feature_fixups(void);
void setup_feature_keys(void);
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -67,6 +67,8 @@ void do_barrier_nospec_fixups_range(bool
static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
#endif
+void do_btb_flush_fixups(void);
+
#endif /* !__ASSEMBLY__ */
#endif /* _ASM_POWERPC_SETUP_H */
--- a/arch/powerpc/kernel/vmlinux.lds.S
+++ b/arch/powerpc/kernel/vmlinux.lds.S
@@ -164,6 +164,14 @@ SECTIONS
}
#endif /* CONFIG_PPC_BARRIER_NOSPEC */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+ . = ALIGN(8);
+ __spec_btb_flush_fixup : AT(ADDR(__spec_btb_flush_fixup) - LOAD_OFFSET)
{
+ __start__btb_flush_fixup = .;
+ *(__btb_flush_fixup)
+ __stop__btb_flush_fixup = .;
+ }
+#endif
EXCEPTION_TABLE(0)
NOTES :kernel :notes
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -347,6 +347,29 @@ void do_barrier_nospec_fixups_range(bool
printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
}
+
+static void patch_btb_flush_section(long *curr)
+{
+ unsigned int *start, *end;
+
+ start = (void *)curr + *curr;
+ end = (void *)curr + *(curr + 1);
+ for (; start < end; start++) {
+ pr_devel("patching dest %lx\n", (unsigned long)start);
+ patch_instruction(start, PPC_INST_NOP);
+ }
+}
+
+void do_btb_flush_fixups(void)
+{
+ long *start, *end;
+
+ start = PTRRELOC(&__start__btb_flush_fixup);
+ end = PTRRELOC(&__stop__btb_flush_fixup);
+
+ for (; start < end; start += 2)
+ patch_btb_flush_section(start);
+}
#endif /* CONFIG_PPC_FSL_BOOK3E */
void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-
Patch "powerpc/fsl: Add macro to flush the branch predictor" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Add macro to flush the branch predictor to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:09 +1100 Subject: powerpc/fsl: Add macro to flush the branch predictor To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-22-...@ellerman.id.au> From: Diana Craciun commit 1cbf8990d79ff69da8ad09e8a3df014e1494462b upstream. The BUCSR register can be used to invalidate the entries in the branch prediction mechanisms. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/ppc_asm.h | 10 ++ 1 file changed, 10 insertions(+) --- a/arch/powerpc/include/asm/ppc_asm.h +++ b/arch/powerpc/include/asm/ppc_asm.h @@ -821,4 +821,14 @@ END_FTR_SECTION_IFCLR(CPU_FTR_601) stringify_in_c(.long (_target) - . ;) \ stringify_in_c(.previous) +#ifdef CONFIG_PPC_FSL_BOOK3E +#define BTB_FLUSH(reg) \ + lis reg,BUCSR_INIT@h; \ + ori reg,reg,BUCSR_INIT@l; \ + mtspr SPRN_BUCSR,reg; \ + isync; +#else +#define BTB_FLUSH(reg) +#endif /* CONFIG_PPC_FSL_BOOK3E */ + #endif /* _ASM_POWERPC_PPC_ASM_H */ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Add nospectre_v2 command line argument" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/fsl: Add nospectre_v2 command line argument
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-add-nospectre_v2-command-line-argument.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 16:04:51 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:12 +1100
Subject: powerpc/fsl: Add nospectre_v2 command line argument
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-25-...@ellerman.id.au>
From: Diana Craciun
commit f633a8ad636efb5d4bba1a047d4a0f1ef719aa06 upstream.
When the command line argument is present, the Spectre variant 2
mitigations are disabled.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |5 +
arch/powerpc/kernel/security.c | 21 +
2 files changed, 26 insertions(+)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -67,6 +67,11 @@ void do_barrier_nospec_fixups_range(bool
static inline void do_barrier_nospec_fixups_range(bool enable, void *start,
void *end) { };
#endif
+#ifdef CONFIG_PPC_FSL_BOOK3E
+void setup_spectre_v2(void);
+#else
+static inline void setup_spectre_v2(void) {};
+#endif
void do_btb_flush_fixups(void);
#endif /* !__ASSEMBLY__ */
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -26,6 +26,10 @@ static enum count_cache_flush_type count
bool barrier_nospec_enabled;
static bool no_nospec;
+static bool btb_flush_enabled;
+#ifdef CONFIG_PPC_FSL_BOOK3E
+static bool no_spectrev2;
+#endif
static void enable_barrier_nospec(bool enable)
{
@@ -101,6 +105,23 @@ static __init int barrier_nospec_debugfs
device_initcall(barrier_nospec_debugfs_init);
#endif /* CONFIG_DEBUG_FS */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+static int __init handle_nospectre_v2(char *p)
+{
+ no_spectrev2 = true;
+
+ return 0;
+}
+early_param("nospectre_v2", handle_nospectre_v2);
+void setup_spectre_v2(void)
+{
+ if (no_spectrev2)
+ do_btb_flush_fixups();
+ else
+ btb_flush_enabled = true;
+}
+#endif /* CONFIG_PPC_FSL_BOOK3E */
+
#ifdef CONFIG_PPC_BOOK3S_64
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Emulate SPRN_BUCSR register" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Emulate SPRN_BUCSR register to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-emulate-sprn_bucsr-register.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:11 +1100 Subject: powerpc/fsl: Emulate SPRN_BUCSR register To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-24-...@ellerman.id.au> From: Diana Craciun commit 98518c4d8728656db349f875fcbbc7c126d4c973 upstream. In order to flush the branch predictor the guest kernel performs writes to the BUCSR register which is hypervisor privilleged. However, the branch predictor is flushed at each KVM entry, so the branch predictor has been already flushed, so just return as soon as possible to guest. Signed-off-by: Diana Craciun [mpe: Tweak comment formatting] Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kvm/e500_emulate.c |7 +++ 1 file changed, 7 insertions(+) --- a/arch/powerpc/kvm/e500_emulate.c +++ b/arch/powerpc/kvm/e500_emulate.c @@ -277,6 +277,13 @@ int kvmppc_core_emulate_mtspr_e500(struc vcpu->arch.pwrmgtcr0 = spr_val; break; + case SPRN_BUCSR: + /* +* If we are here, it means that we have already flushed the +* branch predictor, so just return to guest. +*/ + break; + /* extra exceptions */ #ifdef CONFIG_SPE_POSSIBLE case SPRN_IVOR32: Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:16 +1100 Subject: powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-29-...@ellerman.id.au> From: Diana Craciun commit 3bc8ea8603ae4c1e09aca8de229ad38b8091fcb3 upstream. If the user choses not to use the mitigations, replace the code sequence with nops. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/setup-common.c |1 + 1 file changed, 1 insertion(+) --- a/arch/powerpc/kernel/setup-common.c +++ b/arch/powerpc/kernel/setup-common.c @@ -973,6 +973,7 @@ void __init setup_arch(char **cmdline_p) ppc_md.setup_arch(); setup_barrier_nospec(); + setup_spectre_v2(); paging_init(); Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Fix the flush of branch predictor." has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/fsl: Fix the flush of branch predictor.
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-fix-the-flush-of-branch-predictor.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 16:04:51 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:19 +1100
Subject: powerpc/fsl: Fix the flush of branch predictor.
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-32-...@ellerman.id.au>
From: Christophe Leroy
commit 27da80719ef132cf8c80eb406d5aeb37dddf78cc upstream.
The commit identified below adds MC_BTB_FLUSH macro only when
CONFIG_PPC_FSL_BOOK3E is defined. This results in the following error
on some configs (seen several times with kisskb randconfig_defconfig)
arch/powerpc/kernel/exceptions-64e.S:576: Error: Unrecognized opcode:
`mc_btb_flush'
make[3]: *** [scripts/Makefile.build:367: arch/powerpc/kernel/exceptions-64e.o]
Error 1
make[2]: *** [scripts/Makefile.build:492: arch/powerpc/kernel] Error 2
make[1]: *** [Makefile:1043: arch/powerpc] Error 2
make: *** [Makefile:152: sub-make] Error 2
This patch adds a blank definition of MC_BTB_FLUSH for other cases.
Fixes: 10c5e83afd4a ("powerpc/fsl: Flush the branch predictor at each kernel
entry (64bit)")
Cc: Diana Craciun
Signed-off-by: Christophe Leroy
Reviewed-by: Daniel Axtens
Reviewed-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/exceptions-64e.S |1 +
1 file changed, 1 insertion(+)
--- a/arch/powerpc/kernel/exceptions-64e.S
+++ b/arch/powerpc/kernel/exceptions-64e.S
@@ -349,6 +349,7 @@ ret_from_mc_except:
#define GEN_BTB_FLUSH
#define CRIT_BTB_FLUSH
#define DBG_BTB_FLUSH
+#define MC_BTB_FLUSH
#define GDBELL_BTB_FLUSH
#endif
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Flush branch predictor when entering KVM" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Flush branch predictor when entering KVM to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:15 +1100 Subject: powerpc/fsl: Flush branch predictor when entering KVM To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-28-...@ellerman.id.au> From: Diana Craciun commit e7aa61f47b23afbec41031bc47ca8d6cb6516abc upstream. Switching from the guest to host is another place where the speculative accesses can be exploited. Flush the branch predictor when entering KVM. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kvm/bookehv_interrupts.S |4 1 file changed, 4 insertions(+) --- a/arch/powerpc/kvm/bookehv_interrupts.S +++ b/arch/powerpc/kvm/bookehv_interrupts.S @@ -75,6 +75,10 @@ PPC_LL r1, VCPU_HOST_STACK(r4) PPC_LL r2, HOST_R2(r1) +START_BTB_FLUSH_SECTION + BTB_FLUSH(r10) +END_BTB_FLUSH_SECTION + mfspr r10, SPRN_PID lwz r8, VCPU_HOST_PID(r4) PPC_LL r11, VCPU_SHARED(r4) Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:14 +1100 Subject: powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-27-...@ellerman.id.au> From: Diana Craciun commit 7fef436295bf6c05effe682c8797dfcb0deb112a upstream. In order to protect against speculation attacks on indirect branches, the branch predictor is flushed at kernel entry to protect for the following situations: - userspace process attacking another userspace process - userspace process attacking the kernel Basically when the privillege level change (i.e.the kernel is entered), the branch predictor state is flushed. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/head_booke.h |6 ++ arch/powerpc/kernel/head_fsl_booke.S | 15 +++ 2 files changed, 21 insertions(+) --- a/arch/powerpc/kernel/head_booke.h +++ b/arch/powerpc/kernel/head_booke.h @@ -43,6 +43,9 @@ andi. r11, r11, MSR_PR; /* check whether user or kernel*/\ mr r11, r1; \ beq 1f; \ +START_BTB_FLUSH_SECTION\ + BTB_FLUSH(r11) \ +END_BTB_FLUSH_SECTION \ /* if from user, start at top of this thread's kernel stack */ \ lwz r11, THREAD_INFO-THREAD(r10);\ ALLOC_STACK_FRAME(r11, THREAD_SIZE); \ @@ -128,6 +131,9 @@ stw r9,_CCR(r8);/* save CR on stack*/\ mfspr r11,exc_level_srr1; /* check whether user or kernel*/\ DO_KVM BOOKE_INTERRUPT_##intno exc_level_srr1; \ +START_BTB_FLUSH_SECTION \ + BTB_FLUSH(r10) \ +END_BTB_FLUSH_SECTION \ andi. r11,r11,MSR_PR; \ mfspr r11,SPRN_SPRG_THREAD; /* if from user, start at top of */\ lwz r11,THREAD_INFO-THREAD(r11); /* this thread's kernel stack */\ --- a/arch/powerpc/kernel/head_fsl_booke.S +++ b/arch/powerpc/kernel/head_fsl_booke.S @@ -453,6 +453,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) mfcrr13 stw r13, THREAD_NORMSAVE(3)(r10) DO_KVM BOOKE_INTERRUPT_DTLB_MISS SPRN_SRR1 +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION mfspr r10, SPRN_DEAR /* Get faulting address */ /* If we are faulting a kernel address, we have to use the @@ -547,6 +554,14 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) mfcrr13 stw r13, THREAD_NORMSAVE(3)(r10) DO_KVM BOOKE_INTERRUPT_ITLB_MISS SPRN_SRR1 +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION + mfspr r10, SPRN_SRR0 /* Get faulting address */ /* If we are faulting a kernel address, we have to use the Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each
Patch "powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:13 +1100 Subject: powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-26-...@ellerman.id.au> From: Diana Craciun commit 10c5e83afd4a3f01712d97d3bb1ae34d5b74a185 upstream. In order to protect against speculation attacks on indirect branches, the branch predictor is flushed at kernel entry to protect for the following situations: - userspace process attacking another userspace process - userspace process attacking the kernel Basically when the privillege level change (i.e. the kernel is entered), the branch predictor state is flushed. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/entry_64.S |5 + arch/powerpc/kernel/exceptions-64e.S | 26 +- arch/powerpc/mm/tlb_low_64e.S|7 +++ 3 files changed, 37 insertions(+), 1 deletion(-) --- a/arch/powerpc/kernel/entry_64.S +++ b/arch/powerpc/kernel/entry_64.S @@ -80,6 +80,11 @@ END_FTR_SECTION_IFSET(CPU_FTR_TM) std r0,GPR0(r1) std r10,GPR1(r1) beq 2f /* if from kernel mode */ +#ifdef CONFIG_PPC_FSL_BOOK3E +START_BTB_FLUSH_SECTION + BTB_FLUSH(r10) +END_BTB_FLUSH_SECTION +#endif ACCOUNT_CPU_USER_ENTRY(r13, r10, r11) 2: std r2,GPR2(r1) std r3,GPR3(r1) --- a/arch/powerpc/kernel/exceptions-64e.S +++ b/arch/powerpc/kernel/exceptions-64e.S @@ -296,7 +296,8 @@ ret_from_mc_except: andi. r10,r11,MSR_PR; /* save stack pointer */\ beq 1f; /* branch around if supervisor */ \ ld r1,PACAKSAVE(r13); /* get kernel stack coming from usr */\ -1: cmpdi cr1,r1,0; /* check if SP makes sense */ \ +1: type##_BTB_FLUSH\ + cmpdi cr1,r1,0; /* check if SP makes sense */ \ bge-cr1,exc_##n##_bad_stack;/* bad stack (TODO: out of line) */ \ mfspr r10,SPRN_##type##_SRR0; /* read SRR0 before touching stack */ @@ -328,6 +329,29 @@ ret_from_mc_except: #define SPRN_MC_SRR0 SPRN_MCSRR0 #define SPRN_MC_SRR1 SPRN_MCSRR1 +#ifdef CONFIG_PPC_FSL_BOOK3E +#define GEN_BTB_FLUSH \ + START_BTB_FLUSH_SECTION \ + beq 1f; \ + BTB_FLUSH(r10) \ + 1: \ + END_BTB_FLUSH_SECTION + +#define CRIT_BTB_FLUSH \ + START_BTB_FLUSH_SECTION \ + BTB_FLUSH(r10) \ + END_BTB_FLUSH_SECTION + +#define DBG_BTB_FLUSH CRIT_BTB_FLUSH +#define MC_BTB_FLUSH CRIT_BTB_FLUSH +#define GDBELL_BTB_FLUSH GEN_BTB_FLUSH +#else +#define GEN_BTB_FLUSH +#define CRIT_BTB_FLUSH +#define DBG_BTB_FLUSH +#define GDBELL_BTB_FLUSH +#endif + #define NORMAL_EXCEPTION_PROLOG(n, intnum, addition) \ EXCEPTION_PROLOG(n, intnum, GEN, addition##_GEN(n)) --- a/arch/powerpc/mm/tlb_low_64e.S +++ b/arch/powerpc/mm/tlb_low_64e.S @@ -70,6 +70,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) std r15,EX_TLB_R15(r12) std r10,EX_TLB_CR(r12) #ifdef CONFIG_PPC_FSL_BOOK3E +START_BTB_FLUSH_SECTION + mfspr r11, SPRN_SRR1 + andi. r10,r11,MSR_PR + beq 1f + BTB_FLUSH(r10) +1: +END_BTB_FLUSH_SECTION std r7,EX_TLB_R7(r12) #endif TLB_MISS_PROLOG_STATS Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-f
Patch "powerpc/fsl: Update Spectre v2 reporting" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/fsl: Update Spectre v2 reporting
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-fsl-update-spectre-v2-reporting.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 16:04:51 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:17 +1100
Subject: powerpc/fsl: Update Spectre v2 reporting
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-30-...@ellerman.id.au>
From: Diana Craciun
commit dfa88658fb0583abb92e062c7a9cd5a5b94f2a46 upstream.
Report branch predictor state flush as a mitigation for
Spectre variant 2.
Signed-off-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |5 -
1 file changed, 4 insertions(+), 1 deletion(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -212,8 +212,11 @@ ssize_t cpu_show_spectre_v2(struct devic
if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW)
seq_buf_printf(&s, "(hardware accelerated)");
- } else
+ } else if (btb_flush_enabled) {
+ seq_buf_printf(&s, "Mitigation: Branch predictor state flush");
+ } else {
seq_buf_printf(&s, "Vulnerable");
+ }
seq_buf_printf(&s, "\n");
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/security: Fix spectre_v2 reporting" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/security: Fix spectre_v2 reporting
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-security-fix-spectre_v2-reporting.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri Mar 29 16:04:51 CET 2019
From: Michael Ellerman
Date: Fri, 29 Mar 2019 22:26:20 +1100
Subject: powerpc/security: Fix spectre_v2 reporting
To: sta...@vger.kernel.org, gre...@linuxfoundation.org
Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de,
christophe.le...@c-s.fr
Message-ID: <20190329112620.14489-33-...@ellerman.id.au>
From: Michael Ellerman
commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream.
When I updated the spectre_v2 reporting to handle software count cache
flush I got the logic wrong when there's no software count cache
enabled at all.
The result is that on systems with the software count cache flush
disabled we print:
Mitigation: Indirect branch cache disabled, Software count cache flush
Which correctly indicates that the count cache is disabled, but
incorrectly says the software count cache flush is enabled.
The root of the problem is that we are trying to handle all
combinations of options. But we know now that we only expect to see
the software count cache flush enabled if the other options are false.
So split the two cases, which simplifies the logic and fixes the bug.
We were also missing a space before "(hardware accelerated)".
The result is we see one of:
Mitigation: Indirect branch serialisation (kernel only)
Mitigation: Indirect branch cache disabled
Mitigation: Software count cache flush
Mitigation: Software count cache flush (hardware accelerated)
Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush")
Cc: sta...@vger.kernel.org # v4.19+
Signed-off-by: Michael Ellerman
Reviewed-by: Michael Neuling
Reviewed-by: Diana Craciun
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 23 ---
1 file changed, 8 insertions(+), 15 deletions(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -189,29 +189,22 @@ ssize_t cpu_show_spectre_v2(struct devic
bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
- if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
- bool comma = false;
+ if (bcs || ccd) {
seq_buf_printf(&s, "Mitigation: ");
- if (bcs) {
+ if (bcs)
seq_buf_printf(&s, "Indirect branch serialisation
(kernel only)");
- comma = true;
- }
- if (ccd) {
- if (comma)
- seq_buf_printf(&s, ", ");
- seq_buf_printf(&s, "Indirect branch cache disabled");
- comma = true;
- }
-
- if (comma)
+ if (bcs && ccd)
seq_buf_printf(&s, ", ");
- seq_buf_printf(&s, "Software count cache flush");
+ if (ccd)
+ seq_buf_printf(&s, "Indirect branch cache disabled");
+ } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
+ seq_buf_printf(&s, "Mitigation: Software count cache flush");
if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW)
- seq_buf_printf(&s, "(hardware accelerated)");
+ seq_buf_printf(&s, " (hardware accelerated)");
} else if (btb_flush_enabled) {
seq_buf_printf(&s, "Mitigation: Branch predictor state flush");
} else {
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch
queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch
queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch
queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch
queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch
queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch
queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch
queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch
queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch
queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch
queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:18 +1100 Subject: powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-31-...@ellerman.id.au> From: Diana Craciun commit 039daac5526932ec731e4499613018d263af8b3e upstream. Fixed the following build warning: powerpc-linux-gnu-ld: warning: orphan section `__btb_flush_fixup' from `arch/powerpc/kernel/head_44x.o' being placed in section `__btb_flush_fixup'. Signed-off-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/head_booke.h | 18 -- 1 file changed, 12 insertions(+), 6 deletions(-) --- a/arch/powerpc/kernel/head_booke.h +++ b/arch/powerpc/kernel/head_booke.h @@ -32,6 +32,16 @@ */ #define THREAD_NORMSAVE(offset)(THREAD_NORMSAVES + (offset * 4)) +#ifdef CONFIG_PPC_FSL_BOOK3E +#define BOOKE_CLEAR_BTB(reg) \ +START_BTB_FLUSH_SECTION \ + BTB_FLUSH(reg) \ +END_BTB_FLUSH_SECTION +#else +#define BOOKE_CLEAR_BTB(reg) +#endif + + #define NORMAL_EXCEPTION_PROLOG(intno) \ mtspr SPRN_SPRG_WSCRATCH0, r10; /* save one register */ \ mfspr r10, SPRN_SPRG_THREAD; \ @@ -43,9 +53,7 @@ andi. r11, r11, MSR_PR; /* check whether user or kernel*/\ mr r11, r1; \ beq 1f; \ -START_BTB_FLUSH_SECTION\ - BTB_FLUSH(r11) \ -END_BTB_FLUSH_SECTION \ + BOOKE_CLEAR_BTB(r11)\ /* if from user, start at top of this thread's kernel stack */ \ lwz r11, THREAD_INFO-THREAD(r10);\ ALLOC_STACK_FRAME(r11, THREAD_SIZE); \ @@ -131,9 +139,7 @@ END_BTB_FLUSH_SECTION \ stw r9,_CCR(r8);/* save CR on stack*/\ mfspr r11,exc_level_srr1; /* check whether user or kernel*/\ DO_KVM BOOKE_INTERRUPT_##intno exc_level_srr1; \ -START_BTB_FLUSH_SECTION \ - BTB_FLUSH(r10) \ -END_BTB_FLUSH_SECTION \ + BOOKE_CLEAR_BTB(r10)\ andi. r11,r11,MSR_PR; \ mfspr r11,SPRN_SPRG_THREAD; /* if from user, start at top of */\ lwz r11,THREAD_INFO-THREAD(r11); /* this thread's kernel stack */\ Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 5.5-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 5.5-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-5.5 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported-b
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported-b
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported-b
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported
Patch "mm, slub: prevent kmalloc_node crashes and memory leaks" has been added to the 5.4-stable tree
This is a note to let you know that I've just added the patch titled
mm, slub: prevent kmalloc_node crashes and memory leaks
to the 5.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mm-slub-prevent-kmalloc_node-crashes-and-memory-leaks.patch
and it can be found in the queue-5.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0715e6c516f106ed553828a671d30ad9a3431536 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka
Date: Sat, 21 Mar 2020 18:22:37 -0700
Subject: mm, slub: prevent kmalloc_node crashes and memory leaks
From: Vlastimil Babka
commit 0715e6c516f106ed553828a671d30ad9a3431536 upstream.
Sachin reports [1] a crash in SLUB __slab_alloc():
BUG: Kernel NULL pointer dereference on read at 0x73b0
Faulting instruction address: 0xc03d55f4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
Modules linked in:
CPU: 19 PID: 1 Comm: systemd Not tainted 5.6.0-rc2-next-20200218-autotest #1
NIP: c03d55f4 LR: c03d5b94 CTR:
REGS: c008b37836d0 TRAP: 0300 Not tainted
(5.6.0-rc2-next-20200218-autotest)
MSR: 80009033 CR: 24004844 XER:
CFAR: c000dec4 DAR: 73b0 DSISR: 4000 IRQMASK: 1
GPR00: c03d5b94 c008b3783960 c155d400 c008b301f500
GPR04: 0dc0 0002 c03443d8 c008bb398620
GPR08: 0008ba2f 0001
GPR12: 24004844 c0001ec52a00
GPR16: c008a1b20048 c1595898 c1750c18 0002
GPR20: c1750c28 c1624470 000fffe0 5deadbeef122
GPR24: 0001 0dc0 0002 c03443d8
GPR28: c008b301f500 c008bb398620 c00c02287180
NIP ___slab_alloc+0x1f4/0x760
LR __slab_alloc+0x34/0x60
Call Trace:
___slab_alloc+0x334/0x760 (unreliable)
__slab_alloc+0x34/0x60
__kmalloc_node+0x110/0x490
kvmalloc_node+0x58/0x110
mem_cgroup_css_online+0x108/0x270
online_css+0x48/0xd0
cgroup_apply_control_enable+0x2ec/0x4d0
cgroup_mkdir+0x228/0x5f0
kernfs_iop_mkdir+0x90/0xf0
vfs_mkdir+0x110/0x230
do_mkdirat+0xb0/0x1a0
system_call+0x5c/0x68
This is a PowerPC platform with following NUMA topology:
available: 2 nodes (0-1)
node 0 cpus:
node 0 size: 0 MB
node 0 free: 0 MB
node 1 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
25 26 27 28 29 30 31
node 1 size: 35247 MB
node 1 free: 30907 MB
node distances:
node 0 1
0: 10 40
1: 40 10
possible numa nodes: 0-31
This only happens with a mmotm patch "mm/memcontrol.c: allocate
shrinker_map on appropriate NUMA node" [2] which effectively calls
kmalloc_node for each possible node. SLUB however only allocates
kmem_cache_node on online N_NORMAL_MEMORY nodes, and relies on
node_to_mem_node to return such valid node for other nodes since commit
a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node"). This is however not true in this configuration
where the _node_numa_mem_ array is not initialized for nodes 0 and 2-31,
thus it contains zeroes and get_partial() ends up accessing
non-allocated kmem_cache_node.
A related issue was reported by Bharata (originally by Ramachandran) [3]
where a similar PowerPC configuration, but with mainline kernel without
patch [2] ends up allocating large amounts of pages by kmalloc-1k
kmalloc-512. This seems to have the same underlying issue with
node_to_mem_node() not behaving as expected, and might probably also
lead to an infinite loop with CONFIG_SLUB_CPU_PARTIAL [4].
This patch should fix both issues by not relying on node_to_mem_node()
anymore and instead simply falling back to NUMA_NO_NODE, when
kmalloc_node(node) is attempted for a node that's not online, or has no
usable memory. The "usable memory" condition is also changed from
node_present_pages() to N_NORMAL_MEMORY node state, as that is exactly
the condition that SLUB uses to allocate kmem_cache_node structures.
The check in get_partial() is removed completely, as the checks in
___slab_alloc() are now sufficient to prevent get_partial() being
reached with an invalid node.
[1]
https://lore.kernel.org/linux-next/3381cd91-ab3d-4773-ba04-e7a072a63...@linux.vnet.ibm.com/
[2]
https://lore.kernel.org/linux-mm/fff0e636-4c36-ed10-281c-8cdb0687c...@virtuozzo.com/
[3] https://lore.kernel.org/linux-mm/20200317092624.gb22...@in.ibm.com/
[4]
https://lore.kernel.org/linux-mm/088b5996-faae-8a56-ef9c-5b567125a...@suse.cz/
Fixes: a561ce00b09e ("slub: fall back to node_to_mem_node() node if allocating
on memoryless node")
Reported-by: Sachin Sant
Reported-b
Patch "powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-book3s64-mm-don-t-do-tlbie-fixup-for-some-hardware-revisions.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri 08 Nov 2019 05:55:09 PM CET
From: Sandipan Das
Date: Thu, 17 Oct 2019 13:35:01 +0530
Subject: powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au,
linuxppc-dev@lists.ozlabs.org
Message-ID: <20191017080505.8348-2-sandi...@linux.ibm.com>
From: "Aneesh Kumar K.V"
commit 677733e296b5c7a37c47da391fc70a43dc40bd67 upstream.
The store ordering vs tlbie issue mentioned in commit
a5d4b5891c2f ("powerpc/mm: Fixup tlbie vs store ordering issue on
POWER9") is fixed for Nimbus 2.3 and Cumulus 1.3 revisions. We don't
need to apply the fixup if we are running on them
We can only do this on PowerNV. On pseries guest with kvm we still
don't support redoing the feature fixup after migration. So we should
be enabling all the workarounds needed, because whe can possibly
migrate between DD 2.3 and DD 2.2
Cc: sta...@vger.kernel.org # v4.14
Fixes: a5d4b5891c2f ("powerpc/mm: Fixup tlbie vs store ordering issue on
POWER9")
Signed-off-by: Aneesh Kumar K.V
Signed-off-by: Michael Ellerman
Link:
https://lore.kernel.org/r/20190924035254.24612-1-aneesh.ku...@linux.ibm.com
[sandipan: Backported to v4.14]
Signed-off-by: Sandipan Das
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/dt_cpu_ftrs.c | 31 ---
1 file changed, 28 insertions(+), 3 deletions(-)
--- a/arch/powerpc/kernel/dt_cpu_ftrs.c
+++ b/arch/powerpc/kernel/dt_cpu_ftrs.c
@@ -733,9 +733,35 @@ static bool __init cpufeatures_process_f
return true;
}
+/*
+ * Handle POWER9 broadcast tlbie invalidation issue using
+ * cpu feature flag.
+ */
+static __init void update_tlbie_feature_flag(unsigned long pvr)
+{
+ if (PVR_VER(pvr) == PVR_POWER9) {
+ /*
+* Set the tlbie feature flag for anything below
+* Nimbus DD 2.3 and Cumulus DD 1.3
+*/
+ if ((pvr & 0xe000) == 0) {
+ /* Nimbus */
+ if ((pvr & 0xfff) < 0x203)
+ cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_BUG;
+ } else if ((pvr & 0xc000) == 0) {
+ /* Cumulus */
+ if ((pvr & 0xfff) < 0x103)
+ cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_BUG;
+ } else {
+ WARN_ONCE(1, "Unknown PVR");
+ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_BUG;
+ }
+ }
+}
+
static __init void cpufeatures_cpu_quirks(void)
{
- int version = mfspr(SPRN_PVR);
+ unsigned long version = mfspr(SPRN_PVR);
/*
* Not all quirks can be derived from the cpufeatures device tree.
@@ -743,8 +769,7 @@ static __init void cpufeatures_cpu_quirk
if ((version & 0xff00) == 0x004e0100)
cur_cpu_spec->cpu_features |= CPU_FTR_POWER9_DD1;
- if ((version & 0x) == 0x004e)
- cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_BUG;
+ update_tlbie_feature_flag(version);
}
static void __init cpufeatures_setup_finished(void)
Patches currently in stable-queue which might be from sandi...@linux.ibm.com are
queue-4.14/powerpc-book3s64-mm-don-t-do-tlbie-fixup-for-some-hardware-revisions.patch
queue-4.14/selftests-powerpc-add-test-case-for-tlbie-vs-mtpidr-ordering-issue.patch
queue-4.14/selftests-powerpc-fix-compile-error-on-tlbie_test-due-to-newer-gcc.patch
queue-4.14/powerpc-mm-fixup-tlbie-vs-mtpidr-mtlpidr-ordering-issue-on-power9.patch
queue-4.14/powerpc-mm-fixup-tlbie-vs-store-ordering-issue-on-power9.patch
queue-4.14/powerpc-book3s64-radix-rename-cpu_ftr_p9_tlbie_bug-feature-flag.patch
Patch "powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-mm-fixup-tlbie-vs-mtpidr-mtlpidr-ordering-issue-on-power9.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri 08 Nov 2019 05:55:09 PM CET
From: Sandipan Das
Date: Thu, 17 Oct 2019 13:35:03 +0530
Subject: powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au,
linuxppc-dev@lists.ozlabs.org
Message-ID: <20191017080505.8348-4-sandi...@linux.ibm.com>
From: "Aneesh Kumar K.V"
commit 047e6575aec71d75b765c22111820c4776cd1c43 upstream.
On POWER9, under some circumstances, a broadcast TLB invalidation will
fail to invalidate the ERAT cache on some threads when there are
parallel mtpidr/mtlpidr happening on other threads of the same core.
This can cause stores to continue to go to a page after it's unmapped.
The workaround is to force an ERAT flush using PID=0 or LPID=0 tlbie
flush. This additional TLB flush will cause the ERAT cache
invalidation. Since we are using PID=0 or LPID=0, we don't get
filtered out by the TLB snoop filtering logic.
We need to still follow this up with another tlbie to take care of
store vs tlbie ordering issue explained in commit:
a5d4b5891c2f ("powerpc/mm: Fixup tlbie vs store ordering issue on
POWER9"). The presence of ERAT cache implies we can still get new
stores and they may miss store queue marking flush.
Cc: sta...@vger.kernel.org # v4.14
Signed-off-by: Aneesh Kumar K.V
Signed-off-by: Michael Ellerman
Link:
https://lore.kernel.org/r/20190924035254.24612-3-aneesh.ku...@linux.ibm.com
[sandipan: Backported to v4.14]
Signed-off-by: Sandipan Das
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/cputable.h |3 +
arch/powerpc/kernel/dt_cpu_ftrs.c |2 +
arch/powerpc/kvm/book3s_hv_rm_mmu.c | 42 +--
arch/powerpc/mm/hash_native_64.c| 28 +--
arch/powerpc/mm/tlb-radix.c | 65 ++--
5 files changed, 116 insertions(+), 24 deletions(-)
--- a/arch/powerpc/include/asm/cputable.h
+++ b/arch/powerpc/include/asm/cputable.h
@@ -217,6 +217,7 @@ enum {
#define CPU_FTR_PMAO_BUG LONG_ASM_CONST(0x1000)
#define CPU_FTR_P9_TLBIE_STQ_BUG LONG_ASM_CONST(0x4000)
#define CPU_FTR_POWER9_DD1 LONG_ASM_CONST(0x4000)
+#define CPU_FTR_P9_TLBIE_ERAT_BUG LONG_ASM_CONST(0x0001)
#ifndef __ASSEMBLY__
@@ -477,7 +478,7 @@ enum {
CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \
CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_DAWR | \
CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300 | \
- CPU_FTR_P9_TLBIE_STQ_BUG)
+ CPU_FTR_P9_TLBIE_STQ_BUG | CPU_FTR_P9_TLBIE_ERAT_BUG)
#define CPU_FTRS_POWER9_DD1 ((CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD1) & \
(~CPU_FTR_SAO))
#define CPU_FTRS_CELL (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
--- a/arch/powerpc/kernel/dt_cpu_ftrs.c
+++ b/arch/powerpc/kernel/dt_cpu_ftrs.c
@@ -756,6 +756,8 @@ static __init void update_tlbie_feature_
WARN_ONCE(1, "Unknown PVR");
cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_STQ_BUG;
}
+
+ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_ERAT_BUG;
}
}
--- a/arch/powerpc/kvm/book3s_hv_rm_mmu.c
+++ b/arch/powerpc/kvm/book3s_hv_rm_mmu.c
@@ -429,6 +429,37 @@ static inline int try_lock_tlbie(unsigne
return old == 0;
}
+static inline void fixup_tlbie_lpid(unsigned long rb_value, unsigned long lpid)
+{
+
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_ERAT_BUG)) {
+ /* Radix flush for a hash guest */
+
+ unsigned long rb,rs,prs,r,ric;
+
+ rb = PPC_BIT(52); /* IS = 2 */
+ rs = 0; /* lpid = 0 */
+ prs = 0; /* partition scoped */
+ r = 1; /* radix format */
+ ric = 0; /* RIC_FLSUH_TLB */
+
+ /*
+* Need the extra ptesync to make sure we don't
+* re-order the tlbie
+*/
+ asm volatile("ptesync": : :"memory");
+ asm volatile(PPC_TLBIE_5(%0, %4, %3, %2, %1)
+: : "r"(rb), "i"(r), "i"(prs),
+ "i"(ric), "r"(rs) : "memory");
+ }
+
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) {
+ asm volatile("ptesync": : :"memory");
+ asm volatile(PPC_TLBIE_5(%0,%1,0,0,0) : :
+
Patch "powerpc/mm: Fixup tlbie vs store ordering issue on POWER9" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/mm: Fixup tlbie vs store ordering issue on POWER9
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-mm-fixup-tlbie-vs-store-ordering-issue-on-power9.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri 08 Nov 2019 05:55:09 PM CET
From: Sandipan Das
Date: Thu, 17 Oct 2019 13:35:00 +0530
Subject: powerpc/mm: Fixup tlbie vs store ordering issue on POWER9
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au,
linuxppc-dev@lists.ozlabs.org, "Aneesh Kumar K.V"
Message-ID: <20191017080505.8348-1-sandi...@linux.ibm.com>
From: "Aneesh Kumar K.V"
commit a5d4b5891c2f1f865a2def1eb0030f534e77ff86 upstream.
On POWER9, under some circumstances, a broadcast TLB invalidation
might complete before all previous stores have drained, potentially
allowing stale stores from becoming visible after the invalidation.
This works around it by doubling up those TLB invalidations which was
verified by HW to be sufficient to close the risk window.
This will be documented in a yet-to-be-published errata.
Cc: sta...@vger.kernel.org # v4.14
Fixes: 1a472c9dba6b ("powerpc/mm/radix: Add tlbflush routines")
Signed-off-by: Aneesh Kumar K.V
[mpe: Enable the feature in the DT CPU features code for all Power9,
rename the feature to CPU_FTR_P9_TLBIE_BUG per benh.]
Signed-off-by: Michael Ellerman
Link:
https://lore.kernel.org/r/20180323045627.16800-3-aneesh.ku...@linux.vnet.ibm.com/
[sandipan: Backported to v4.14]
Signed-off-by: Sandipan Das
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/cputable.h|4 ++-
arch/powerpc/kernel/dt_cpu_ftrs.c |3 ++
arch/powerpc/kvm/book3s_64_mmu_radix.c |3 ++
arch/powerpc/kvm/book3s_hv_rm_mmu.c| 11
arch/powerpc/mm/hash_native_64.c | 16
arch/powerpc/mm/pgtable_64.c |1
arch/powerpc/mm/tlb-radix.c| 41 -
7 files changed, 66 insertions(+), 13 deletions(-)
--- a/arch/powerpc/include/asm/cputable.h
+++ b/arch/powerpc/include/asm/cputable.h
@@ -215,6 +215,7 @@ enum {
#define CPU_FTR_DAWR LONG_ASM_CONST(0x0400)
#define CPU_FTR_DABRX LONG_ASM_CONST(0x0800)
#define CPU_FTR_PMAO_BUG LONG_ASM_CONST(0x1000)
+#define CPU_FTR_P9_TLBIE_BUG LONG_ASM_CONST(0x2000)
#define CPU_FTR_POWER9_DD1 LONG_ASM_CONST(0x4000)
#ifndef __ASSEMBLY__
@@ -475,7 +476,8 @@ enum {
CPU_FTR_STCX_CHECKS_ADDRESS | CPU_FTR_POPCNTB | CPU_FTR_POPCNTD | \
CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \
CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_DAWR | \
- CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300)
+ CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300 | \
+ CPU_FTR_P9_TLBIE_BUG)
#define CPU_FTRS_POWER9_DD1 ((CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD1) & \
(~CPU_FTR_SAO))
#define CPU_FTRS_CELL (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
--- a/arch/powerpc/kernel/dt_cpu_ftrs.c
+++ b/arch/powerpc/kernel/dt_cpu_ftrs.c
@@ -742,6 +742,9 @@ static __init void cpufeatures_cpu_quirk
*/
if ((version & 0xff00) == 0x004e0100)
cur_cpu_spec->cpu_features |= CPU_FTR_POWER9_DD1;
+
+ if ((version & 0x) == 0x004e)
+ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_BUG;
}
static void __init cpufeatures_setup_finished(void)
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -160,6 +160,9 @@ static void kvmppc_radix_tlbie_page(stru
asm volatile("ptesync": : :"memory");
asm volatile(PPC_TLBIE_5(%0, %1, 0, 0, 1)
: : "r" (addr), "r" (kvm->arch.lpid) : "memory");
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG))
+ asm volatile(PPC_TLBIE_5(%0, %1, 0, 0, 1)
+: : "r" (addr), "r" (kvm->arch.lpid) : "memory");
asm volatile("ptesync": : :"memory");
}
--- a/arch/powerpc/kvm/book3s_hv_rm_mmu.c
+++ b/arch/powerpc/kvm/book3s_hv_rm_mmu.c
@@ -448,6 +448,17 @@ static void do_tlbies(struct kvm *kvm, u
asm volatile(PPC_TLBIE_5(%0,%1,0,0,0) : :
"r" (rbvalues[i]), "r" (kvm->arch.lpid));
}
+
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) {
+ /*
+* Need the extra ptesync to make sure we don't
+* re-order the tlbie
+*/
+ asm volat
Patch "selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
selftests-powerpc-add-test-case-for-tlbie-vs-mtpidr-ordering-issue.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri 08 Nov 2019 05:55:09 PM CET
From: Sandipan Das
Date: Thu, 17 Oct 2019 13:35:04 +0530
Subject: selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au,
linuxppc-dev@lists.ozlabs.org
Message-ID: <20191017080505.8348-5-sandi...@linux.ibm.com>
From: "Aneesh Kumar K.V"
commit 93cad5f789951eaa27c3392b15294b4e51253944 upstream.
Cc: sta...@vger.kernel.org # v4.14
Signed-off-by: Aneesh Kumar K.V
[mpe: Some minor fixes to make it build]
Signed-off-by: Michael Ellerman
Link:
https://lore.kernel.org/r/20190924035254.24612-4-aneesh.ku...@linux.ibm.com
[sandipan: Backported to v4.14]
Signed-off-by: Sandipan Das
Signed-off-by: Greg Kroah-Hartman
---
tools/testing/selftests/powerpc/mm/Makefile |2
tools/testing/selftests/powerpc/mm/tlbie_test.c | 734
2 files changed, 736 insertions(+)
create mode 100644 tools/testing/selftests/powerpc/mm/tlbie_test.c
--- a/tools/testing/selftests/powerpc/mm/Makefile
+++ b/tools/testing/selftests/powerpc/mm/Makefile
@@ -3,6 +3,7 @@ noarg:
$(MAKE) -C ../
TEST_GEN_PROGS := hugetlb_vs_thp_test subpage_prot prot_sao
+TEST_GEN_PROGS_EXTENDED := tlbie_test
TEST_GEN_FILES := tempfile
include ../../lib.mk
@@ -14,3 +15,4 @@ $(OUTPUT)/prot_sao: ../utils.c
$(OUTPUT)/tempfile:
dd if=/dev/zero of=$@ bs=64k count=1
+$(OUTPUT)/tlbie_test: LDLIBS += -lpthread
--- /dev/null
+++ b/tools/testing/selftests/powerpc/mm/tlbie_test.c
@@ -0,0 +1,734 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright 2019, Nick Piggin, Gautham R. Shenoy, Aneesh Kumar K.V, IBM Corp.
+ */
+
+/*
+ *
+ * Test tlbie/mtpidr race. We have 4 threads doing flush/load/compare/store
+ * sequence in a loop. The same threads also rung a context switch task
+ * that does sched_yield() in loop.
+ *
+ * The snapshot thread mark the mmap area PROT_READ in between, make a copy
+ * and copy it back to the original area. This helps us to detect if any
+ * store continued to happen after we marked the memory PROT_READ.
+ */
+
+#define _GNU_SOURCE
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+static inline void dcbf(volatile unsigned int *addr)
+{
+ __asm__ __volatile__ ("dcbf %y0; sync" : : "Z"(*(unsigned char *)addr)
: "memory");
+}
+
+static void err_msg(char *msg)
+{
+
+ time_t now;
+ time(&now);
+ printf("=\n");
+ printf("Error: %s\n", msg);
+ printf("%s", ctime(&now));
+ printf("=\n");
+ exit(1);
+}
+
+static char *map1;
+static char *map2;
+static pid_t rim_process_pid;
+
+/*
+ * A "rim-sequence" is defined to be the sequence of the following
+ * operations performed on a memory word:
+ * 1) FLUSH the contents of that word.
+ * 2) LOAD the contents of that word.
+ * 3) COMPARE the contents of that word with the content that was
+ *previously stored at that word
+ * 4) STORE new content into that word.
+ *
+ * The threads in this test that perform the rim-sequence are termed
+ * as rim_threads.
+ */
+
+/*
+ * A "corruption" is defined to be the failed COMPARE operation in a
+ * rim-sequence.
+ *
+ * A rim_thread that detects a corruption informs about it to all the
+ * other rim_threads, and the mem_snapshot thread.
+ */
+static volatile unsigned int corruption_found;
+
+/*
+ * This defines the maximum number of rim_threads in this test.
+ *
+ * The THREAD_ID_BITS denote the number of bits required
+ * to represent the thread_ids [0..MAX_THREADS - 1].
+ * We are being a bit paranoid here and set it to 8 bits,
+ * though 6 bits suffice.
+ *
+ */
+#define MAX_THREADS64
+#define THREAD_ID_BITS 8
+#define THREAD_ID_MASK ((1 << THREAD_ID_BITS) - 1)
+static unsigned int rim_thread_ids[MAX_THREADS];
+static pthread_t rim_threads[MAX_THREADS];
+
+
+/*
+ * Each rim_thread works on an exclusive "chunk" of size
+ * RIM_CHUNK_SIZE.
+ *
+ * The ith rim_thread works on the ith chunk.
+ *
+ * The ith chunk begins at
+ * map1 + (i * RIM_CHUNK_SIZE)
+ */
+#define RIM_CHUNK_SIZE 1024
+#define BITS_PER_BYTE 8
+#define WORD_SIZE
Patch "selftests/powerpc: Fix compile error on tlbie_test due to newer gcc" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled selftests/powerpc: Fix compile error on tlbie_test due to newer gcc to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: selftests-powerpc-fix-compile-error-on-tlbie_test-due-to-newer-gcc.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri 08 Nov 2019 05:55:09 PM CET From: Sandipan Das Date: Thu, 17 Oct 2019 13:35:05 +0530 Subject: selftests/powerpc: Fix compile error on tlbie_test due to newer gcc To: gre...@linuxfoundation.org Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au, linuxppc-dev@lists.ozlabs.org, "Desnes A. Nunes do Rosario" Message-ID: <20191017080505.8348-6-sandi...@linux.ibm.com> From: Desnes A. Nunes do Rosario commit 5b216ea1c40cf06eead15054c70e238c9bd4729e upstream. Newer versions of GCC (>= 9) demand that the size of the string to be copied must be explicitly smaller than the size of the destination. Thus, the NULL char has to be taken into account on strncpy. This will avoid the following compiling error: tlbie_test.c: In function 'main': tlbie_test.c:639:4: error: 'strncpy' specified bound 100 equals destination size strncpy(logdir, optarg, LOGDIR_NAME_SIZE); ^ cc1: all warnings being treated as errors Cc: sta...@vger.kernel.org # v4.14 Signed-off-by: Desnes A. Nunes do Rosario Signed-off-by: Michael Ellerman Link: https://lore.kernel.org/r/20191003211010.9711-1-desn...@linux.ibm.com [sandipan: Backported to v4.14] Signed-off-by: Sandipan Das Signed-off-by: Greg Kroah-Hartman --- tools/testing/selftests/powerpc/mm/tlbie_test.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/tools/testing/selftests/powerpc/mm/tlbie_test.c +++ b/tools/testing/selftests/powerpc/mm/tlbie_test.c @@ -636,7 +636,7 @@ int main(int argc, char *argv[]) nrthreads = strtoul(optarg, NULL, 10); break; case 'l': - strncpy(logdir, optarg, LOGDIR_NAME_SIZE); + strncpy(logdir, optarg, LOGDIR_NAME_SIZE - 1); break; case 't': run_time = strtoul(optarg, NULL, 10); Patches currently in stable-queue which might be from sandi...@linux.ibm.com are queue-4.14/powerpc-book3s64-mm-don-t-do-tlbie-fixup-for-some-hardware-revisions.patch queue-4.14/selftests-powerpc-add-test-case-for-tlbie-vs-mtpidr-ordering-issue.patch queue-4.14/selftests-powerpc-fix-compile-error-on-tlbie_test-due-to-newer-gcc.patch queue-4.14/powerpc-mm-fixup-tlbie-vs-mtpidr-mtlpidr-ordering-issue-on-power9.patch queue-4.14/powerpc-mm-fixup-tlbie-vs-store-ordering-issue-on-power9.patch queue-4.14/powerpc-book3s64-radix-rename-cpu_ftr_p9_tlbie_bug-feature-flag.patch
Patch "powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-book3s64-radix-rename-cpu_ftr_p9_tlbie_bug-feature-flag.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Fri 08 Nov 2019 05:55:09 PM CET
From: Sandipan Das
Date: Thu, 17 Oct 2019 13:35:02 +0530
Subject: powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, aneesh.ku...@linux.ibm.com, m...@ellerman.id.au,
linuxppc-dev@lists.ozlabs.org
Message-ID: <20191017080505.8348-3-sandi...@linux.ibm.com>
From: "Aneesh Kumar K.V"
commit 09ce98cacd51fcd0fa0af2f79d1e1d3192f4cbb0 upstream.
Rename the #define to indicate this is related to store vs tlbie
ordering issue. In the next patch, we will be adding another feature
flag that is used to handles ERAT flush vs tlbie ordering issue.
Cc: sta...@vger.kernel.org # v4.14
Fixes: a5d4b5891c2f ("powerpc/mm: Fixup tlbie vs store ordering issue on
POWER9")
Signed-off-by: Aneesh Kumar K.V
Signed-off-by: Michael Ellerman
Link:
https://lore.kernel.org/r/20190924035254.24612-2-aneesh.ku...@linux.ibm.com
[sandipan: Backported to v4.14]
Signed-off-by: Sandipan Das
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/cputable.h|4 ++--
arch/powerpc/kernel/dt_cpu_ftrs.c |6 +++---
arch/powerpc/kvm/book3s_64_mmu_radix.c |2 +-
arch/powerpc/kvm/book3s_hv_rm_mmu.c|2 +-
arch/powerpc/mm/hash_native_64.c |2 +-
arch/powerpc/mm/tlb-radix.c|2 +-
6 files changed, 9 insertions(+), 9 deletions(-)
--- a/arch/powerpc/include/asm/cputable.h
+++ b/arch/powerpc/include/asm/cputable.h
@@ -215,7 +215,7 @@ enum {
#define CPU_FTR_DAWR LONG_ASM_CONST(0x0400)
#define CPU_FTR_DABRX LONG_ASM_CONST(0x0800)
#define CPU_FTR_PMAO_BUG LONG_ASM_CONST(0x1000)
-#define CPU_FTR_P9_TLBIE_BUG LONG_ASM_CONST(0x2000)
+#define CPU_FTR_P9_TLBIE_STQ_BUG LONG_ASM_CONST(0x4000)
#define CPU_FTR_POWER9_DD1 LONG_ASM_CONST(0x4000)
#ifndef __ASSEMBLY__
@@ -477,7 +477,7 @@ enum {
CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \
CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_DAWR | \
CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300 | \
- CPU_FTR_P9_TLBIE_BUG)
+ CPU_FTR_P9_TLBIE_STQ_BUG)
#define CPU_FTRS_POWER9_DD1 ((CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD1) & \
(~CPU_FTR_SAO))
#define CPU_FTRS_CELL (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
--- a/arch/powerpc/kernel/dt_cpu_ftrs.c
+++ b/arch/powerpc/kernel/dt_cpu_ftrs.c
@@ -747,14 +747,14 @@ static __init void update_tlbie_feature_
if ((pvr & 0xe000) == 0) {
/* Nimbus */
if ((pvr & 0xfff) < 0x203)
- cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_BUG;
+ cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_STQ_BUG;
} else if ((pvr & 0xc000) == 0) {
/* Cumulus */
if ((pvr & 0xfff) < 0x103)
- cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_BUG;
+ cur_cpu_spec->cpu_features |=
CPU_FTR_P9_TLBIE_STQ_BUG;
} else {
WARN_ONCE(1, "Unknown PVR");
- cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_BUG;
+ cur_cpu_spec->cpu_features |= CPU_FTR_P9_TLBIE_STQ_BUG;
}
}
}
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -160,7 +160,7 @@ static void kvmppc_radix_tlbie_page(stru
asm volatile("ptesync": : :"memory");
asm volatile(PPC_TLBIE_5(%0, %1, 0, 0, 1)
: : "r" (addr), "r" (kvm->arch.lpid) : "memory");
- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG))
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG))
asm volatile(PPC_TLBIE_5(%0, %1, 0, 0, 1)
: : "r" (addr), "r" (kvm->arch.lpid) : "memory");
asm volatile("ptesync": : :"memory");
--- a/arch/powerpc/kvm/book3s_hv_rm_mmu.c
+++ b/arch/powerpc/kvm/book3s_hv_rm_mmu.c
@@ -449,7 +449,7 @@ static void do_tlbies(struct kvm *kvm, u
"r" (rbvalues[i]), "r" (kvm->arch.lpid));
}
- if (cpu_has_feature(CPU_FTR_P9_TLBIE_BUG)) {
+ if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) {
Patch "net/ethernet/freescale/fman: fix cross-build error" has been added to the 4.17-stable tree
This is a note to let you know that I've just added the patch titled net/ethernet/freescale/fman: fix cross-build error to the 4.17-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: net-ethernet-freescale-fman-fix-cross-build-error.patch and it can be found in the queue-4.17 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed Aug 22 09:16:56 CEST 2018 From: Randy Dunlap Date: Fri, 13 Jul 2018 21:25:19 -0700 Subject: net/ethernet/freescale/fman: fix cross-build error From: Randy Dunlap [ Upstream commit c133459765fae249ba482f62e12f987aec4376f0 ] CC [M] drivers/net/ethernet/freescale/fman/fman.o In file included from ../drivers/net/ethernet/freescale/fman/fman.c:35: ../include/linux/fsl/guts.h: In function 'guts_set_dmacr': ../include/linux/fsl/guts.h:165:2: error: implicit declaration of function 'clrsetbits_be32' [-Werror=implicit-function-declaration] clrsetbits_be32(&guts->dmacr, 3 << shift, device << shift); ^~~ Signed-off-by: Randy Dunlap Cc: Madalin Bucur Cc: net...@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Signed-off-by: David S. Miller Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- include/linux/fsl/guts.h |1 + 1 file changed, 1 insertion(+) --- a/include/linux/fsl/guts.h +++ b/include/linux/fsl/guts.h @@ -16,6 +16,7 @@ #define __FSL_GUTS_H__ #include +#include /** * Global Utility Registers. Patches currently in stable-queue which might be from rdun...@infradead.org are queue-4.17/tcp-identify-cryptic-messages-as-tcp-seq-bugs.patch queue-4.17/net-ethernet-freescale-fman-fix-cross-build-error.patch
Patch "net/ethernet/freescale/fman: fix cross-build error" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled net/ethernet/freescale/fman: fix cross-build error to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: net-ethernet-freescale-fman-fix-cross-build-error.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed Aug 22 09:42:09 CEST 2018 From: Randy Dunlap Date: Fri, 13 Jul 2018 21:25:19 -0700 Subject: net/ethernet/freescale/fman: fix cross-build error From: Randy Dunlap [ Upstream commit c133459765fae249ba482f62e12f987aec4376f0 ] CC [M] drivers/net/ethernet/freescale/fman/fman.o In file included from ../drivers/net/ethernet/freescale/fman/fman.c:35: ../include/linux/fsl/guts.h: In function 'guts_set_dmacr': ../include/linux/fsl/guts.h:165:2: error: implicit declaration of function 'clrsetbits_be32' [-Werror=implicit-function-declaration] clrsetbits_be32(&guts->dmacr, 3 << shift, device << shift); ^~~ Signed-off-by: Randy Dunlap Cc: Madalin Bucur Cc: net...@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Signed-off-by: David S. Miller Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- include/linux/fsl/guts.h |1 + 1 file changed, 1 insertion(+) --- a/include/linux/fsl/guts.h +++ b/include/linux/fsl/guts.h @@ -16,6 +16,7 @@ #define __FSL_GUTS_H__ #include +#include /** * Global Utility Registers. Patches currently in stable-queue which might be from rdun...@infradead.org are queue-4.9/tcp-identify-cryptic-messages-as-tcp-seq-bugs.patch queue-4.9/net-ethernet-freescale-fman-fix-cross-build-error.patch
Patch "net/ethernet/freescale/fman: fix cross-build error" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled net/ethernet/freescale/fman: fix cross-build error to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: net-ethernet-freescale-fman-fix-cross-build-error.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed Aug 22 09:33:46 CEST 2018 From: Randy Dunlap Date: Fri, 13 Jul 2018 21:25:19 -0700 Subject: net/ethernet/freescale/fman: fix cross-build error From: Randy Dunlap [ Upstream commit c133459765fae249ba482f62e12f987aec4376f0 ] CC [M] drivers/net/ethernet/freescale/fman/fman.o In file included from ../drivers/net/ethernet/freescale/fman/fman.c:35: ../include/linux/fsl/guts.h: In function 'guts_set_dmacr': ../include/linux/fsl/guts.h:165:2: error: implicit declaration of function 'clrsetbits_be32' [-Werror=implicit-function-declaration] clrsetbits_be32(&guts->dmacr, 3 << shift, device << shift); ^~~ Signed-off-by: Randy Dunlap Cc: Madalin Bucur Cc: net...@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Signed-off-by: David S. Miller Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- include/linux/fsl/guts.h |1 + 1 file changed, 1 insertion(+) --- a/include/linux/fsl/guts.h +++ b/include/linux/fsl/guts.h @@ -16,6 +16,7 @@ #define __FSL_GUTS_H__ #include +#include /** * Global Utility Registers. Patches currently in stable-queue which might be from rdun...@infradead.org are queue-4.14/tcp-identify-cryptic-messages-as-tcp-seq-bugs.patch queue-4.14/net-ethernet-freescale-fman-fix-cross-build-error.patch
Patch "net/ethernet/freescale/fman: fix cross-build error" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled net/ethernet/freescale/fman: fix cross-build error to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: net-ethernet-freescale-fman-fix-cross-build-error.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Wed Aug 22 10:28:26 CEST 2018 From: Randy Dunlap Date: Fri, 13 Jul 2018 21:25:19 -0700 Subject: net/ethernet/freescale/fman: fix cross-build error From: Randy Dunlap [ Upstream commit c133459765fae249ba482f62e12f987aec4376f0 ] CC [M] drivers/net/ethernet/freescale/fman/fman.o In file included from ../drivers/net/ethernet/freescale/fman/fman.c:35: ../include/linux/fsl/guts.h: In function 'guts_set_dmacr': ../include/linux/fsl/guts.h:165:2: error: implicit declaration of function 'clrsetbits_be32' [-Werror=implicit-function-declaration] clrsetbits_be32(&guts->dmacr, 3 << shift, device << shift); ^~~ Signed-off-by: Randy Dunlap Cc: Madalin Bucur Cc: net...@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Signed-off-by: David S. Miller Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- include/linux/fsl/guts.h |1 + 1 file changed, 1 insertion(+) --- a/include/linux/fsl/guts.h +++ b/include/linux/fsl/guts.h @@ -16,6 +16,7 @@ #define __FSL_GUTS_H__ #include +#include /** * Global Utility Registers. Patches currently in stable-queue which might be from rdun...@infradead.org are queue-4.4/tcp-identify-cryptic-messages-as-tcp-seq-bugs.patch queue-4.4/net-ethernet-freescale-fman-fix-cross-build-error.patch
Patch "usb/phy: fix PPC64 build errors in phy-fsl-usb.c" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun Aug 26 09:13:00 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:37:37 -0700
Subject: usb/phy: fix PPC64 build errors in phy-fsl-usb.c
From: Randy Dunlap
[ Upstream commit a39ba90a1cc7010edb0a7132e1b67f3d80b994e9 ]
Fix build errors when built for PPC64:
These variables are only used on PPC32 so they don't need to be
initialized for PPC64.
../drivers/usb/phy/phy-fsl-usb.c: In function 'usb_otg_start':
../drivers/usb/phy/phy-fsl-usb.c:865:3: error: '_fsl_readl' undeclared (first
use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:865:16: error: '_fsl_readl_be' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:866:3: error: '_fsl_writel' undeclared (first
use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:866:17: error: '_fsl_writel_be' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:868:16: error: '_fsl_readl_le' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_le;
../drivers/usb/phy/phy-fsl-usb.c:869:17: error: '_fsl_writel_le' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_le;
and the sysfs "show" function return type should be ssize_t, not int:
../drivers/usb/phy/phy-fsl-usb.c:1042:49: error: initialization of 'ssize_t
(*)(struct device *, struct device_attribute *, char *)' {aka 'long int
(*)(struct device *, struct device_attribute *, char *)'} from incompatible
pointer type 'int (*)(struct device *, struct device_attribute *, char *)'
[-Werror=incompatible-pointer-types]
static DEVICE_ATTR(fsl_usb2_otg_state, S_IRUGO, show_fsl_usb2_otg_state, NULL);
Signed-off-by: Randy Dunlap
Cc: Felipe Balbi
Cc: linux-...@vger.kernel.org
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Felipe Balbi
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
drivers/usb/phy/phy-fsl-usb.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/usb/phy/phy-fsl-usb.c
+++ b/drivers/usb/phy/phy-fsl-usb.c
@@ -874,6 +874,7 @@ int usb_otg_start(struct platform_device
if (pdata->init && pdata->init(pdev) != 0)
return -EINVAL;
+#ifdef CONFIG_PPC32
if (pdata->big_endian_mmio) {
_fsl_readl = _fsl_readl_be;
_fsl_writel = _fsl_writel_be;
@@ -881,6 +882,7 @@ int usb_otg_start(struct platform_device
_fsl_readl = _fsl_readl_le;
_fsl_writel = _fsl_writel_le;
}
+#endif
/* request irq */
p_otg->irq = platform_get_irq(pdev, 0);
@@ -971,7 +973,7 @@ int usb_otg_start(struct platform_device
/*
* state file in sysfs
*/
-static int show_fsl_usb2_otg_state(struct device *dev,
+static ssize_t show_fsl_usb2_otg_state(struct device *dev,
struct device_attribute *attr, char *buf)
{
struct otg_fsm *fsm = &fsl_otg_dev->fsm;
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-4.14/usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
queue-4.14/arc-fix-printk-warning-in-arc-plat-eznps-mtm.c.patch
queue-4.14/arc-add-missing-struct-nps_host_reg_aux_dpc.patch
queue-4.14/net-prevent-isa-drivers-from-building-on-ppc32.patch
queue-4.14/arc-fix-build-errors-in-arc-include-asm-delay.h.patch
queue-4.14/arc-fix-data-type-errors-in-platform-headers.patch
queue-4.14/media-staging-omap4iss-include-asm-cacheflush.h-after-generic-includes.patch
queue-4.14/arc-fix-type-warnings-in-arc-mm-cache.c.patch
Patch "usb/phy: fix PPC64 build errors in phy-fsl-usb.c" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun Aug 26 09:16:12 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:37:37 -0700
Subject: usb/phy: fix PPC64 build errors in phy-fsl-usb.c
From: Randy Dunlap
[ Upstream commit a39ba90a1cc7010edb0a7132e1b67f3d80b994e9 ]
Fix build errors when built for PPC64:
These variables are only used on PPC32 so they don't need to be
initialized for PPC64.
../drivers/usb/phy/phy-fsl-usb.c: In function 'usb_otg_start':
../drivers/usb/phy/phy-fsl-usb.c:865:3: error: '_fsl_readl' undeclared (first
use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:865:16: error: '_fsl_readl_be' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:866:3: error: '_fsl_writel' undeclared (first
use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:866:17: error: '_fsl_writel_be' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:868:16: error: '_fsl_readl_le' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_le;
../drivers/usb/phy/phy-fsl-usb.c:869:17: error: '_fsl_writel_le' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_le;
and the sysfs "show" function return type should be ssize_t, not int:
../drivers/usb/phy/phy-fsl-usb.c:1042:49: error: initialization of 'ssize_t
(*)(struct device *, struct device_attribute *, char *)' {aka 'long int
(*)(struct device *, struct device_attribute *, char *)'} from incompatible
pointer type 'int (*)(struct device *, struct device_attribute *, char *)'
[-Werror=incompatible-pointer-types]
static DEVICE_ATTR(fsl_usb2_otg_state, S_IRUGO, show_fsl_usb2_otg_state, NULL);
Signed-off-by: Randy Dunlap
Cc: Felipe Balbi
Cc: linux-...@vger.kernel.org
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Felipe Balbi
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
drivers/usb/phy/phy-fsl-usb.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/usb/phy/phy-fsl-usb.c
+++ b/drivers/usb/phy/phy-fsl-usb.c
@@ -879,6 +879,7 @@ int usb_otg_start(struct platform_device
if (pdata->init && pdata->init(pdev) != 0)
return -EINVAL;
+#ifdef CONFIG_PPC32
if (pdata->big_endian_mmio) {
_fsl_readl = _fsl_readl_be;
_fsl_writel = _fsl_writel_be;
@@ -886,6 +887,7 @@ int usb_otg_start(struct platform_device
_fsl_readl = _fsl_readl_le;
_fsl_writel = _fsl_writel_le;
}
+#endif
/* request irq */
p_otg->irq = platform_get_irq(pdev, 0);
@@ -976,7 +978,7 @@ int usb_otg_start(struct platform_device
/*
* state file in sysfs
*/
-static int show_fsl_usb2_otg_state(struct device *dev,
+static ssize_t show_fsl_usb2_otg_state(struct device *dev,
struct device_attribute *attr, char *buf)
{
struct otg_fsm *fsm = &fsl_otg_dev->fsm;
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-4.9/usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
queue-4.9/net-prevent-isa-drivers-from-building-on-ppc32.patch
queue-4.9/arc-fix-build-errors-in-arc-include-asm-delay.h.patch
queue-4.9/arc-fix-data-type-errors-in-platform-headers.patch
queue-4.9/media-staging-omap4iss-include-asm-cacheflush.h-after-generic-includes.patch
queue-4.9/arc-fix-type-warnings-in-arc-mm-cache.c.patch
Patch "usb/phy: fix PPC64 build errors in phy-fsl-usb.c" has been added to the 3.18-stable tree
This is a note to let you know that I've just added the patch titled
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
to the 3.18-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
and it can be found in the queue-3.18 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Tue Aug 28 16:08:28 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:37:37 -0700
Subject: usb/phy: fix PPC64 build errors in phy-fsl-usb.c
From: Randy Dunlap
[ Upstream commit a39ba90a1cc7010edb0a7132e1b67f3d80b994e9 ]
Fix build errors when built for PPC64:
These variables are only used on PPC32 so they don't need to be
initialized for PPC64.
../drivers/usb/phy/phy-fsl-usb.c: In function 'usb_otg_start':
../drivers/usb/phy/phy-fsl-usb.c:865:3: error: '_fsl_readl' undeclared (first
use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:865:16: error: '_fsl_readl_be' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:866:3: error: '_fsl_writel' undeclared (first
use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:866:17: error: '_fsl_writel_be' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:868:16: error: '_fsl_readl_le' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_le;
../drivers/usb/phy/phy-fsl-usb.c:869:17: error: '_fsl_writel_le' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_le;
and the sysfs "show" function return type should be ssize_t, not int:
../drivers/usb/phy/phy-fsl-usb.c:1042:49: error: initialization of 'ssize_t
(*)(struct device *, struct device_attribute *, char *)' {aka 'long int
(*)(struct device *, struct device_attribute *, char *)'} from incompatible
pointer type 'int (*)(struct device *, struct device_attribute *, char *)'
[-Werror=incompatible-pointer-types]
static DEVICE_ATTR(fsl_usb2_otg_state, S_IRUGO, show_fsl_usb2_otg_state, NULL);
Signed-off-by: Randy Dunlap
Cc: Felipe Balbi
Cc: linux-...@vger.kernel.org
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Felipe Balbi
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
drivers/usb/phy/phy-fsl-usb.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/usb/phy/phy-fsl-usb.c
+++ b/drivers/usb/phy/phy-fsl-usb.c
@@ -913,6 +913,7 @@ int usb_otg_start(struct platform_device
if (pdata->init && pdata->init(pdev) != 0)
return -EINVAL;
+#ifdef CONFIG_PPC32
if (pdata->big_endian_mmio) {
_fsl_readl = _fsl_readl_be;
_fsl_writel = _fsl_writel_be;
@@ -920,6 +921,7 @@ int usb_otg_start(struct platform_device
_fsl_readl = _fsl_readl_le;
_fsl_writel = _fsl_writel_le;
}
+#endif
/* request irq */
p_otg->irq = platform_get_irq(pdev, 0);
@@ -1010,7 +1012,7 @@ int usb_otg_start(struct platform_device
/*
* state file in sysfs
*/
-static int show_fsl_usb2_otg_state(struct device *dev,
+static ssize_t show_fsl_usb2_otg_state(struct device *dev,
struct device_attribute *attr, char *buf)
{
struct otg_fsm *fsm = &fsl_otg_dev->fsm;
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-3.18/usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
queue-3.18/arc-fix-build-errors-in-arc-include-asm-delay.h.patch
queue-3.18/media-staging-omap4iss-include-asm-cacheflush.h-after-generic-includes.patch
queue-3.18/arc-fix-type-warnings-in-arc-mm-cache.c.patch
Patch "usb/phy: fix PPC64 build errors in phy-fsl-usb.c" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Tue Aug 28 16:10:37 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:37:37 -0700
Subject: usb/phy: fix PPC64 build errors in phy-fsl-usb.c
From: Randy Dunlap
[ Upstream commit a39ba90a1cc7010edb0a7132e1b67f3d80b994e9 ]
Fix build errors when built for PPC64:
These variables are only used on PPC32 so they don't need to be
initialized for PPC64.
../drivers/usb/phy/phy-fsl-usb.c: In function 'usb_otg_start':
../drivers/usb/phy/phy-fsl-usb.c:865:3: error: '_fsl_readl' undeclared (first
use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:865:16: error: '_fsl_readl_be' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_be;
../drivers/usb/phy/phy-fsl-usb.c:866:3: error: '_fsl_writel' undeclared (first
use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:866:17: error: '_fsl_writel_be' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_be;
../drivers/usb/phy/phy-fsl-usb.c:868:16: error: '_fsl_readl_le' undeclared
(first use in this function); did you mean 'fsl_readl'?
_fsl_readl = _fsl_readl_le;
../drivers/usb/phy/phy-fsl-usb.c:869:17: error: '_fsl_writel_le' undeclared
(first use in this function); did you mean 'fsl_writel'?
_fsl_writel = _fsl_writel_le;
and the sysfs "show" function return type should be ssize_t, not int:
../drivers/usb/phy/phy-fsl-usb.c:1042:49: error: initialization of 'ssize_t
(*)(struct device *, struct device_attribute *, char *)' {aka 'long int
(*)(struct device *, struct device_attribute *, char *)'} from incompatible
pointer type 'int (*)(struct device *, struct device_attribute *, char *)'
[-Werror=incompatible-pointer-types]
static DEVICE_ATTR(fsl_usb2_otg_state, S_IRUGO, show_fsl_usb2_otg_state, NULL);
Signed-off-by: Randy Dunlap
Cc: Felipe Balbi
Cc: linux-...@vger.kernel.org
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Felipe Balbi
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
drivers/usb/phy/phy-fsl-usb.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/usb/phy/phy-fsl-usb.c
+++ b/drivers/usb/phy/phy-fsl-usb.c
@@ -879,6 +879,7 @@ int usb_otg_start(struct platform_device
if (pdata->init && pdata->init(pdev) != 0)
return -EINVAL;
+#ifdef CONFIG_PPC32
if (pdata->big_endian_mmio) {
_fsl_readl = _fsl_readl_be;
_fsl_writel = _fsl_writel_be;
@@ -886,6 +887,7 @@ int usb_otg_start(struct platform_device
_fsl_readl = _fsl_readl_le;
_fsl_writel = _fsl_writel_le;
}
+#endif
/* request irq */
p_otg->irq = platform_get_irq(pdev, 0);
@@ -976,7 +978,7 @@ int usb_otg_start(struct platform_device
/*
* state file in sysfs
*/
-static int show_fsl_usb2_otg_state(struct device *dev,
+static ssize_t show_fsl_usb2_otg_state(struct device *dev,
struct device_attribute *attr, char *buf)
{
struct otg_fsm *fsm = &fsl_otg_dev->fsm;
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-4.4/usb-phy-fix-ppc64-build-errors-in-phy-fsl-usb.c.patch
queue-4.4/net-prevent-isa-drivers-from-building-on-ppc32.patch
queue-4.4/arc-fix-build-errors-in-arc-include-asm-delay.h.patch
queue-4.4/media-staging-omap4iss-include-asm-cacheflush.h-after-generic-includes.patch
queue-4.4/arc-fix-type-warnings-in-arc-mm-cache.c.patch
Patch "powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-platforms-85xx-fix-t1042rdb_diu.c-build-errors-warning.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Tue Sep 11 12:07:47 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:34:46 -0700
Subject: powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning
From: Randy Dunlap
[ Upstream commit f5daf77a55ef0e695cc90c440ed6503073ac5e07 ]
Fix build errors and warnings in t1042rdb_diu.c by adding header files
and MODULE_LICENSE().
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: warning: data definition
has no type or storage class
early_initcall(t1042rdb_diu_init);
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: error: type defaults to
'int' in declaration of 'early_initcall' [-Werror=implicit-int]
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: warning: parameter names
(without types) in function declaration
and
WARNING: modpost: missing MODULE_LICENSE() in
arch/powerpc/platforms/85xx/t1042rdb_diu.o
Signed-off-by: Randy Dunlap
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: Scott Wood
Cc: Kumar Gala
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Michael Ellerman
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/85xx/t1042rdb_diu.c |4
1 file changed, 4 insertions(+)
--- a/arch/powerpc/platforms/85xx/t1042rdb_diu.c
+++ b/arch/powerpc/platforms/85xx/t1042rdb_diu.c
@@ -9,8 +9,10 @@
* option) any later version.
*/
+#include
#include
#include
+#include
#include
#include
@@ -150,3 +152,5 @@ static int __init t1042rdb_diu_init(void
}
early_initcall(t1042rdb_diu_init);
+
+MODULE_LICENSE("GPL");
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-4.14/scripts-modpost-check-memory-allocation-results.patch
queue-4.14/platform-x86-intel_punit_ipc-fix-build-errors.patch
queue-4.14/powerpc-platforms-85xx-fix-t1042rdb_diu.c-build-errors-warning.patch
Patch "powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning" has been added to the 4.18-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning
to the 4.18-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-platforms-85xx-fix-t1042rdb_diu.c-build-errors-warning.patch
and it can be found in the queue-4.18 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Tue Sep 11 12:05:55 CEST 2018
From: Randy Dunlap
Date: Sun, 15 Jul 2018 10:34:46 -0700
Subject: powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning
From: Randy Dunlap
[ Upstream commit f5daf77a55ef0e695cc90c440ed6503073ac5e07 ]
Fix build errors and warnings in t1042rdb_diu.c by adding header files
and MODULE_LICENSE().
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: warning: data definition
has no type or storage class
early_initcall(t1042rdb_diu_init);
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: error: type defaults to
'int' in declaration of 'early_initcall' [-Werror=implicit-int]
../arch/powerpc/platforms/85xx/t1042rdb_diu.c:152:1: warning: parameter names
(without types) in function declaration
and
WARNING: modpost: missing MODULE_LICENSE() in
arch/powerpc/platforms/85xx/t1042rdb_diu.o
Signed-off-by: Randy Dunlap
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: Scott Wood
Cc: Kumar Gala
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Michael Ellerman
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/85xx/t1042rdb_diu.c |4
1 file changed, 4 insertions(+)
--- a/arch/powerpc/platforms/85xx/t1042rdb_diu.c
+++ b/arch/powerpc/platforms/85xx/t1042rdb_diu.c
@@ -9,8 +9,10 @@
* option) any later version.
*/
+#include
#include
#include
+#include
#include
#include
@@ -150,3 +152,5 @@ static int __init t1042rdb_diu_init(void
}
early_initcall(t1042rdb_diu_init);
+
+MODULE_LICENSE("GPL");
Patches currently in stable-queue which might be from rdun...@infradead.org are
queue-4.18/scripts-modpost-check-memory-allocation-results.patch
queue-4.18/um-fix-parallel-building-with-o-option.patch
queue-4.18/mm-make-deferred_struct_page_init-explicitly-depend-on-sparsemem.patch
queue-4.18/platform-x86-intel_punit_ipc-fix-build-errors.patch
queue-4.18/powerpc-platforms-85xx-fix-t1042rdb_diu.c-build-errors-warning.patch
Patch "sched/topology: Set correct NUMA topology type" has been added to the 4.18-stable tree
This is a note to let you know that I've just added the patch titled
sched/topology: Set correct NUMA topology type
to the 4.18-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
sched-topology-set-correct-numa-topology-type.patch
and it can be found in the queue-4.18 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Mon Oct 8 17:39:53 CEST 2018
From: Srikar Dronamraju
Date: Fri, 10 Aug 2018 22:30:18 +0530
Subject: sched/topology: Set correct NUMA topology type
From: Srikar Dronamraju
[ Upstream commit e5e96fafd9028b1478b165db78c52d981c14f471 ]
With the following commit:
051f3ca02e46 ("sched/topology: Introduce NUMA identity node sched domain")
the scheduler introduced a new NUMA level. However this leads to the NUMA
topology
on 2 node systems to not be marked as NUMA_DIRECT anymore.
After this commit, it gets reported as NUMA_BACKPLANE, because
sched_domains_numa_level is now 2 on 2 node systems.
Fix this by allowing setting systems that have up to 2 NUMA levels as
NUMA_DIRECT.
While here remove code that assumes that level can be 0.
Signed-off-by: Srikar Dronamraju
Signed-off-by: Peter Zijlstra (Intel)
Cc: Andre Wild
Cc: Heiko Carstens
Cc: Linus Torvalds
Cc: Mel Gorman
Cc: Michael Ellerman
Cc: Peter Zijlstra
Cc: Rik van Riel
Cc: Suravee Suthikulpanit
Cc: Thomas Gleixner
Cc: linuxppc-dev
Fixes: 051f3ca02e46 "Introduce NUMA identity node sched domain"
Link:
http://lkml.kernel.org/r/1533920419-17410-1-git-send-email-sri...@linux.vnet.ibm.com
Signed-off-by: Ingo Molnar
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
kernel/sched/topology.c |5 +
1 file changed, 1 insertion(+), 4 deletions(-)
--- a/kernel/sched/topology.c
+++ b/kernel/sched/topology.c
@@ -1295,7 +1295,7 @@ static void init_numa_topology_type(void
n = sched_max_numa_distance;
- if (sched_domains_numa_levels <= 1) {
+ if (sched_domains_numa_levels <= 2) {
sched_numa_topology_type = NUMA_DIRECT;
return;
}
@@ -1380,9 +1380,6 @@ void sched_init_numa(void)
break;
}
- if (!level)
- return;
-
/*
* 'level' contains the number of unique distances
*
Patches currently in stable-queue which might be from sri...@linux.vnet.ibm.com
are
queue-4.18/sched-topology-set-correct-numa-topology-type.patch
Patch "KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size" has been added to the 4.18-stable tree
This is a note to let you know that I've just added the patch titled
KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size
to the 4.18-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
kvm-ppc-book3s-hv-don-t-use-compound_order-to-determine-host-mapping-size.patch
and it can be found in the queue-4.18 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Tue Oct 16 11:10:21 CEST 2018
From: Nicholas Piggin
Date: Tue, 11 Sep 2018 20:48:34 +1000
Subject: KVM: PPC: Book3S HV: Don't use compound_order to determine host
mapping size
From: Nicholas Piggin
[ Upstream commit 71d29f43b6332badc5598c656616a62575e83342 ]
THP paths can defer splitting compound pages until after the actual
remap and TLB flushes to split a huge PMD/PUD. This causes radix
partition scope page table mappings to get out of synch with the host
qemu page table mappings.
This results in random memory corruption in the guest when running
with THP. The easiest way to reproduce is use KVM balloon to free up
a lot of memory in the guest and then shrink the balloon to give the
memory back, while some work is being done in the guest.
Cc: David Gibson
Cc: "Aneesh Kumar K.V"
Cc: kvm-...@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Nicholas Piggin
Signed-off-by: Paul Mackerras
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kvm/book3s_64_mmu_radix.c | 91 +
1 file changed, 37 insertions(+), 54 deletions(-)
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -538,8 +538,8 @@ int kvmppc_book3s_radix_page_fault(struc
unsigned long ea, unsigned long dsisr)
{
struct kvm *kvm = vcpu->kvm;
- unsigned long mmu_seq, pte_size;
- unsigned long gpa, gfn, hva, pfn;
+ unsigned long mmu_seq;
+ unsigned long gpa, gfn, hva;
struct kvm_memory_slot *memslot;
struct page *page = NULL;
long ret;
@@ -636,9 +636,10 @@ int kvmppc_book3s_radix_page_fault(struc
*/
hva = gfn_to_hva_memslot(memslot, gfn);
if (upgrade_p && __get_user_pages_fast(hva, 1, 1, &page) == 1) {
- pfn = page_to_pfn(page);
upgrade_write = true;
} else {
+ unsigned long pfn;
+
/* Call KVM generic code to do the slow-path check */
pfn = __gfn_to_pfn_memslot(memslot, gfn, false, NULL,
writing, upgrade_p);
@@ -652,63 +653,45 @@ int kvmppc_book3s_radix_page_fault(struc
}
}
- /* See if we can insert a 1GB or 2MB large PTE here */
- level = 0;
- if (page && PageCompound(page)) {
- pte_size = PAGE_SIZE << compound_order(compound_head(page));
- if (pte_size >= PUD_SIZE &&
- (gpa & (PUD_SIZE - PAGE_SIZE)) ==
- (hva & (PUD_SIZE - PAGE_SIZE))) {
- level = 2;
- pfn &= ~((PUD_SIZE >> PAGE_SHIFT) - 1);
- } else if (pte_size >= PMD_SIZE &&
- (gpa & (PMD_SIZE - PAGE_SIZE)) ==
- (hva & (PMD_SIZE - PAGE_SIZE))) {
- level = 1;
- pfn &= ~((PMD_SIZE >> PAGE_SHIFT) - 1);
- }
- }
-
/*
-* Compute the PTE value that we need to insert.
+* Read the PTE from the process' radix tree and use that
+* so we get the shift and attribute bits.
*/
- if (page) {
- pgflags = _PAGE_READ | _PAGE_EXEC | _PAGE_PRESENT | _PAGE_PTE |
- _PAGE_ACCESSED;
- if (writing || upgrade_write)
- pgflags |= _PAGE_WRITE | _PAGE_DIRTY;
- pte = pfn_pte(pfn, __pgprot(pgflags));
+ local_irq_disable();
+ ptep = __find_linux_pte(vcpu->arch.pgdir, hva, NULL, &shift);
+ pte = *ptep;
+ local_irq_enable();
+
+ /* Get pte level from shift/size */
+ if (shift == PUD_SHIFT &&
+ (gpa & (PUD_SIZE - PAGE_SIZE)) ==
+ (hva & (PUD_SIZE - PAGE_SIZE))) {
+ level = 2;
+ } else if (shift == PMD_SHIFT &&
+ (gpa & (PMD_SIZE - PAGE_SIZE)) ==
+ (hva & (PMD_SIZE - PAGE_SIZE))) {
+ level = 1;
} else {
- /*
-* Read the PTE from the process' radix tree and use that
-* so we get the attribute bits.
-*/
- local_irq_disable();
- ptep = __find_linux_pte(vcpu->arch.pgdir, hva, NULL, &shift);
- pte = *ptep;
- local_irq_enable();
- if (shift == PUD_S
Patch "powerpc/function_graph: Simplify with function_graph_enter()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/function_graph: Simplify with function_graph_enter()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-function_graph-simplify-with-function_graph_enter.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From fe60522ec60082a1dd735691b82c64f65d4ad15e Mon Sep 17 00:00:00 2001
From: "Steven Rostedt (VMware)"
Date: Sun, 18 Nov 2018 17:28:53 -0500
Subject: powerpc/function_graph: Simplify with function_graph_enter()
From: Steven Rostedt (VMware)
commit fe60522ec60082a1dd735691b82c64f65d4ad15e upstream.
The function_graph_enter() function does the work of calling the function
graph hook function and the management of the shadow stack, simplifying the
work done in the architecture dependent prepare_ftrace_return().
Have powerpc use the new code, and remove the shadow stack management as well as
having to set up the trace structure.
This is needed to prepare for a fix of a design bug on how the curr_ret_stack
is used.
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Cc: sta...@kernel.org
Fixes: 03274a3ffb449 ("tracing/fgraph: Adjust fgraph depth before calling trace
return callback")
Reviewed-by: Masami Hiramatsu
Signed-off-by: Steven Rostedt (VMware)
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/trace/ftrace.c | 15 ++-
1 file changed, 2 insertions(+), 13 deletions(-)
--- a/arch/powerpc/kernel/trace/ftrace.c
+++ b/arch/powerpc/kernel/trace/ftrace.c
@@ -575,7 +575,6 @@ int ftrace_disable_ftrace_graph_caller(v
*/
unsigned long prepare_ftrace_return(unsigned long parent, unsigned long ip)
{
- struct ftrace_graph_ent trace;
unsigned long return_hooker;
if (unlikely(ftrace_graph_is_dead()))
@@ -586,18 +585,8 @@ unsigned long prepare_ftrace_return(unsi
return_hooker = ppc_function_entry(return_to_handler);
- trace.func = ip;
- trace.depth = current->curr_ret_stack + 1;
-
- /* Only trace if the calling function expects to */
- if (!ftrace_graph_entry(&trace))
- goto out;
-
- if (ftrace_push_return_trace(parent, ip, &trace.depth, 0,
-NULL) == -EBUSY)
- goto out;
-
- parent = return_hooker;
+ if (!function_graph_enter(parent, ip, 0, NULL))
+ parent = return_hooker;
out:
return parent;
}
Patches currently in stable-queue which might be from rost...@goodmis.org are
queue-4.14/function_graph-create-function_graph_enter-to-consolidate-architecture-code.patch
queue-4.14/sh-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/function_graph-move-return-callback-before-update-of-curr_ret_stack.patch
queue-4.14/function_graph-use-new-curr_ret_depth-to-manage-depth-instead-of-curr_ret_stack.patch
queue-4.14/sparc-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/parisc-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/x86-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/powerpc-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/function_graph-reverse-the-order-of-pushing-the-ret_stack-and-the-callback.patch
queue-4.14/arm-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/mips-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/function_graph-make-ftrace_push_return_trace-static.patch
queue-4.14/arm64-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/s390-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/microblaze-function_graph-simplify-with-function_graph_enter.patch
queue-4.14/function_graph-have-profiler-use-curr_ret_stack-and-not-depth.patch
Patch "powerpc/function_graph: Simplify with function_graph_enter()" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/function_graph: Simplify with function_graph_enter()
to the 4.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-function_graph-simplify-with-function_graph_enter.patch
and it can be found in the queue-4.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From fe60522ec60082a1dd735691b82c64f65d4ad15e Mon Sep 17 00:00:00 2001
From: "Steven Rostedt (VMware)"
Date: Sun, 18 Nov 2018 17:28:53 -0500
Subject: powerpc/function_graph: Simplify with function_graph_enter()
From: Steven Rostedt (VMware)
commit fe60522ec60082a1dd735691b82c64f65d4ad15e upstream.
The function_graph_enter() function does the work of calling the function
graph hook function and the management of the shadow stack, simplifying the
work done in the architecture dependent prepare_ftrace_return().
Have powerpc use the new code, and remove the shadow stack management as well as
having to set up the trace structure.
This is needed to prepare for a fix of a design bug on how the curr_ret_stack
is used.
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: linuxppc-dev@lists.ozlabs.org
Cc: sta...@kernel.org
Fixes: 03274a3ffb449 ("tracing/fgraph: Adjust fgraph depth before calling trace
return callback")
Reviewed-by: Masami Hiramatsu
Signed-off-by: Steven Rostedt (VMware)
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/trace/ftrace.c | 15 ++-
1 file changed, 2 insertions(+), 13 deletions(-)
--- a/arch/powerpc/kernel/trace/ftrace.c
+++ b/arch/powerpc/kernel/trace/ftrace.c
@@ -697,7 +697,6 @@ int ftrace_disable_ftrace_graph_caller(v
*/
unsigned long prepare_ftrace_return(unsigned long parent, unsigned long ip)
{
- struct ftrace_graph_ent trace;
unsigned long return_hooker;
if (unlikely(ftrace_graph_is_dead()))
@@ -708,18 +707,8 @@ unsigned long prepare_ftrace_return(unsi
return_hooker = ppc_function_entry(return_to_handler);
- trace.func = ip;
- trace.depth = current->curr_ret_stack + 1;
-
- /* Only trace if the calling function expects to */
- if (!ftrace_graph_entry(&trace))
- goto out;
-
- if (ftrace_push_return_trace(parent, ip, &trace.depth, 0,
-NULL) == -EBUSY)
- goto out;
-
- parent = return_hooker;
+ if (!function_graph_enter(parent, ip, 0, NULL))
+ parent = return_hooker;
out:
return parent;
}
Patches currently in stable-queue which might be from rost...@goodmis.org are
queue-4.19/function_graph-create-function_graph_enter-to-consolidate-architecture-code.patch
queue-4.19/sh-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/function_graph-move-return-callback-before-update-of-curr_ret_stack.patch
queue-4.19/nds32-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/function_graph-use-new-curr_ret_depth-to-manage-depth-instead-of-curr_ret_stack.patch
queue-4.19/sparc-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/parisc-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/x86-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/powerpc-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/function_graph-reverse-the-order-of-pushing-the-ret_stack-and-the-callback.patch
queue-4.19/arm-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/mips-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/function_graph-make-ftrace_push_return_trace-static.patch
queue-4.19/arm64-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/riscv-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/s390-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/microblaze-function_graph-simplify-with-function_graph_enter.patch
queue-4.19/function_graph-have-profiler-use-curr_ret_stack-and-not-depth.patch
Patch "powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Sun May 27 15:47:18 CEST 2018 From: Michael Ellerman Date: Sat, 26 May 2018 14:27:49 +1000 Subject: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit To: g...@kroah.com Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org Message-ID: <20180526042749.5324-24-...@ellerman.id.au> From: Nicholas Piggin commit a048a07d7f4535baa4cbad6bc024f175317ab938 upstream. On some CPUs we can prevent a vulnerability related to store-to-load forwarding by preventing store forwarding between privilege domains, by inserting a barrier in kernel entry and exit paths. This is known to be the case on at least Power7, Power8 and Power9 powerpc CPUs. Barriers must be inserted generally before the first load after moving to a higher privilege, and after the last store before moving to a lower privilege, HV and PR privilege transitions must be protected. Barriers are added as patch sections, with all kernel/hypervisor entry points patched, and the exit points to lower privilge levels patched similarly to the RFI flush patching. Firmware advertisement is not implemented yet, so CPU flush types are hard coded. Thanks to Michal Suchánek for bug fixes and review. Signed-off-by: Nicholas Piggin Signed-off-by: Mauricio Faria de Oliveira Signed-off-by: Michael Neuling Signed-off-by: Michal Suchánek Signed-off-by: Michael Ellerman Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/exception-64s.h | 29 + arch/powerpc/include/asm/feature-fixups.h| 19 +++ arch/powerpc/include/asm/security_features.h | 11 + arch/powerpc/kernel/exceptions-64s.S | 19 +++ arch/powerpc/kernel/security.c | 149 +++ arch/powerpc/kernel/vmlinux.lds.S| 14 ++ arch/powerpc/lib/feature-fixups.c| 115 arch/powerpc/platforms/powernv/setup.c |1 arch/powerpc/platforms/pseries/setup.c |1 9 files changed, 356 insertions(+), 2 deletions(-) --- a/arch/powerpc/include/asm/exception-64s.h +++ b/arch/powerpc/include/asm/exception-64s.h @@ -69,6 +69,27 @@ */ #define EX_R3 EX_DAR +#define STF_ENTRY_BARRIER_SLOT \ + STF_ENTRY_BARRIER_FIXUP_SECTION;\ + nop;\ + nop;\ + nop + +#define STF_EXIT_BARRIER_SLOT \ + STF_EXIT_BARRIER_FIXUP_SECTION; \ + nop;\ + nop;\ + nop;\ + nop;\ + nop;\ + nop + +/* + * r10 must be free to use, r13 must be paca + */ +#define INTERRUPT_TO_KERNEL\ + STF_ENTRY_BARRIER_SLOT + /* * Macros for annotating the expected destination of (h)rfid * @@ -85,16 +106,19 @@ rfid #define RFI_TO_USER\ + STF_EXIT_BARRIER_SLOT; \ RFI_FLUSH_SLOT; \ rfid; \ b rfi_flush_fallback #define RFI_TO_USER_OR_KERNEL \ + STF_EXIT_BARRIER_SLOT; \ RFI_FLUSH_SLOT; \ rfid; \ b rfi_flush_fallback #define RFI_TO_GUEST \ + STF_EXIT_BARRIER_SLOT; \ RFI_FLUSH_SLOT; \ rfid; \ b rfi_flush_fallback @@ -103,21 +127,25 @@ hrfid #define HRFI_TO_USER \ +
Patch "powerpc/64s: Enhance the information in cpu_show_meltdown()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Enhance the information in cpu_show_meltdown()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:40 +1000
Subject: powerpc/64s: Enhance the information in cpu_show_meltdown()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-15-...@ellerman.id.au>
From: Michael Ellerman
commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream.
Now that we have the security feature flags we can make the
information displayed in the "meltdown" file more informative.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/security_features.h |1
arch/powerpc/kernel/security.c | 30 +--
2 files changed, 29 insertions(+), 2 deletions(-)
--- a/arch/powerpc/include/asm/security_features.h
+++ b/arch/powerpc/include/asm/security_features.h
@@ -10,6 +10,7 @@
extern unsigned long powerpc_security_features;
+extern bool rfi_flush;
static inline void security_ftr_set(unsigned long feature)
{
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -6,6 +6,7 @@
#include
#include
+#include
#include
@@ -19,8 +20,33 @@ unsigned long powerpc_security_features
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
- if (rfi_flush)
- return sprintf(buf, "Mitigation: RFI Flush\n");
+ bool thread_priv;
+
+ thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV);
+
+ if (rfi_flush || thread_priv) {
+ struct seq_buf s;
+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+ seq_buf_printf(&s, "Mitigation: ");
+
+ if (rfi_flush)
+ seq_buf_printf(&s, "RFI Flush");
+
+ if (rfi_flush && thread_priv)
+ seq_buf_printf(&s, ", ");
+
+ if (thread_priv)
+ seq_buf_printf(&s, "L1D private per thread");
+
+ seq_buf_printf(&s, "\n");
+
+ return s.len;
+ }
+
+ if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) &&
+ !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR))
+ return sprintf(buf, "Not affected\n");
return sprintf(buf, "Vulnerable\n");
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:48 +1000
Subject: powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-23-...@ellerman.id.au>
From: Michael Ellerman
commit 501a78cbc17c329fabf8e9750a1e9ab810c88a0e upstream.
The recent LPM changes to setup_rfi_flush() are causing some section
mismatch warnings because we removed the __init annotation on
setup_rfi_flush():
The function setup_rfi_flush() references
the function __init ppc64_bolted_size().
the function __init memblock_alloc_base().
The references are actually in init_fallback_flush(), but that is
inlined into setup_rfi_flush().
These references are safe because:
- only pseries calls setup_rfi_flush() at runtime
- pseries always passes L1D_FLUSH_FALLBACK at boot
- so the fallback flush area will always be allocated
- so the check in init_fallback_flush() will always return early:
/* Only allocate the fallback flush area once (at boot time). */
if (l1d_flush_fallback_area)
return;
- and therefore we won't actually call the freed init routines.
We should rework the code to make it safer by default rather than
relying on the above, but for now as a quick-fix just add a __ref
annotation to squash the warning.
Fixes: abf110f3e1ce ("powerpc/rfi-flush: Make it possible to call
setup_rfi_flush() again")
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/setup_64.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -831,7 +831,7 @@ void rfi_flush_enable(bool enable)
rfi_flush = enable;
}
-static void init_fallback_flush(void)
+static void __ref init_fallback_flush(void)
{
u64 l1d_size, limit;
int cpu;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Improve RFI L1-D cache flush fallback" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Improve RFI L1-D cache flush fallback
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:27 +1000
Subject: powerpc/64s: Improve RFI L1-D cache flush fallback
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-2-...@ellerman.id.au>
From: Nicholas Piggin
commit bdcb1aefc5b3f7d0f1dc8b02673602bca2ff7a4b upstream.
The fallback RFI flush is used when firmware does not provide a way
to flush the cache. It's a "displacement flush" that evicts useful
data by displacing it with an uninteresting buffer.
The flush has to take care to work with implementation specific cache
replacment policies, so the recipe has been in flux. The initial
slow but conservative approach is to touch all lines of a congruence
class, with dependencies between each load. It has since been
determined that a linear pattern of loads without dependencies is
sufficient, and is significantly faster.
Measuring the speed of a null syscall with RFI fallback flush enabled
gives the relative improvement:
P8 - 1.83x
P9 - 1.75x
The flush also becomes simpler and more adaptable to different cache
geometries.
Signed-off-by: Nicholas Piggin
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/paca.h |3 -
arch/powerpc/kernel/asm-offsets.c|3 -
arch/powerpc/kernel/exceptions-64s.S | 76 ---
arch/powerpc/kernel/setup_64.c | 13 -
arch/powerpc/xmon/xmon.c |2
5 files changed, 41 insertions(+), 56 deletions(-)
--- a/arch/powerpc/include/asm/paca.h
+++ b/arch/powerpc/include/asm/paca.h
@@ -238,8 +238,7 @@ struct paca_struct {
*/
u64 exrfi[EX_SIZE] __aligned(0x80);
void *rfi_flush_fallback_area;
- u64 l1d_flush_congruence;
- u64 l1d_flush_sets;
+ u64 l1d_flush_size;
#endif
};
--- a/arch/powerpc/kernel/asm-offsets.c
+++ b/arch/powerpc/kernel/asm-offsets.c
@@ -239,8 +239,7 @@ int main(void)
OFFSET(PACA_IN_NMI, paca_struct, in_nmi);
OFFSET(PACA_RFI_FLUSH_FALLBACK_AREA, paca_struct,
rfi_flush_fallback_area);
OFFSET(PACA_EXRFI, paca_struct, exrfi);
- OFFSET(PACA_L1D_FLUSH_CONGRUENCE, paca_struct, l1d_flush_congruence);
- OFFSET(PACA_L1D_FLUSH_SETS, paca_struct, l1d_flush_sets);
+ OFFSET(PACA_L1D_FLUSH_SIZE, paca_struct, l1d_flush_size);
#endif
OFFSET(PACAHWCPUID, paca_struct, hw_cpu_id);
--- a/arch/powerpc/kernel/exceptions-64s.S
+++ b/arch/powerpc/kernel/exceptions-64s.S
@@ -1440,39 +1440,37 @@ TRAMP_REAL_BEGIN(rfi_flush_fallback)
std r9,PACA_EXRFI+EX_R9(r13)
std r10,PACA_EXRFI+EX_R10(r13)
std r11,PACA_EXRFI+EX_R11(r13)
- std r12,PACA_EXRFI+EX_R12(r13)
- std r8,PACA_EXRFI+EX_R13(r13)
mfctr r9
ld r10,PACA_RFI_FLUSH_FALLBACK_AREA(r13)
- ld r11,PACA_L1D_FLUSH_SETS(r13)
- ld r12,PACA_L1D_FLUSH_CONGRUENCE(r13)
- /*
-* The load adresses are at staggered offsets within cachelines,
-* which suits some pipelines better (on others it should not
-* hurt).
-*/
- addir12,r12,8
+ ld r11,PACA_L1D_FLUSH_SIZE(r13)
+ srdir11,r11,(7 + 3) /* 128 byte lines, unrolled 8x */
mtctr r11
DCBT_STOP_ALL_STREAM_IDS(r11) /* Stop prefetch streams */
/* order ld/st prior to dcbt stop all streams with flushing */
sync
-1: li r8,0
- .rept 8 /* 8-way set associative */
- ldx r11,r10,r8
- add r8,r8,r12
- xor r11,r11,r11 // Ensure r11 is 0 even if fallback area is not
- add r8,r8,r11 // Add 0, this creates a dependency on the ldx
- .endr
- addir10,r10,128 /* 128 byte cache line */
+
+ /*
+* The load adresses are at staggered offsets within cachelines,
+* which suits some pipelines better (on others it should not
+* hurt).
+*/
+1:
+ ld r11,(0x80 + 8)*0(r10)
+ ld r11,(0x80 + 8)*1(r10)
+ ld r11,(0x80 + 8)*2(r10)
+ ld r11,(0x80 + 8)*3(r10)
+ ld r11,(0x80 + 8)*4(r10)
+ ld r11,(0x80 + 8)*5(r10)
+ ld r11,(0x80 + 8)*6(r10)
+ ld r11,(0x80 + 8)*7(r10)
+ addir10,r10,0x80*8
bdnz1b
mtctr r9
ld r9,PACA_EXRFI+EX_R9(r13)
ld r10,PACA_EXRFI+EX_R10
Patch "powerpc/64s: Move cpu_show_meltdown()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Move cpu_show_meltdown()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-move-cpu_show_meltdown.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:39 +1000
Subject: powerpc/64s: Move cpu_show_meltdown()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-14-...@ellerman.id.au>
From: Michael Ellerman
commit 8ad33041563a10b34988800c682ada14b2612533 upstream.
This landed in setup_64.c for no good reason other than we had nowhere
else to put it. Now that we have a security-related file, that is a
better place for it so move it.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 11 +++
arch/powerpc/kernel/setup_64.c |8
2 files changed, 11 insertions(+), 8 deletions(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -5,6 +5,8 @@
// Copyright 2018, Michael Ellerman, IBM Corporation.
#include
+#include
+
#include
@@ -13,3 +15,12 @@ unsigned long powerpc_security_features
SEC_FTR_L1D_FLUSH_PR | \
SEC_FTR_BNDS_CHK_SPEC_BAR | \
SEC_FTR_FAVOUR_SECURITY;
+
+
+ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ if (rfi_flush)
+ return sprintf(buf, "Mitigation: RFI Flush\n");
+
+ return sprintf(buf, "Vulnerable\n");
+}
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -910,12 +910,4 @@ static __init int rfi_flush_debugfs_init
}
device_initcall(rfi_flush_debugfs_init);
#endif
-
-ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
-{
- if (rfi_flush)
- return sprintf(buf, "Mitigation: RFI Flush\n");
-
- return sprintf(buf, "Vulnerable\n");
-}
#endif /* CONFIG_PPC_BOOK3S_64 */
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Wire up cpu_show_spectre_v2()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Wire up cpu_show_spectre_v2()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-wire-up-cpu_show_spectre_v2.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:44 +1000
Subject: powerpc/64s: Wire up cpu_show_spectre_v2()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-19-...@ellerman.id.au>
From: Michael Ellerman
commit d6fbe1c55c55c6937cbea3531af7da84ab7473c3 upstream.
Add a definition for cpu_show_spectre_v2() to override the generic
version. This has several permuations, though in practice some may not
occur we cater for any combination.
The most verbose is:
Mitigation: Indirect branch serialisation (kernel only), Indirect
branch cache disabled, ori31 speculation barrier enabled
We don't treat the ori31 speculation barrier as a mitigation on its
own, because it has to be *used* by code in order to be a mitigation
and we don't know if userspace is doing that. So if that's all we see
we say:
Vulnerable, ori31 speculation barrier enabled
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 33 +
1 file changed, 33 insertions(+)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -58,3 +58,36 @@ ssize_t cpu_show_spectre_v1(struct devic
return sprintf(buf, "Vulnerable\n");
}
+
+ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ bool bcs, ccd, ori;
+ struct seq_buf s;
+
+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+ bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
+ ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
+ ori = security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31);
+
+ if (bcs || ccd) {
+ seq_buf_printf(&s, "Mitigation: ");
+
+ if (bcs)
+ seq_buf_printf(&s, "Indirect branch serialisation
(kernel only)");
+
+ if (bcs && ccd)
+ seq_buf_printf(&s, ", ");
+
+ if (ccd)
+ seq_buf_printf(&s, "Indirect branch cache disabled");
+ } else
+ seq_buf_printf(&s, "Vulnerable");
+
+ if (ori)
+ seq_buf_printf(&s, ", ori31 speculation barrier enabled");
+
+ seq_buf_printf(&s, "\n");
+
+ return s.len;
+}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc: Add security feature flags for Spectre/Meltdown" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc: Add security feature flags for Spectre/Meltdown
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-add-security-feature-flags-for-spectre-meltdown.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:36 +1000
Subject: powerpc: Add security feature flags for Spectre/Meltdown
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-11-...@ellerman.id.au>
From: Michael Ellerman
commit 9a868f634349e62922c226834aa23e3d1329ae7f upstream.
This commit adds security feature flags to reflect the settings we
receive from firmware regarding Spectre/Meltdown mitigations.
The feature names reflect the names we are given by firmware on bare
metal machines. See the hostboot source for details.
Arguably these could be firmware features, but that then requires them
to be read early in boot so they're available prior to asm feature
patching, but we don't actually want to use them for patching. We may
also want to dynamically update them in future, which would be
incompatible with the way firmware features work (at the moment at
least). So for now just make them separate flags.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/security_features.h | 65 +++
arch/powerpc/kernel/Makefile |2
arch/powerpc/kernel/security.c | 15 ++
3 files changed, 81 insertions(+), 1 deletion(-)
create mode 100644 arch/powerpc/include/asm/security_features.h
create mode 100644 arch/powerpc/kernel/security.c
--- /dev/null
+++ b/arch/powerpc/include/asm/security_features.h
@@ -0,0 +1,65 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Security related feature bit definitions.
+ *
+ * Copyright 2018, Michael Ellerman, IBM Corporation.
+ */
+
+#ifndef _ASM_POWERPC_SECURITY_FEATURES_H
+#define _ASM_POWERPC_SECURITY_FEATURES_H
+
+
+extern unsigned long powerpc_security_features;
+
+static inline void security_ftr_set(unsigned long feature)
+{
+ powerpc_security_features |= feature;
+}
+
+static inline void security_ftr_clear(unsigned long feature)
+{
+ powerpc_security_features &= ~feature;
+}
+
+static inline bool security_ftr_enabled(unsigned long feature)
+{
+ return !!(powerpc_security_features & feature);
+}
+
+
+// Features indicating support for Spectre/Meltdown mitigations
+
+// The L1-D cache can be flushed with ori r30,r30,0
+#define SEC_FTR_L1D_FLUSH_ORI300x0001ull
+
+// The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2)
+#define SEC_FTR_L1D_FLUSH_TRIG20x0002ull
+
+// ori r31,r31,0 acts as a speculation barrier
+#define SEC_FTR_SPEC_BAR_ORI31 0x0004ull
+
+// Speculation past bctr is disabled
+#define SEC_FTR_BCCTRL_SERIALISED 0x0008ull
+
+// Entries in L1-D are private to a SMT thread
+#define SEC_FTR_L1D_THREAD_PRIV0x0010ull
+
+// Indirect branch prediction cache disabled
+#define SEC_FTR_COUNT_CACHE_DISABLED 0x0020ull
+
+
+// Features indicating need for Spectre/Meltdown mitigations
+
+// The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to
guest)
+#define SEC_FTR_L1D_FLUSH_HV 0x0040ull
+
+// The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to
userspace)
+#define SEC_FTR_L1D_FLUSH_PR 0x0080ull
+
+// A speculation barrier should be used for bounds checks (Spectre variant 1)
+#define SEC_FTR_BNDS_CHK_SPEC_BAR 0x0100ull
+
+// Firmware configuration indicates user favours security over performance
+#define SEC_FTR_FAVOUR_SECURITY0x0200ull
+
+#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */
--- a/arch/powerpc/kernel/Makefile
+++ b/arch/powerpc/kernel/Makefile
@@ -42,7 +42,7 @@ obj-$(CONFIG_VDSO32) += vdso32/
obj-$(CONFIG_PPC_WATCHDOG) += watchdog.o
obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o
obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_ppc970.o cpu_setup_pa6t.o
-obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_power.o
+obj-$(CONFIG_PPC_BOOK3S_64)+= cpu_setup_power.o security.o
obj-$(CONFIG_PPC_BOOK3S_64)+= mce.o mce_power.o
obj-$(CONFIG_PPC_BOOK3E_64)+= exceptions-64e.o idle_book3e.o
obj-$(CONFIG_PPC64)+= vdso64/
--- /dev/null
+++ b/arch/powerpc/kernel/security.c
@@ -0,0 +1,15 @@
+// SPDX-License-Identifier: GPL-2.0+
+//
+// Security related flags and so on.
+//
+// Copyright 2018, Michael Ellerman, IBM C
Patch "powerpc: Move default security feature flags" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc: Move default security feature flags
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-move-default-security-feature-flags.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:46 +1000
Subject: powerpc: Move default security feature flags
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-21-...@ellerman.id.au>
From: Mauricio Faria de Oliveira
commit e7347a86830f38dc3e40c8f7e28c04412b12a2e7 upstream.
This moves the definition of the default security feature flags
(i.e., enabled by default) closer to the security feature flags.
This can be used to restore current flags to the default flags.
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/security_features.h |8
arch/powerpc/kernel/security.c |7 +--
2 files changed, 9 insertions(+), 6 deletions(-)
--- a/arch/powerpc/include/asm/security_features.h
+++ b/arch/powerpc/include/asm/security_features.h
@@ -63,4 +63,12 @@ static inline bool security_ftr_enabled(
// Firmware configuration indicates user favours security over performance
#define SEC_FTR_FAVOUR_SECURITY0x0200ull
+
+// Features enabled by default
+#define SEC_FTR_DEFAULT \
+ (SEC_FTR_L1D_FLUSH_HV | \
+SEC_FTR_L1D_FLUSH_PR | \
+SEC_FTR_BNDS_CHK_SPEC_BAR | \
+SEC_FTR_FAVOUR_SECURITY)
+
#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -11,12 +11,7 @@
#include
-unsigned long powerpc_security_features __read_mostly = \
- SEC_FTR_L1D_FLUSH_HV | \
- SEC_FTR_L1D_FLUSH_PR | \
- SEC_FTR_BNDS_CHK_SPEC_BAR | \
- SEC_FTR_FAVOUR_SECURITY;
-
+unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/powernv: Set or clear security feature flags" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/powernv: Set or clear security feature flags
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-powernv-set-or-clear-security-feature-flags.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:38 +1000
Subject: powerpc/powernv: Set or clear security feature flags
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-13-...@ellerman.id.au>
From: Michael Ellerman
commit 77addf6e95c8689e478d607176b399a6242a777e upstream.
Now that we have feature flags for security related things, set or
clear them based on what we see in the device tree provided by
firmware.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/powernv/setup.c | 56 +
1 file changed, 56 insertions(+)
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -37,9 +37,63 @@
#include
#include
#include
+#include
#include "powernv.h"
+
+static bool fw_feature_is(const char *state, const char *name,
+ struct device_node *fw_features)
+{
+ struct device_node *np;
+ bool rc = false;
+
+ np = of_get_child_by_name(fw_features, name);
+ if (np) {
+ rc = of_property_read_bool(np, state);
+ of_node_put(np);
+ }
+
+ return rc;
+}
+
+static void init_fw_feat_flags(struct device_node *np)
+{
+ if (fw_feature_is("enabled", "inst-spec-barrier-ori31,31,0", np))
+ security_ftr_set(SEC_FTR_SPEC_BAR_ORI31);
+
+ if (fw_feature_is("enabled", "fw-bcctrl-serialized", np))
+ security_ftr_set(SEC_FTR_BCCTRL_SERIALISED);
+
+ if (fw_feature_is("enabled", "inst-spec-barrier-ori31,31,0", np))
+ security_ftr_set(SEC_FTR_L1D_FLUSH_ORI30);
+
+ if (fw_feature_is("enabled", "inst-l1d-flush-trig2", np))
+ security_ftr_set(SEC_FTR_L1D_FLUSH_TRIG2);
+
+ if (fw_feature_is("enabled", "fw-l1d-thread-split", np))
+ security_ftr_set(SEC_FTR_L1D_THREAD_PRIV);
+
+ if (fw_feature_is("enabled", "fw-count-cache-disabled", np))
+ security_ftr_set(SEC_FTR_COUNT_CACHE_DISABLED);
+
+ /*
+* The features below are enabled by default, so we instead look to see
+* if firmware has *disabled* them, and clear them if so.
+*/
+ if (fw_feature_is("disabled", "speculation-policy-favor-security", np))
+ security_ftr_clear(SEC_FTR_FAVOUR_SECURITY);
+
+ if (fw_feature_is("disabled", "needs-l1d-flush-msr-pr-0-to-1", np))
+ security_ftr_clear(SEC_FTR_L1D_FLUSH_PR);
+
+ if (fw_feature_is("disabled", "needs-l1d-flush-msr-hv-1-to-0", np))
+ security_ftr_clear(SEC_FTR_L1D_FLUSH_HV);
+
+ if (fw_feature_is("disabled", "needs-spec-barrier-for-bound-checks",
np))
+ security_ftr_clear(SEC_FTR_BNDS_CHK_SPEC_BAR);
+}
+
static void pnv_setup_rfi_flush(void)
{
struct device_node *np, *fw_features;
@@ -55,6 +109,8 @@ static void pnv_setup_rfi_flush(void)
of_node_put(np);
if (fw_features) {
+ init_fw_feat_flags(fw_features);
+
np = of_get_child_by_name(fw_features, "inst-l1d-flush-trig2");
if (np && of_property_read_bool(np, "enabled"))
type = L1D_FLUSH_MTTRIG;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-
Patch "powerpc/powernv: Support firmware disable of RFI flush" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/powernv: Support firmware disable of RFI flush
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:29 +1000
Subject: powerpc/powernv: Support firmware disable of RFI flush
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-4-...@ellerman.id.au>
From: Michael Ellerman
commit eb0a2d2620ae431c543963c8c7f08f597366fc60 upstream.
Some versions of firmware will have a setting that can be configured
to disable the RFI flush, add support for it.
Fixes: 6e032b350cd1 ("powerpc/powernv: Check device-tree for RFI flush
settings")
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/powernv/setup.c |4
1 file changed, 4 insertions(+)
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -79,6 +79,10 @@ static void pnv_setup_rfi_flush(void)
if (np && of_property_read_bool(np, "disabled"))
enable--;
+ np = of_get_child_by_name(fw_features,
"speculation-policy-favor-security");
+ if (np && of_property_read_bool(np, "disabled"))
+ enable = 0;
+
of_node_put(np);
of_node_put(fw_features);
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Wire up cpu_show_spectre_v1()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Wire up cpu_show_spectre_v1()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-wire-up-cpu_show_spectre_v1.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:43 +1000
Subject: powerpc/64s: Wire up cpu_show_spectre_v1()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-18-...@ellerman.id.au>
From: Michael Ellerman
commit 56986016cb8cd9050e601831fe89f332b4e3c46e upstream.
Add a definition for cpu_show_spectre_v1() to override the generic
version. Currently this just prints "Not affected" or "Vulnerable"
based on the firmware flag.
Although the kernel does have array_index_nospec() in a few places, we
haven't yet audited all the powerpc code to see where it's necessary,
so for now we don't list that as a mitigation.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |8
1 file changed, 8 insertions(+)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -50,3 +50,11 @@ ssize_t cpu_show_meltdown(struct device
return sprintf(buf, "Vulnerable\n");
}
+
+ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR))
+ return sprintf(buf, "Not affected\n");
+
+ return sprintf(buf, "Vulnerable\n");
+}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Sun May 27 15:47:18 CEST 2018 From: Michael Ellerman Date: Sat, 26 May 2018 14:27:35 +1000 Subject: powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags To: g...@kroah.com Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org Message-ID: <20180526042749.5324-10-...@ellerman.id.au> From: Michael Ellerman commit c4bc36628d7f8b664657d8bd6ad1c44c177880b7 upstream. Add some additional values which have been defined for the H_GET_CPU_CHARACTERISTICS hypercall. Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/hvcall.h |3 +++ 1 file changed, 3 insertions(+) --- a/arch/powerpc/include/asm/hvcall.h +++ b/arch/powerpc/include/asm/hvcall.h @@ -337,6 +337,9 @@ #define H_CPU_CHAR_L1D_FLUSH_ORI30 (1ull << 61) // IBM bit 2 #define H_CPU_CHAR_L1D_FLUSH_TRIG2 (1ull << 60) // IBM bit 3 #define H_CPU_CHAR_L1D_THREAD_PRIV (1ull << 59) // IBM bit 4 +#define H_CPU_CHAR_BRANCH_HINTS_HONORED(1ull << 58) // IBM bit 5 +#define H_CPU_CHAR_THREAD_RECONFIG_CTRL(1ull << 57) // IBM bit 6 +#define H_CPU_CHAR_COUNT_CACHE_DISABLED(1ull << 56) // IBM bit 7 #define H_CPU_BEHAV_FAVOUR_SECURITY(1ull << 63) // IBM bit 0 #define H_CPU_BEHAV_L1D_FLUSH_PR (1ull << 62) // IBM bit 1 Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-64s-clear-pcr-on-boot.patch queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch queue-4.14/powerpc-move-default-security-feature-flags.patch queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/pseries: Fix clearing of security feature flags" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/pseries: Fix clearing of security feature flags
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-pseries-fix-clearing-of-security-feature-flags.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:45 +1000
Subject: powerpc/pseries: Fix clearing of security feature flags
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-20-...@ellerman.id.au>
From: Mauricio Faria de Oliveira
commit 0f9bdfe3c77091e8704d2e510eb7c2c2c6cde524 upstream.
The H_CPU_BEHAV_* flags should be checked for in the 'behaviour' field
of 'struct h_cpu_char_result' -- 'character' is for H_CPU_CHAR_*
flags.
Found by playing around with QEMU's implementation of the hypercall:
H_CPU_CHAR=0xf000
H_CPU_BEHAV=0x
This clears H_CPU_BEHAV_FAVOUR_SECURITY and H_CPU_BEHAV_L1D_FLUSH_PR
so pseries_setup_rfi_flush() disables 'rfi_flush'; and it also
clears H_CPU_CHAR_L1D_THREAD_PRIV flag. So there is no RFI flush
mitigation at all for cpu_show_meltdown() to report; but currently
it does:
Original kernel:
# cat /sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: RFI Flush
Patched kernel:
# cat /sys/devices/system/cpu/vulnerabilities/meltdown
Not affected
H_CPU_CHAR=0x
H_CPU_BEHAV=0xf000
This sets H_CPU_BEHAV_BNDS_CHK_SPEC_BAR so cpu_show_spectre_v1() should
report vulnerable; but currently it doesn't:
Original kernel:
# cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
Not affected
Patched kernel:
# cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
Vulnerable
Brown-paper-bag-by: Michael Ellerman
Fixes: f636c14790ea ("powerpc/pseries: Set or clear security feature flags")
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -484,13 +484,13 @@ static void init_cpu_char_feature_flags(
* The features below are enabled by default, so we instead look to see
* if firmware has *disabled* them, and clear them if so.
*/
- if (!(result->character & H_CPU_BEHAV_FAVOUR_SECURITY))
+ if (!(result->behaviour & H_CPU_BEHAV_FAVOUR_SECURITY))
security_ftr_clear(SEC_FTR_FAVOUR_SECURITY);
- if (!(result->character & H_CPU_BEHAV_L1D_FLUSH_PR))
+ if (!(result->behaviour & H_CPU_BEHAV_L1D_FLUSH_PR))
security_ftr_clear(SEC_FTR_L1D_FLUSH_PR);
- if (!(result->character & H_CPU_BEHAV_BNDS_CHK_SPEC_BAR))
+ if (!(result->behaviour & H_CPU_BEHAV_BNDS_CHK_SPEC_BAR))
security_ftr_clear(SEC_FTR_BNDS_CHK_SPEC_BAR);
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-
Patch "powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:41 +1000
Subject: powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-16-...@ellerman.id.au>
From: Michael Ellerman
commit 37c0bdd00d3ae83369ab60a6712c28e11e6458d5 upstream.
Now that we have the security flags we can significantly simplify the
code in pnv_setup_rfi_flush(), because we can use the flags instead of
checking device tree properties and because the security flags have
pessimistic defaults.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/powernv/setup.c | 41 -
1 file changed, 10 insertions(+), 31 deletions(-)
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -65,7 +65,7 @@ static void init_fw_feat_flags(struct de
if (fw_feature_is("enabled", "fw-bcctrl-serialized", np))
security_ftr_set(SEC_FTR_BCCTRL_SERIALISED);
- if (fw_feature_is("enabled", "inst-spec-barrier-ori31,31,0", np))
+ if (fw_feature_is("enabled", "inst-l1d-flush-ori30,30,0", np))
security_ftr_set(SEC_FTR_L1D_FLUSH_ORI30);
if (fw_feature_is("enabled", "inst-l1d-flush-trig2", np))
@@ -98,11 +98,10 @@ static void pnv_setup_rfi_flush(void)
{
struct device_node *np, *fw_features;
enum l1d_flush_type type;
- int enable;
+ bool enable;
/* Default to fallback in case fw-features are not available */
type = L1D_FLUSH_FALLBACK;
- enable = 1;
np = of_find_node_by_name(NULL, "ibm,opal");
fw_features = of_get_child_by_name(np, "fw-features");
@@ -110,40 +109,20 @@ static void pnv_setup_rfi_flush(void)
if (fw_features) {
init_fw_feat_flags(fw_features);
+ of_node_put(fw_features);
- np = of_get_child_by_name(fw_features, "inst-l1d-flush-trig2");
- if (np && of_property_read_bool(np, "enabled"))
+ if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_TRIG2))
type = L1D_FLUSH_MTTRIG;
- of_node_put(np);
-
- np = of_get_child_by_name(fw_features,
"inst-l1d-flush-ori30,30,0");
- if (np && of_property_read_bool(np, "enabled"))
+ if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_ORI30))
type = L1D_FLUSH_ORI;
-
- of_node_put(np);
-
- /* Enable unless firmware says NOT to */
- enable = 2;
- np = of_get_child_by_name(fw_features,
"needs-l1d-flush-msr-hv-1-to-0");
- if (np && of_property_read_bool(np, "disabled"))
- enable--;
-
- of_node_put(np);
-
- np = of_get_child_by_name(fw_features,
"needs-l1d-flush-msr-pr-0-to-1");
- if (np && of_property_read_bool(np, "disabled"))
- enable--;
-
- np = of_get_child_by_name(fw_features,
"speculation-policy-favor-security");
- if (np && of_property_read_bool(np, "disabled"))
- enable = 0;
-
- of_node_put(np);
- of_node_put(fw_features);
}
- setup_rfi_flush(type, enable > 0);
+ enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) && \
+(security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR) || \
+ security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
+
+ setup_rfi_flush(type, enable);
}
static void __init pnv_setup_arch(void)
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-secu
Patch "powerpc/pseries: Restore default security feature flags on setup" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/pseries: Restore default security feature flags on setup
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:47 +1000
Subject: powerpc/pseries: Restore default security feature flags on setup
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-22-...@ellerman.id.au>
From: Mauricio Faria de Oliveira
commit 6232774f1599028a15418179d17f7df47ede770a upstream.
After migration the security feature flags might have changed (e.g.,
destination system with unpatched firmware), but some flags are not
set/clear again in init_cpu_char_feature_flags() because it assumes
the security flags to be the defaults.
Additionally, if the H_GET_CPU_CHARACTERISTICS hypercall fails then
init_cpu_char_feature_flags() does not run again, which potentially
might leave the system in an insecure or sub-optimal configuration.
So, just restore the security feature flags to the defaults assumed
by init_cpu_char_feature_flags() so it can set/clear them correctly,
and to ensure safe settings are in place in case the hypercall fail.
Fixes: f636c14790ea ("powerpc/pseries: Set or clear security feature flags")
Depends-on: 19887d6a28e2 ("powerpc: Move default security feature flags")
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c | 11 +++
1 file changed, 11 insertions(+)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -462,6 +462,10 @@ static void __init find_and_init_phbs(vo
static void init_cpu_char_feature_flags(struct h_cpu_char_result *result)
{
+ /*
+* The features below are disabled by default, so we instead look to see
+* if firmware has *enabled* them, and set them if so.
+*/
if (result->character & H_CPU_CHAR_SPEC_BAR_ORI31)
security_ftr_set(SEC_FTR_SPEC_BAR_ORI31);
@@ -501,6 +505,13 @@ void pseries_setup_rfi_flush(void)
bool enable;
long rc;
+ /*
+* Set features to the defaults assumed by init_cpu_char_feature_flags()
+* so it can set/clear again any features that might have changed after
+* migration, and in case the hypercall fails and it is not even called.
+*/
+ powerpc_security_features = SEC_FTR_DEFAULT;
+
rc = plpar_get_cpu_characteristics(&result);
if (rc == H_SUCCESS)
init_cpu_char_feature_flags(&result);
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/pseries: Set or clear security feature flags" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/pseries: Set or clear security feature flags
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-pseries-set-or-clear-security-feature-flags.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:37 +1000
Subject: powerpc/pseries: Set or clear security feature flags
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-12-...@ellerman.id.au>
From: Michael Ellerman
commit f636c14790ead6cc22cf62279b1f8d7e11a67116 upstream.
Now that we have feature flags for security related things, set or
clear them based on what we receive from the hypercall.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c | 43 +
1 file changed, 43 insertions(+)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -68,6 +68,7 @@
#include
#include
#include
+#include
#include "pseries.h"
@@ -459,6 +460,40 @@ static void __init find_and_init_phbs(vo
of_pci_check_probe_only();
}
+static void init_cpu_char_feature_flags(struct h_cpu_char_result *result)
+{
+ if (result->character & H_CPU_CHAR_SPEC_BAR_ORI31)
+ security_ftr_set(SEC_FTR_SPEC_BAR_ORI31);
+
+ if (result->character & H_CPU_CHAR_BCCTRL_SERIALISED)
+ security_ftr_set(SEC_FTR_BCCTRL_SERIALISED);
+
+ if (result->character & H_CPU_CHAR_L1D_FLUSH_ORI30)
+ security_ftr_set(SEC_FTR_L1D_FLUSH_ORI30);
+
+ if (result->character & H_CPU_CHAR_L1D_FLUSH_TRIG2)
+ security_ftr_set(SEC_FTR_L1D_FLUSH_TRIG2);
+
+ if (result->character & H_CPU_CHAR_L1D_THREAD_PRIV)
+ security_ftr_set(SEC_FTR_L1D_THREAD_PRIV);
+
+ if (result->character & H_CPU_CHAR_COUNT_CACHE_DISABLED)
+ security_ftr_set(SEC_FTR_COUNT_CACHE_DISABLED);
+
+ /*
+* The features below are enabled by default, so we instead look to see
+* if firmware has *disabled* them, and clear them if so.
+*/
+ if (!(result->character & H_CPU_BEHAV_FAVOUR_SECURITY))
+ security_ftr_clear(SEC_FTR_FAVOUR_SECURITY);
+
+ if (!(result->character & H_CPU_BEHAV_L1D_FLUSH_PR))
+ security_ftr_clear(SEC_FTR_L1D_FLUSH_PR);
+
+ if (!(result->character & H_CPU_BEHAV_BNDS_CHK_SPEC_BAR))
+ security_ftr_clear(SEC_FTR_BNDS_CHK_SPEC_BAR);
+}
+
void pseries_setup_rfi_flush(void)
{
struct h_cpu_char_result result;
@@ -472,6 +507,8 @@ void pseries_setup_rfi_flush(void)
rc = plpar_get_cpu_characteristics(&result);
if (rc == H_SUCCESS) {
+ init_cpu_char_feature_flags(&result);
+
if (result.character & H_CPU_CHAR_L1D_FLUSH_TRIG2)
types |= L1D_FLUSH_MTTRIG;
if (result.character & H_CPU_CHAR_L1D_FLUSH_ORI30)
@@ -482,6 +519,12 @@ void pseries_setup_rfi_flush(void)
enable = false;
}
+ /*
+* We're the guest so this doesn't apply to us, clear it to simplify
+* handling of it elsewhere.
+*/
+ security_ftr_clear(SEC_FTR_L1D_FLUSH_HV);
+
setup_rfi_flush(types, enable);
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerp
Patch "powerpc/pseries: Support firmware disable of RFI flush" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/pseries: Support firmware disable of RFI flush
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:28 +1000
Subject: powerpc/pseries: Support firmware disable of RFI flush
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-3-...@ellerman.id.au>
From: Michael Ellerman
commit 582605a429e20ae68fd0b041b2e840af296edd08 upstream.
Some versions of firmware will have a setting that can be configured
to disable the RFI flush, add support for it.
Fixes: 8989d56878a7 ("powerpc/pseries: Query hypervisor for RFI flush settings")
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -482,7 +482,8 @@ static void pseries_setup_rfi_flush(void
if (types == L1D_FLUSH_NONE)
types = L1D_FLUSH_FALLBACK;
- if (!(result.behaviour & H_CPU_BEHAV_L1D_FLUSH_PR))
+ if ((!(result.behaviour & H_CPU_BEHAV_L1D_FLUSH_PR)) ||
+ (!(result.behaviour & H_CPU_BEHAV_FAVOUR_SECURITY)))
enable = false;
} else {
/* Default to fallback if case hcall is not available */
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/rfi-flush: Always enable fallback flush on pseries" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/rfi-flush: Always enable fallback flush on pseries
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:32 +1000
Subject: powerpc/rfi-flush: Always enable fallback flush on pseries
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-7-...@ellerman.id.au>
From: Michael Ellerman
commit 84749a58b6e382f109abf1e734bc4dd43c2c25bb upstream.
This ensures the fallback flush area is always allocated on pseries,
so in case a LPAR is migrated from a patched to an unpatched system,
it is possible to enable the fallback flush in the target system.
Signed-off-by: Michael Ellerman
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c | 10 +-
1 file changed, 1 insertion(+), 9 deletions(-)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -468,26 +468,18 @@ static void pseries_setup_rfi_flush(void
/* Enable by default */
enable = true;
+ types = L1D_FLUSH_FALLBACK;
rc = plpar_get_cpu_characteristics(&result);
if (rc == H_SUCCESS) {
- types = L1D_FLUSH_NONE;
-
if (result.character & H_CPU_CHAR_L1D_FLUSH_TRIG2)
types |= L1D_FLUSH_MTTRIG;
if (result.character & H_CPU_CHAR_L1D_FLUSH_ORI30)
types |= L1D_FLUSH_ORI;
- /* Use fallback if nothing set in hcall */
- if (types == L1D_FLUSH_NONE)
- types = L1D_FLUSH_FALLBACK;
-
if ((!(result.behaviour & H_CPU_BEHAV_L1D_FLUSH_PR)) ||
(!(result.behaviour & H_CPU_BEHAV_FAVOUR_SECURITY)))
enable = false;
- } else {
- /* Default to fallback if case hcall is not available */
- types = L1D_FLUSH_FALLBACK;
}
setup_rfi_flush(types, enable);
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:34 +1000
Subject: powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-9-...@ellerman.id.au>
From: Michael Ellerman
commit 921bc6cf807ceb2ab8005319cf39f33494d6b100 upstream.
We might have migrated to a machine that uses a different flush type,
or doesn't need flushing at all.
Signed-off-by: Michael Ellerman
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/mobility.c |3 +++
arch/powerpc/platforms/pseries/pseries.h |2 ++
arch/powerpc/platforms/pseries/setup.c|2 +-
3 files changed, 6 insertions(+), 1 deletion(-)
--- a/arch/powerpc/platforms/pseries/mobility.c
+++ b/arch/powerpc/platforms/pseries/mobility.c
@@ -348,6 +348,9 @@ void post_mobility_fixup(void)
printk(KERN_ERR "Post-mobility device tree update "
"failed: %d\n", rc);
+ /* Possibly switch to a new RFI flush type */
+ pseries_setup_rfi_flush();
+
return;
}
--- a/arch/powerpc/platforms/pseries/pseries.h
+++ b/arch/powerpc/platforms/pseries/pseries.h
@@ -100,4 +100,6 @@ static inline unsigned long cmo_get_page
int dlpar_workqueue_init(void);
+void pseries_setup_rfi_flush(void);
+
#endif /* _PSERIES_PSERIES_H */
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -459,7 +459,7 @@ static void __init find_and_init_phbs(vo
of_pci_check_probe_only();
}
-static void pseries_setup_rfi_flush(void)
+void pseries_setup_rfi_flush(void)
{
struct h_cpu_char_result result;
enum l1d_flush_type types;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/rfi-flush: Differentiate enabled and patched flush types" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/rfi-flush: Differentiate enabled and patched flush types
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:33 +1000
Subject: powerpc/rfi-flush: Differentiate enabled and patched flush types
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-8-...@ellerman.id.au>
From: Mauricio Faria de Oliveira
commit 0063d61ccfc011f379a31acaeba6de7c926fed2c upstream.
Currently the rfi-flush messages print 'Using flush' for all
enabled_flush_types, but that is not necessarily true -- as now the
fallback flush is always enabled on pseries, but the fixup function
overwrites its nop/branch slot with other flush types, if available.
So, replace the 'Using flush' messages with ' flush is
available'.
Also, print the patched flush types in the fixup function, so users
can know what is (not) being used (e.g., the slower, fallback flush,
or no flush type at all if flush is disabled via the debugfs switch).
Suggested-by: Michael Ellerman
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/setup_64.c|6 +++---
arch/powerpc/lib/feature-fixups.c |9 -
2 files changed, 11 insertions(+), 4 deletions(-)
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -860,15 +860,15 @@ static void init_fallback_flush(void)
void setup_rfi_flush(enum l1d_flush_type types, bool enable)
{
if (types & L1D_FLUSH_FALLBACK) {
- pr_info("rfi-flush: Using fallback displacement flush\n");
+ pr_info("rfi-flush: fallback displacement flush available\n");
init_fallback_flush();
}
if (types & L1D_FLUSH_ORI)
- pr_info("rfi-flush: Using ori type flush\n");
+ pr_info("rfi-flush: ori type flush available\n");
if (types & L1D_FLUSH_MTTRIG)
- pr_info("rfi-flush: Using mttrig type flush\n");
+ pr_info("rfi-flush: mttrig type flush available\n");
enabled_flush_types = types;
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -153,7 +153,14 @@ void do_rfi_flush_fixups(enum l1d_flush_
patch_instruction(dest + 2, instrs[2]);
}
- printk(KERN_DEBUG "rfi-flush: patched %d locations\n", i);
+ printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i,
+ (types == L1D_FLUSH_NONE) ? "no" :
+ (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
+ (types & L1D_FLUSH_ORI)? (types & L1D_FLUSH_MTTRIG)
+ ? "ori+mttrig type"
+ : "ori type" :
+ (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
+ : "unknown");
}
#endif /* CONFIG_PPC_BOOK3S_64 */
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-
Patch "powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:31 +1000
Subject: powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-6-...@ellerman.id.au>
From: Michael Ellerman
commit abf110f3e1cea40f5ea15e85f5d67c39c14568a7 upstream.
For PowerVM migration we want to be able to call setup_rfi_flush()
again after we've migrated the partition.
To support that we need to check that we're not trying to allocate the
fallback flush area after memblock has gone away (i.e., boot-time only).
Signed-off-by: Michael Ellerman
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/setup.h |2 +-
arch/powerpc/kernel/setup_64.c |6 +-
2 files changed, 6 insertions(+), 2 deletions(-)
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -49,7 +49,7 @@ enum l1d_flush_type {
L1D_FLUSH_MTTRIG= 0x8,
};
-void __init setup_rfi_flush(enum l1d_flush_type, bool enable);
+void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types);
#endif /* !__ASSEMBLY__ */
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -836,6 +836,10 @@ static void init_fallback_flush(void)
u64 l1d_size, limit;
int cpu;
+ /* Only allocate the fallback flush area once (at boot time). */
+ if (l1d_flush_fallback_area)
+ return;
+
l1d_size = ppc64_caches.l1d.size;
limit = min(safe_stack_limit(), ppc64_rma_size);
@@ -853,7 +857,7 @@ static void init_fallback_flush(void)
}
}
-void __init setup_rfi_flush(enum l1d_flush_type types, bool enable)
+void setup_rfi_flush(enum l1d_flush_type types, bool enable)
{
if (types & L1D_FLUSH_FALLBACK) {
pr_info("rfi-flush: Using fallback displacement flush\n");
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:42 +1000
Subject: powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-17-...@ellerman.id.au>
From: Michael Ellerman
commit 2e4a16161fcd324b1f9bf6cb6856529f7eaf0689 upstream.
Now that we have the security flags we can simplify the code in
pseries_setup_rfi_flush() because the security flags have pessimistic
defaults.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/platforms/pseries/setup.c | 27 ---
1 file changed, 12 insertions(+), 15 deletions(-)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -501,30 +501,27 @@ void pseries_setup_rfi_flush(void)
bool enable;
long rc;
- /* Enable by default */
- enable = true;
- types = L1D_FLUSH_FALLBACK;
-
rc = plpar_get_cpu_characteristics(&result);
- if (rc == H_SUCCESS) {
+ if (rc == H_SUCCESS)
init_cpu_char_feature_flags(&result);
- if (result.character & H_CPU_CHAR_L1D_FLUSH_TRIG2)
- types |= L1D_FLUSH_MTTRIG;
- if (result.character & H_CPU_CHAR_L1D_FLUSH_ORI30)
- types |= L1D_FLUSH_ORI;
-
- if ((!(result.behaviour & H_CPU_BEHAV_L1D_FLUSH_PR)) ||
- (!(result.behaviour & H_CPU_BEHAV_FAVOUR_SECURITY)))
- enable = false;
- }
-
/*
* We're the guest so this doesn't apply to us, clear it to simplify
* handling of it elsewhere.
*/
security_ftr_clear(SEC_FTR_L1D_FLUSH_HV);
+ types = L1D_FLUSH_FALLBACK;
+
+ if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_TRIG2))
+ types |= L1D_FLUSH_MTTRIG;
+
+ if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_ORI30))
+ types |= L1D_FLUSH_ORI;
+
+ enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) && \
+security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR);
+
setup_rfi_flush(types, enable);
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sun May 27 15:47:18 CEST 2018
From: Michael Ellerman
Date: Sat, 26 May 2018 14:27:30 +1000
Subject: powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
To: g...@kroah.com
Cc: sta...@vger.kernel.org, t...@linutronix.de, linuxppc-...@ozlabs.org
Message-ID: <20180526042749.5324-5-...@ellerman.id.au>
From: Michael Ellerman
commit 1e2a9fc7496955faacbbed49461d611b704a7505 upstream.
rfi_flush_enable() includes a check to see if we're already
enabled (or disabled), and in that case does nothing.
But that means calling setup_rfi_flush() a 2nd time doesn't actually
work, which is a bit confusing.
Move that check into the debugfs code, where it really belongs.
Signed-off-by: Michael Ellerman
Signed-off-by: Mauricio Faria de Oliveira
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/setup_64.c | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -822,9 +822,6 @@ static void do_nothing(void *unused)
void rfi_flush_enable(bool enable)
{
- if (rfi_flush == enable)
- return;
-
if (enable) {
do_rfi_flush_fixups(enabled_flush_types);
on_each_cpu(do_nothing, NULL, 1);
@@ -878,13 +875,19 @@ void __init setup_rfi_flush(enum l1d_flu
#ifdef CONFIG_DEBUG_FS
static int rfi_flush_set(void *data, u64 val)
{
+ bool enable;
+
if (val == 1)
- rfi_flush_enable(true);
+ enable = true;
else if (val == 0)
- rfi_flush_enable(false);
+ enable = false;
else
return -EINVAL;
+ /* Only do anything if we're changing state */
+ if (enable != rfi_flush)
+ rfi_flush_enable(enable);
+
return 0;
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.14/powerpc-64s-clear-pcr-on-boot.patch
queue-4.14/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.14/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.14/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.14/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.14/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.14/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.14/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.14/powerpc-move-default-security-feature-flags.patch
queue-4.14/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.14/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.14/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.14/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.14/powerpc-64s-improve-rfi-l1-d-cache-flush-fallback.patch
queue-4.14/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.14/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.14/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.14/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.14/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.14/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.14/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Enhance the information in cpu_show_meltdown()" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Enhance the information in cpu_show_meltdown()
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sat Jun 2 15:29:05 CEST 2018
From: Michael Ellerman
Date: Sat, 2 Jun 2018 21:08:59 +1000
Subject: powerpc/64s: Enhance the information in cpu_show_meltdown()
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, linuxppc-...@ozlabs.org
Message-ID: <20180602110908.29773-15-...@ellerman.id.au>
From: Michael Ellerman
commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream.
Now that we have the security feature flags we can make the
information displayed in the "meltdown" file more informative.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 30 --
1 file changed, 28 insertions(+), 2 deletions(-)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -6,6 +6,7 @@
#include
#include
+#include
#include
@@ -19,8 +20,33 @@ unsigned long powerpc_security_features
ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
{
- if (rfi_flush)
- return sprintf(buf, "Mitigation: RFI Flush\n");
+ bool thread_priv;
+
+ thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV);
+
+ if (rfi_flush || thread_priv) {
+ struct seq_buf s;
+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+ seq_buf_printf(&s, "Mitigation: ");
+
+ if (rfi_flush)
+ seq_buf_printf(&s, "RFI Flush");
+
+ if (rfi_flush && thread_priv)
+ seq_buf_printf(&s, ", ");
+
+ if (thread_priv)
+ seq_buf_printf(&s, "L1D private per thread");
+
+ seq_buf_printf(&s, "\n");
+
+ return s.len;
+ }
+
+ if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) &&
+ !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR))
+ return sprintf(buf, "Not affected\n");
return sprintf(buf, "Vulnerable\n");
}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.9/powerpc-64s-clear-pcr-on-boot.patch
queue-4.9/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.9/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.9/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.9/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.9/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.9/powerpc-move-default-security-feature-flags.patch
queue-4.9/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.9/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.9/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.9/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-move-out-of-hardlockup_detector-ifdef.patch
queue-4.9/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.9/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.9/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.9/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.9/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.9/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sat Jun 2 15:29:05 CEST 2018
From: Michael Ellerman
Date: Sat, 2 Jun 2018 21:09:07 +1000
Subject: powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, linuxppc-...@ozlabs.org
Message-ID: <20180602110908.29773-23-...@ellerman.id.au>
From: Michael Ellerman
commit 501a78cbc17c329fabf8e9750a1e9ab810c88a0e upstream.
The recent LPM changes to setup_rfi_flush() are causing some section
mismatch warnings because we removed the __init annotation on
setup_rfi_flush():
The function setup_rfi_flush() references
the function __init ppc64_bolted_size().
the function __init memblock_alloc_base().
The references are actually in init_fallback_flush(), but that is
inlined into setup_rfi_flush().
These references are safe because:
- only pseries calls setup_rfi_flush() at runtime
- pseries always passes L1D_FLUSH_FALLBACK at boot
- so the fallback flush area will always be allocated
- so the check in init_fallback_flush() will always return early:
/* Only allocate the fallback flush area once (at boot time). */
if (l1d_flush_fallback_area)
return;
- and therefore we won't actually call the freed init routines.
We should rework the code to make it safer by default rather than
relying on the above, but for now as a quick-fix just add a __ref
annotation to squash the warning.
Fixes: abf110f3e1ce ("powerpc/rfi-flush: Make it possible to call
setup_rfi_flush() again")
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/setup_64.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -726,7 +726,7 @@ void rfi_flush_enable(bool enable)
rfi_flush = enable;
}
-static void init_fallback_flush(void)
+static void __ref init_fallback_flush(void)
{
u64 l1d_size, limit;
int cpu;
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.9/powerpc-64s-clear-pcr-on-boot.patch
queue-4.9/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.9/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.9/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.9/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.9/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.9/powerpc-move-default-security-feature-flags.patch
queue-4.9/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.9/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.9/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.9/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-move-out-of-hardlockup_detector-ifdef.patch
queue-4.9/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.9/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.9/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.9/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.9/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.9/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Move cpu_show_meltdown()" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Move cpu_show_meltdown()
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-move-cpu_show_meltdown.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sat Jun 2 15:29:05 CEST 2018
From: Michael Ellerman
Date: Sat, 2 Jun 2018 21:08:58 +1000
Subject: powerpc/64s: Move cpu_show_meltdown()
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, linuxppc-...@ozlabs.org
Message-ID: <20180602110908.29773-14-...@ellerman.id.au>
From: Michael Ellerman
commit 8ad33041563a10b34988800c682ada14b2612533 upstream.
This landed in setup_64.c for no good reason other than we had nowhere
else to put it. Now that we have a security-related file, that is a
better place for it so move it.
[mpe: Add extern for rfi_flush to fix bisection break]
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/include/asm/security_features.h |1 +
arch/powerpc/kernel/security.c | 11 +++
arch/powerpc/kernel/setup_64.c |8
3 files changed, 12 insertions(+), 8 deletions(-)
--- a/arch/powerpc/include/asm/security_features.h
+++ b/arch/powerpc/include/asm/security_features.h
@@ -10,6 +10,7 @@
extern unsigned long powerpc_security_features;
+extern bool rfi_flush;
static inline void security_ftr_set(unsigned long feature)
{
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -5,6 +5,8 @@
// Copyright 2018, Michael Ellerman, IBM Corporation.
#include
+#include
+
#include
@@ -13,3 +15,12 @@ unsigned long powerpc_security_features
SEC_FTR_L1D_FLUSH_PR | \
SEC_FTR_BNDS_CHK_SPEC_BAR | \
SEC_FTR_FAVOUR_SECURITY;
+
+
+ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ if (rfi_flush)
+ return sprintf(buf, "Mitigation: RFI Flush\n");
+
+ return sprintf(buf, "Vulnerable\n");
+}
--- a/arch/powerpc/kernel/setup_64.c
+++ b/arch/powerpc/kernel/setup_64.c
@@ -805,12 +805,4 @@ static __init int rfi_flush_debugfs_init
}
device_initcall(rfi_flush_debugfs_init);
#endif
-
-ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr,
char *buf)
-{
- if (rfi_flush)
- return sprintf(buf, "Mitigation: RFI Flush\n");
-
- return sprintf(buf, "Vulnerable\n");
-}
#endif /* CONFIG_PPC_BOOK3S_64 */
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.9/powerpc-64s-clear-pcr-on-boot.patch
queue-4.9/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.9/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.9/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.9/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.9/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.9/powerpc-move-default-security-feature-flags.patch
queue-4.9/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.9/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.9/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.9/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-move-out-of-hardlockup_detector-ifdef.patch
queue-4.9/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.9/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.9/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.9/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.9/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.9/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Wire up cpu_show_spectre_v1()" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Wire up cpu_show_spectre_v1()
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-wire-up-cpu_show_spectre_v1.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sat Jun 2 15:29:05 CEST 2018
From: Michael Ellerman
Date: Sat, 2 Jun 2018 21:09:02 +1000
Subject: powerpc/64s: Wire up cpu_show_spectre_v1()
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, linuxppc-...@ozlabs.org
Message-ID: <20180602110908.29773-18-...@ellerman.id.au>
From: Michael Ellerman
commit 56986016cb8cd9050e601831fe89f332b4e3c46e upstream.
Add a definition for cpu_show_spectre_v1() to override the generic
version. Currently this just prints "Not affected" or "Vulnerable"
based on the firmware flag.
Although the kernel does have array_index_nospec() in a few places, we
haven't yet audited all the powerpc code to see where it's necessary,
so for now we don't list that as a mitigation.
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c |8
1 file changed, 8 insertions(+)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -50,3 +50,11 @@ ssize_t cpu_show_meltdown(struct device
return sprintf(buf, "Vulnerable\n");
}
+
+ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR))
+ return sprintf(buf, "Not affected\n");
+
+ return sprintf(buf, "Vulnerable\n");
+}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.9/powerpc-64s-clear-pcr-on-boot.patch
queue-4.9/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.9/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.9/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.9/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.9/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.9/powerpc-move-default-security-feature-flags.patch
queue-4.9/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.9/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.9/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.9/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-move-out-of-hardlockup_detector-ifdef.patch
queue-4.9/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.9/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.9/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.9/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.9/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.9/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
Patch "powerpc/64s: Wire up cpu_show_spectre_v2()" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
powerpc/64s: Wire up cpu_show_spectre_v2()
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
powerpc-64s-wire-up-cpu_show_spectre_v2.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From foo@baz Sat Jun 2 15:29:05 CEST 2018
From: Michael Ellerman
Date: Sat, 2 Jun 2018 21:09:03 +1000
Subject: powerpc/64s: Wire up cpu_show_spectre_v2()
To: gre...@linuxfoundation.org
Cc: sta...@vger.kernel.org, linuxppc-...@ozlabs.org
Message-ID: <20180602110908.29773-19-...@ellerman.id.au>
From: Michael Ellerman
commit d6fbe1c55c55c6937cbea3531af7da84ab7473c3 upstream.
Add a definition for cpu_show_spectre_v2() to override the generic
version. This has several permuations, though in practice some may not
occur we cater for any combination.
The most verbose is:
Mitigation: Indirect branch serialisation (kernel only), Indirect
branch cache disabled, ori31 speculation barrier enabled
We don't treat the ori31 speculation barrier as a mitigation on its
own, because it has to be *used* by code in order to be a mitigation
and we don't know if userspace is doing that. So if that's all we see
we say:
Vulnerable, ori31 speculation barrier enabled
Signed-off-by: Michael Ellerman
Signed-off-by: Greg Kroah-Hartman
---
arch/powerpc/kernel/security.c | 33 +
1 file changed, 33 insertions(+)
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -58,3 +58,36 @@ ssize_t cpu_show_spectre_v1(struct devic
return sprintf(buf, "Vulnerable\n");
}
+
+ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
char *buf)
+{
+ bool bcs, ccd, ori;
+ struct seq_buf s;
+
+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+ bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
+ ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
+ ori = security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31);
+
+ if (bcs || ccd) {
+ seq_buf_printf(&s, "Mitigation: ");
+
+ if (bcs)
+ seq_buf_printf(&s, "Indirect branch serialisation
(kernel only)");
+
+ if (bcs && ccd)
+ seq_buf_printf(&s, ", ");
+
+ if (ccd)
+ seq_buf_printf(&s, "Indirect branch cache disabled");
+ } else
+ seq_buf_printf(&s, "Vulnerable");
+
+ if (ori)
+ seq_buf_printf(&s, ", ori31 speculation barrier enabled");
+
+ seq_buf_printf(&s, "\n");
+
+ return s.len;
+}
Patches currently in stable-queue which might be from m...@ellerman.id.au are
queue-4.9/powerpc-64s-clear-pcr-on-boot.patch
queue-4.9/powerpc-rfi-flush-differentiate-enabled-and-patched-flush-types.patch
queue-4.9/powerpc-64s-fix-section-mismatch-warnings-from-setup_rfi_flush.patch
queue-4.9/powerpc-pseries-fix-clearing-of-security-feature-flags.patch
queue-4.9/powerpc-powernv-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-64s-move-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch
queue-4.9/powerpc-pseries-set-or-clear-security-feature-flags.patch
queue-4.9/powerpc-rfi-flush-make-it-possible-to-call-setup_rfi_flush-again.patch
queue-4.9/powerpc-move-default-security-feature-flags.patch
queue-4.9/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
queue-4.9/powerpc-add-security-feature-flags-for-spectre-meltdown.patch
queue-4.9/powerpc-pseries-use-the-security-flags-in-pseries_setup_rfi_flush.patch
queue-4.9/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch
queue-4.9/powerpc-rfi-flush-move-out-of-hardlockup_detector-ifdef.patch
queue-4.9/powerpc-rfi-flush-always-enable-fallback-flush-on-pseries.patch
queue-4.9/powerpc-rfi-flush-move-the-logic-to-avoid-a-redo-into-the-debugfs-code.patch
queue-4.9/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch
queue-4.9/powerpc-pseries-add-new-h_get_cpu_characteristics-flags.patch
queue-4.9/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v1.patch
queue-4.9/powerpc-powernv-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch
queue-4.9/powerpc-64s-wire-up-cpu_show_spectre_v2.patch
