Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2364430imm; Mon, 28 May 2018 06:47:45 -0700 (PDT) X-Google-Smtp-Source: AB8JxZriYNnVw4xIFZPyF8k0xxNvGAPan1PjEDO6ZnIcqAiF56Gol36j1PPbW1kaW/CueRx3dP3E X-Received: by 2002:aa7:8609:: with SMTP id p9-v6mr13432344pfn.123.1527515265406; Mon, 28 May 2018 06:47:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527515265; cv=none; d=google.com; s=arc-20160816; b=ktUwIcTmUALYewRedvSsgJzjjoa68IXc9P6qYGnaakw5mSVwcmN5erY45ukTkeqT8T pyLKJkbVlE0t79uogIXmp9gvZB3uYz2dpsd1pCqSUBkSVkzxBAP6kUxzOe0zo57+EPaf Hee+XJ9/gX2jY43lHOye0CFUT6er2LUQMoP9H8wSOEPULg+29aCTQ7fI+YId5LGk/lJW 6QHGpb9i4b0bJRCfpd9dKzQ2U2qcKVLZfr7RQn6Lo7koS7JdMDqTMQvbGL3woEirdF8w fGXLtDTeZJ/N3LE+h5rlwF19xpP+6vKP+SyugzzjIC7RoRLCIyrcbIeGrolTe78tCTXS MtXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=SUZ5WBaY5LS9kO9DlE14UYa92icrhAB4kdq9Vs5pl/o=; b=tUY4MC18jlOTt9SGQfiWEtU7XsU/45zWSeHT1QJpidiwlE2IWfi81TEHDFjJd/Z8fT pE7uV1f9G65URABzAXamK/+oVFSof3uMOttvyBRMJZC3cn+LCpOyS3Rh+jb/CvLaTZZK 13Z2Cg49ziR3B2u7HOui4SnZSf1MS03X0DzNnx4fBGQbx0sliYsWAEunW3+M/Qwj+gXI eOed8loq9wTZlA/YtyyMf2KtUuvmk+bGzLKyBY60Dt2CmrPK6EdH51xdSJUQg7UYIPmI wlyB9R6V8syxiqddUA/k+sP6FTakFt0o7NvFeP11itXIj6SKlmC27CNznM+Js+ZiIl2K XrYg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xCWcRqGe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 69-v6si30900418pla.548.2018.05.28.06.47.30; Mon, 28 May 2018 06:47:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xCWcRqGe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S937598AbeE1Nqr (ORCPT + 99 others); Mon, 28 May 2018 09:46:47 -0400 Received: from mail.kernel.org ([198.145.29.99]:34148 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S937431AbeE1Km5 (ORCPT ); Mon, 28 May 2018 06:42:57 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4B5CF208A5; Mon, 28 May 2018 10:42:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527504176; bh=Iloqr0LhAXsn3n+cekog8q0IZ0rMHvCQMF+y0uY/yL0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=xCWcRqGeZi2w3J2N+BX/xs2YTTeKfsCbHyUnI1LQm5HGiI0R63EP4pKLdxwXtCdDH iaRZOS3EmrWrr4LsA2jOlPLyMsNmc4wmMd2RwUuN5c7zdvytfKCuCcILs6/Cc5G9pE 1Q99N6+ehmf1O7n9vcROSCH40+p1jt3eX+usjo/c= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, greg@kroah.com Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Michael Ellerman Subject: [PATCH 4.14 043/496] powerpc: Add security feature flags for Spectre/Meltdown Date: Mon, 28 May 2018 11:57:08 +0200 Message-Id: <20180528100321.511531817@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180528100319.498712256@linuxfoundation.org> References: <20180528100319.498712256@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Michael Ellerman commit 9a868f634349e62922c226834aa23e3d1329ae7f upstream. This commit adds security feature flags to reflect the settings we receive from firmware regarding Spectre/Meltdown mitigations. The feature names reflect the names we are given by firmware on bare metal machines. See the hostboot source for details. Arguably these could be firmware features, but that then requires them to be read early in boot so they're available prior to asm feature patching, but we don't actually want to use them for patching. We may also want to dynamically update them in future, which would be incompatible with the way firmware features work (at the moment at least). So for now just make them separate flags. Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/include/asm/security_features.h | 65 +++++++++++++++++++++++++++ arch/powerpc/kernel/Makefile | 2 arch/powerpc/kernel/security.c | 15 ++++++ 3 files changed, 81 insertions(+), 1 deletion(-) create mode 100644 arch/powerpc/include/asm/security_features.h create mode 100644 arch/powerpc/kernel/security.c --- /dev/null +++ b/arch/powerpc/include/asm/security_features.h @@ -0,0 +1,65 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Security related feature bit definitions. + * + * Copyright 2018, Michael Ellerman, IBM Corporation. + */ + +#ifndef _ASM_POWERPC_SECURITY_FEATURES_H +#define _ASM_POWERPC_SECURITY_FEATURES_H + + +extern unsigned long powerpc_security_features; + +static inline void security_ftr_set(unsigned long feature) +{ + powerpc_security_features |= feature; +} + +static inline void security_ftr_clear(unsigned long feature) +{ + powerpc_security_features &= ~feature; +} + +static inline bool security_ftr_enabled(unsigned long feature) +{ + return !!(powerpc_security_features & feature); +} + + +// Features indicating support for Spectre/Meltdown mitigations + +// The L1-D cache can be flushed with ori r30,r30,0 +#define SEC_FTR_L1D_FLUSH_ORI30 0x0000000000000001ull + +// The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2) +#define SEC_FTR_L1D_FLUSH_TRIG2 0x0000000000000002ull + +// ori r31,r31,0 acts as a speculation barrier +#define SEC_FTR_SPEC_BAR_ORI31 0x0000000000000004ull + +// Speculation past bctr is disabled +#define SEC_FTR_BCCTRL_SERIALISED 0x0000000000000008ull + +// Entries in L1-D are private to a SMT thread +#define SEC_FTR_L1D_THREAD_PRIV 0x0000000000000010ull + +// Indirect branch prediction cache disabled +#define SEC_FTR_COUNT_CACHE_DISABLED 0x0000000000000020ull + + +// Features indicating need for Spectre/Meltdown mitigations + +// The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to guest) +#define SEC_FTR_L1D_FLUSH_HV 0x0000000000000040ull + +// The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to userspace) +#define SEC_FTR_L1D_FLUSH_PR 0x0000000000000080ull + +// A speculation barrier should be used for bounds checks (Spectre variant 1) +#define SEC_FTR_BNDS_CHK_SPEC_BAR 0x0000000000000100ull + +// Firmware configuration indicates user favours security over performance +#define SEC_FTR_FAVOUR_SECURITY 0x0000000000000200ull + +#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */ --- a/arch/powerpc/kernel/Makefile +++ b/arch/powerpc/kernel/Makefile @@ -42,7 +42,7 @@ obj-$(CONFIG_VDSO32) += vdso32/ obj-$(CONFIG_PPC_WATCHDOG) += watchdog.o obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o obj-$(CONFIG_PPC_BOOK3S_64) += cpu_setup_ppc970.o cpu_setup_pa6t.o -obj-$(CONFIG_PPC_BOOK3S_64) += cpu_setup_power.o +obj-$(CONFIG_PPC_BOOK3S_64) += cpu_setup_power.o security.o obj-$(CONFIG_PPC_BOOK3S_64) += mce.o mce_power.o obj-$(CONFIG_PPC_BOOK3E_64) += exceptions-64e.o idle_book3e.o obj-$(CONFIG_PPC64) += vdso64/ --- /dev/null +++ b/arch/powerpc/kernel/security.c @@ -0,0 +1,15 @@ +// SPDX-License-Identifier: GPL-2.0+ +// +// Security related flags and so on. +// +// Copyright 2018, Michael Ellerman, IBM Corporation. + +#include +#include + + +unsigned long powerpc_security_features __read_mostly = \ + SEC_FTR_L1D_FLUSH_HV | \ + SEC_FTR_L1D_FLUSH_PR | \ + SEC_FTR_BNDS_CHK_SPEC_BAR | \ + SEC_FTR_FAVOUR_SECURITY;