Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2196948imm; Mon, 28 May 2018 03:44:39 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoGgKhNt26w9ocNfbn5wwiV6jSd+McW+iqrkn9hs5x/AUvvLxTGBI7YB+J9tARxC4EhA3yT X-Received: by 2002:a63:6e8f:: with SMTP id j137-v6mr8703630pgc.453.1527504279810; Mon, 28 May 2018 03:44:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527504279; cv=none; d=google.com; s=arc-20160816; b=jLHX9Qh8qTW/Ssz4jUH8LcLaIJ0lsqq9Q2fQUn4YyD3B+MqU/WArm/DRDqkyqRqcxE v46lwQGma8nW0aMTruUZ6bH7YqQctq0fZ82J4iwHa48gH7aBEOpQAA12Jz2K+D29h5eX oU6AGE0D2i5e2cwQMtgQOKxcy0G2cAzx7J41x3OGw7d5fmYbX1FaWAcaiDMXHAF+DsAm lUtQJzlCLMcNc7R1QDlDs+NmQPd8dpAzyc3KN8FtM8SCX3gzkQFteVCZ/2FJepNQcYYO d3GOMemNXeiu25GAoC6qEoz/cHWyb5W4cIl1Wh0pJQ2NlA8qNPCzdtNaR/gw/x39eYU5 Qa6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=pCS9qT3id6PB0tYSg6qKB1dwD6632/yOFNtzjoWwjAM=; b=wiFlksezZZ+XRiV3V40Qp8g1+h5gLmi2VD0Mgv7/OfZAcUGGsAVxPxidmb5yyfSO6s WVWprKDmvsTVYAYLQjCwxGTngmAYDXrkTiufPoNd9GmsrNMDtl4dwGAgKTc2uYhJaQAd HnjGeFhjZ7zHt1vnRhVF3TNE9ZMNBZSnWXnuT0HlW+71q3NVuzzM3crrSWRtqVEdY1IK d3ABe3A5hQCfszFViFJblmiU4D/++q0R6wrD1PJc975C75Kq0e1piwmFeQ8x4vY14vpI J/Er8Qn2+H3BAhYsoLRJ373yHZxQDGbgTFOZGBN6li+qUVt9z/NVLCfwHrofjcXXjtTN OhJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wr3vUiGD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t7-v6si3611918pgo.559.2018.05.28.03.44.25; Mon, 28 May 2018 03:44:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wr3vUiGD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1163049AbeE1Kne (ORCPT + 99 others); Mon, 28 May 2018 06:43:34 -0400 Received: from mail.kernel.org ([198.145.29.99]:34504 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S937594AbeE1Kna (ORCPT ); Mon, 28 May 2018 06:43:30 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 9759E20660; Mon, 28 May 2018 10:43:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527504210; bh=fP27OOMJHH5BJJzaWkr5SEK0ZGo9kkKSwlo//zQCPSI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=wr3vUiGD0Z/1OSuCUEsgRT+HBd5V9yrd0rKXS6k/f69S28Dr4qLS+yxqw3GAX+6ZD qiDkkJBmYX+wFxUx1ynYmJs2pzR6HOVRODJvR+YBNQyGNVEqOb1ZOu7F9MBkfB+C9e ya5k7wEFZbqoZnF/fYlqdscYynMg1tAv60VZylEY= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, greg@kroah.com Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Mauricio Faria de Oliveira , Michael Ellerman Subject: [PATCH 4.14 054/496] powerpc/pseries: Restore default security feature flags on setup Date: Mon, 28 May 2018 11:57:19 +0200 Message-Id: <20180528100322.057857561@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180528100319.498712256@linuxfoundation.org> References: <20180528100319.498712256@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Mauricio Faria de Oliveira commit 6232774f1599028a15418179d17f7df47ede770a upstream. After migration the security feature flags might have changed (e.g., destination system with unpatched firmware), but some flags are not set/clear again in init_cpu_char_feature_flags() because it assumes the security flags to be the defaults. Additionally, if the H_GET_CPU_CHARACTERISTICS hypercall fails then init_cpu_char_feature_flags() does not run again, which potentially might leave the system in an insecure or sub-optimal configuration. So, just restore the security feature flags to the defaults assumed by init_cpu_char_feature_flags() so it can set/clear them correctly, and to ensure safe settings are in place in case the hypercall fail. Fixes: f636c14790ea ("powerpc/pseries: Set or clear security feature flags") Depends-on: 19887d6a28e2 ("powerpc: Move default security feature flags") Signed-off-by: Mauricio Faria de Oliveira Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/platforms/pseries/setup.c | 11 +++++++++++ 1 file changed, 11 insertions(+) --- a/arch/powerpc/platforms/pseries/setup.c +++ b/arch/powerpc/platforms/pseries/setup.c @@ -462,6 +462,10 @@ static void __init find_and_init_phbs(vo static void init_cpu_char_feature_flags(struct h_cpu_char_result *result) { + /* + * The features below are disabled by default, so we instead look to see + * if firmware has *enabled* them, and set them if so. + */ if (result->character & H_CPU_CHAR_SPEC_BAR_ORI31) security_ftr_set(SEC_FTR_SPEC_BAR_ORI31); @@ -501,6 +505,13 @@ void pseries_setup_rfi_flush(void) bool enable; long rc; + /* + * Set features to the defaults assumed by init_cpu_char_feature_flags() + * so it can set/clear again any features that might have changed after + * migration, and in case the hypercall fails and it is not even called. + */ + powerpc_security_features = SEC_FTR_DEFAULT; + rc = plpar_get_cpu_characteristics(&result); if (rc == H_SUCCESS) init_cpu_char_feature_flags(&result);