On Thu, 2022-11-03 at 11:39 +1100, Benjamin Gray wrote:
> On Wed, 2022-11-02 at 09:56 +, Christophe Leroy wrote:
> > By the way, 'extern' keyword is pointless and deprecated for
> > functions
> > prototypes, please don't add new ones, even if other historical
> > prototypes have one.
>
> Thi
Zero GPRS r14-r31 on entry into the kernel for interrupt sources to
limit influence of user-space values in potential speculation gadgets.
Prior to this commit, all other GPRS are reassigned during the common
prologue to interrupt handlers and so need not be zeroised explicitly.
This may be done s
Cause pseries platforms to default to zeroising all potentially user-defined
registers when entering the kernel by means of any interrupt source,
reducing user-influence of the kernel and the likelihood or producing
speculation gadgets.
Signed-off-by: Rohan McLure
---
Resubmitting patches as thei
Add Kconfig option for enabling clearing of registers on arrival in an
interrupt handler. This reduces the speculation influence of registers
on kernel internals. The option will be consumed by 64-bit systems that
feature speculation and wish to implement this mitigation.
This patch only introduce
Zero user state in gprs (assign to zero) to reduce the influence of user
registers on speculation within kernel syscall handlers. Clears occur
at the very beginning of the sc and scv 0 interrupt handlers, with
restores occurring following the execution of the syscall handler.
Zero GPRS r0, r2-r11,
On 05/11/2022 20.56, Arminder Singh wrote:
> This patch adds IRQ support to the PASemi I2C controller driver to
> increase the performace of I2C transactions on platforms with PASemi I2C
> controllers. While primarily intended for Apple silicon platforms, this
> patch should also help in enabling I
On Thu, Nov 3, 2022 at 4:50 AM Sean Christopherson wrote:
>
> Allow architectures to opt out of the generic hardware enabling logic,
> and opt out on both s390 and PPC, which don't need to manually enable
> virtualization as it's always on (when available).
>
> In addition to letting s390 and PPC
On Thu, Nov 3, 2022 at 4:50 AM Sean Christopherson wrote:
>
> Drop kvm_arch_check_processor_compat() and its support code now that all
> architecture implementations are nops.
>
> Signed-off-by: Sean Christopherson
For KVM RISC-V:
Acked-by: Anup Patel
Thanks,
Anup
> ---
> arch/arm64/kvm/arm.
On Thu, Nov 3, 2022 at 4:50 AM Sean Christopherson wrote:
>
> Drop kvm_arch_init() and kvm_arch_exit() now that all implementations
> are nops.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson
For KVM RISC-V:
Acked-by: Anup Patel
Thanks,
Anup
> ---
> arch/arm64/kvm/a
On Thu, Nov 3, 2022 at 4:49 AM Sean Christopherson wrote:
>
> Now that KVM setup is handled directly in riscv_kvm_init(), tag functions
> and data that are used/set only during init with __init/__ro_after_init.
>
> Signed-off-by: Sean Christopherson
For KVM RISC-V:
Acked-by: Anup Patel
Thanks,
On Thu, Nov 3, 2022 at 4:49 AM Sean Christopherson wrote:
>
> Fold the guts of kvm_arch_init() into riscv_kvm_init() instead of
> bouncing through kvm_init()=>kvm_arch_init(). Functionally, this is a
> glorified nop as invoking kvm_arch_init() is the very first action
> performed by kvm_init().
>
On Thu, Nov 3, 2022 at 4:49 AM Sean Christopherson wrote:
>
> Drop kvm_arch_hardware_setup() and kvm_arch_hardware_unsetup() now that
> all implementations are nops.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson
For KVM RISC-V:
Acked-by: Anup Patel
Thanks,
Anup
> -
On Thu, 2022-11-03 at 09:45 +1100, Rohan McLure wrote:
> Zero user state in gprs (assign to zero) to reduce the influence of
> user
> registers on speculation within kernel syscall handlers. Clears occur
> at the very beginning of the sc and scv 0 interrupt handlers, with
> restores occurring follo
> On 7 Nov 2022, at 9:49 am, Rohan McLure wrote:
>
> Replace occurrences of p{u,m,4}d_is_leaf with p{u,m,4}_leaf, as the
> latter is the name given to checking that a higher-level entry in
> multi-level paging contains a page translation entry (pte). This commit
> allows for p{u,m,4}d_leaf to be
On Mon, 2022-10-31 at 15:54 +1000, Nicholas Piggin wrote:
> Most callers just want to validate an arbitrary kernel stack pointer,
> some need a particular size. Make the size case the exceptional one
> with an extra function.
>
> Signed-off-by: Nicholas Piggin
> ---
> arch/powerpc/include/asm/pr
On Sat, 2022-11-05 at 04:27 +1100, Andrew Donnellan wrote:
> A number of OPAL calls take addresses as arguments (e.g. buffers with
> strings to print, etc). These addresses need to be physical
> addresses, as
> OPAL runs in real mode.
>
> Since the hardware ignores the top two bits of the address
Add the following helpers for detecting whether a page table entry
is a leaf and is accessible to user space.
* pte_user_accessible_page
* pmd_user_accessible_page
* pud_user_accessible_page
Also implement missing pud_user definitions for both Book3S/nohash 64-bit
systems, and pmd_user for Boo
On creation and clearing of a page table mapping, instrument such calls
by invoking page_table_check_pte_set and page_table_check_pte_clear
respectively. These calls serve as a sanity check against illegal
mappings.
Enable ARCH_SUPPORTS_PAGE_TABLE_CHECK for all ppc64, and 32-bit
platforms implemen
Replace occurrences of p{u,m,4}d_is_leaf with p{u,m,4}_leaf, as the
latter is the name given to checking that a higher-level entry in
multi-level paging contains a page translation entry (pte). This commit
allows for p{u,m,4}d_leaf to be used on all powerpc platforms.
Prior to this commit, the two
Prior to this commit, pud_pfn was implemented with BUILD_BUG as the inline
function for 64-bit Book3S systems but is never included, as its
invocations in generic code are guarded by calls to pud_devmap which return
zero on such systems. A future patch will provide support for page table
checks, th
> On 3 Nov 2022, at 7:02 pm, Christophe Leroy
> wrote:
>
>
>
> Le 24/10/2022 à 02:35, Rohan McLure a écrit :
>> Add the following helpers for detecting whether a page table entry
>> is a leaf and is accessible to user space.
>>
>> * pte_user_accessible_page
>> * pmd_user_accessible_page
>>
PowerVM Guest Secure boot feature need to expose firmware managed
secure variables for user management. These variables store keys for
grub/kernel verification and also corresponding denied list.
Expose these variables to the userpace via fwsecurityfs.
Example:
$ pwd
/sys/firmware/security/plpks
PowerVM stores authenticated variables in the PowerVM LPAR Platform
KeyStore(PLPKS).
Add signed update H_CALL to PLPKS driver to support authenticated
variables. Additionally, expose config values outside the PLPKS
driver.
Signed-off-by: Nayna Jain
---
arch/powerpc/include/asm/hvcall.h |
PowerVM PLPKS variables are exposed via fwsecurityfs.
Initialize fwsecurityfs arch-specific structure with plpks configuration.
Eg:
[root@ltcfleet35-lp1 config]# pwd
/sys/firmware/security/plpks/config
[root@ltcfleet35-lp1 config]# ls -ltrh
total 0
-r--r--r-- 1 root root 1 Sep 28 15:01 version
-
securityfs is meant for Linux security subsystems to expose policies/logs
or any other information. However, there are various firmware security
features which expose their variables for user management via the kernel.
There is currently no single place to expose these variables. Different
platform
PowerVM provides an isolated Platform KeyStore (PKS)[1] storage allocation
for each logical partition (LPAR) with individually managed access controls
to store sensitive information securely. The Linux kernel can access this
storage by interfacing with the hypervisor using a new set of hypervisor
c
Even though plpks_read_var() is currently called to read variables
owned by different consumers, it internally supports only OS consumer.
Fix plpks_read_var() to handle different consumers correctly.
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Signed-off-by: Nayna
Replace kmalloc with kzalloc in construct_auth() function to default
initialize structure with zeroes.
Signed-off-by: Nayna Jain
---
arch/powerpc/platforms/pseries/plpks.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/arch/powerpc/platforms/pseries/plpks.c
b/arch/p
Logging H_CALL return codes in PLPKS driver are easy to confuse with
Linux error codes.
Let the caller of the function log the converted linux error code.
Signed-off-by: Nayna Jain
---
arch/powerpc/platforms/pseries/plpks.c | 10 --
1 file changed, 10 deletions(-)
diff --git a/arch/pow
Some commands for eg. "cat" might continue to retry on encountering
EINTR. This is not expected for original error code H_ABORTED.
Map H_ABORTED to more relevant Linux error code EIO.
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Signed-off-by: Nayna Jain
---
arch
PAPR Spec defines H_P1 actually as H_PARAMETER and maps H_ABORTED to
a different numerical value.
Fix the error codes as per PAPR Specification.
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Signed-off-by: Nayna Jain
---
arch/powerpc/include/asm/hvcall.h | 3
This patchset fixes some bugs and does some cleanups.
Nayna Jain (6):
powerpc/pseries: fix the object owners enum value in plpks driver
powerpc/pseries: Fix the H_CALL error code in PLPKS driver
powerpc/pseries: Return -EIO instead of -EINTR for H_ABORTED error
powerpc/pseries: cleanup err
OS_VAR_LINUX enum in PLPKS driver should be 0x02 instead of 0x01.
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Signed-off-by: Nayna Jain
---
arch/powerpc/platforms/pseries/plpks.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/pla
Le 06/11/2022 à 17:08, Christophe JAILLET a écrit :
> Le 06/11/2022 à 16:18, wangkail...@jari.cn a écrit :
>> Fix the following coccicheck warning:
>>
>> drivers/macintosh/macio-adb.c:103:13-14: WARNING comparing pointer to 0.
>>
>> Signed-off-by: KaiLong Wang
We already have such patches await
Le 06/11/2022 à 17:12, Christophe JAILLET a écrit :
> Le 06/11/2022 à 16:28, wangkail...@jari.cn a écrit :
>> Fix the following coccicheck warning:
>>
>> drivers/macintosh/adb.c:676:14-15: WARNING comparing pointer to 0.
>>
>> Signed-off-by: KaiLong Wang
We already have such patches awaiting fo
Le 06/11/2022 à 16:28, wangkail...@jari.cn a écrit :
Fix the following coccicheck warning:
drivers/macintosh/adb.c:676:14-15: WARNING comparing pointer to 0.
Signed-off-by: KaiLong Wang
---
drivers/macintosh/adb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/m
Le 06/11/2022 à 16:18, wangkail...@jari.cn a écrit :
Fix the following coccicheck warning:
drivers/macintosh/macio-adb.c:103:13-14: WARNING comparing pointer to 0.
Signed-off-by: KaiLong Wang
---
drivers/macintosh/macio-adb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
Hi,
On Sat, Nov 5, 2022, at 12:56, Arminder Singh wrote:
> This patch adds IRQ support to the PASemi I2C controller driver to
> increase the performace of I2C transactions on platforms with PASemi I2C
> controllers. While primarily intended for Apple silicon platforms, this
> patch should also hel
Fix the following coccicheck warning:
drivers/macintosh/adb.c:676:14-15: WARNING comparing pointer to 0.
Signed-off-by: KaiLong Wang
---
drivers/macintosh/adb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/macintosh/adb.c b/drivers/macintosh/adb.c
index 1bbb9ca08d
Fix the following coccicheck warning:
drivers/macintosh/macio-adb.c:103:13-14: WARNING comparing pointer to 0.
Signed-off-by: KaiLong Wang
---
drivers/macintosh/macio-adb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/macintosh/macio-adb.c b/drivers/macintosh/maci
Le 11/10/2022 à 08:52, Jiasheng Jiang a écrit :
> As ioremap can return NULL pointer, it should
> be better to check the return value return error
> if fails.
> Moreover, the return value of qe_reset should be
> checked by cascade.
>
> Fixes: 68f047e3d62e ("fsl/qe: add rx_sync and tx_sync for TD
41 matches
Mail list logo
