From patchwork Thu Apr 4 16:44:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 10885963 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E8BFC1708 for ; Thu, 4 Apr 2019 16:52:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CE7DF28446 for ; Thu, 4 Apr 2019 16:52:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C21B2288B4; Thu, 4 Apr 2019 16:52:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BD26A28446 for ; Thu, 4 Apr 2019 16:52:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=zQE0RuhXPqTzQBuwoalPF0ELsm5UHW9/TP0g+bJKyVs=; b=pFQb2Sz3uUraFTUKARrHu3nzB6 G3zwwpCgZh9voZiq4j8e88zYvb3Ncd9JFA839erCVwAGVJLlacbNmW+P8e+2e15jZ4+Jfzf59JC+a mBioPOfa6mwtQr1TZyKXAyWx2mkuRfbbF1UnOueKYdo9WfZr7AI8sYcEto8ELDkTo2XSmwuz7MGEy PP3y6V8yf7M1Hu9BD+bN/TjzYL2SncMb51bpU0Zjdew60TdgaCSVWQo48mUYg1zo4Xw//D4yjIgQ9 ++1lmBk9sRe3iqKr3eY/whdYPLjBlDa3AxJikBkhku7Fq1Qb9rQWjeWWrQvGcFzj7caSn4/DI0uRr MTOsBq0g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1hC5bW-0004Xf-4w; Thu, 04 Apr 2019 16:52:42 +0000 Received: from mx1.redhat.com ([209.132.183.28]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1hC5UJ-0000To-7Q for linux-arm-kernel@lists.infradead.org; Thu, 04 Apr 2019 16:45:28 +0000 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7F3023082B45; Thu, 4 Apr 2019 16:45:14 +0000 (UTC) Received: from treble.redhat.com (ovpn-125-158.rdu2.redhat.com [10.10.125.158]) by smtp.corp.redhat.com (Postfix) with ESMTP id D2AB9608BB; Thu, 4 Apr 2019 16:45:11 +0000 (UTC) From: Josh Poimboeuf To: linux-kernel@vger.kernel.org Subject: [PATCH RFC 3/5] powerpc/speculation: Add support for 'cpu_spec_mitigations=' cmdline options Date: Thu, 4 Apr 2019 11:44:13 -0500 Message-Id: <91b92d8182d2f114d92c95689fcd4bb1a8dda1b0.1554396090.git.jpoimboe@redhat.com> In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 04 Apr 2019 16:45:14 +0000 (UTC) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190404_094515_971175_6408C696 X-CRM114-Status: GOOD ( 16.16 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Zijlstra , Benjamin Herrenschmidt , Heiko Carstens , Paul Mackerras , "H . Peter Anvin" , Ingo Molnar , Andrea Arcangeli , linux-s390@vger.kernel.org, Michael Ellerman , x86@kernel.org, Will Deacon , Linus Torvalds , Catalin Marinas , Waiman Long , linux-arch@vger.kernel.org, Jon Masters , Jiri Kosina , Borislav Petkov , Andy Lutomirski , Thomas Gleixner , linux-arm-kernel@lists.infradead.org, Greg Kroah-Hartman , Tyler Hicks , Martin Schwidefsky , linuxppc-dev@lists.ozlabs.org MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Configure powerpc CPU runtime speculation bug mitigations in accordance with the 'cpu_spec_mitigations=' cmdline options. This affects Meltdown, Spectre v1, Spectre v2, and Speculative Store Bypass. The default behavior is unchanged. Signed-off-by: Josh Poimboeuf Acked-by: Michael Ellerman (powerpc) --- Documentation/admin-guide/kernel-parameters.txt | 9 +++++---- arch/powerpc/kernel/security.c | 6 +++--- arch/powerpc/kernel/setup_64.c | 2 +- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 29dc03971630..0e8eae1e8a25 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2552,10 +2552,11 @@ off Disable all speculative CPU mitigations. - Equivalent to: nopti [x86] + Equivalent to: nopti [x86, powerpc] + nospectre_v1 [powerpc] nospectre_v2 [x86] spectre_v2_user=off [x86] - spec_store_bypass_disable=off [x86] + spec_store_bypass_disable=off [x86, powerpc] l1tf=off [x86] auto (default) @@ -2568,7 +2569,7 @@ Equivalent to: pti=auto [x86] spectre_v2=auto [x86] spectre_v2_user=auto [x86] - spec_store_bypass_disable=auto [x86] + spec_store_bypass_disable=auto [x86, powerpc] l1tf=flush [x86] auto,nosmt @@ -2579,7 +2580,7 @@ Equivalent to: pti=auto [x86] spectre_v2=auto [x86] spectre_v2_user=auto [x86] - spec_store_bypass_disable=auto [x86] + spec_store_bypass_disable=auto [x86, powerpc] l1tf=flush,nosmt [x86] mminit_loglevel= diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index b33bafb8fcea..5aed4ad729ba 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -57,7 +57,7 @@ void setup_barrier_nospec(void) enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) && security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR); - if (!no_nospec) + if (!no_nospec && cpu_spec_mitigations != CPU_SPEC_MITIGATIONS_OFF) enable_barrier_nospec(enable); } @@ -116,7 +116,7 @@ static int __init handle_nospectre_v2(char *p) early_param("nospectre_v2", handle_nospectre_v2); void setup_spectre_v2(void) { - if (no_spectrev2) + if (no_spectrev2 || cpu_spec_mitigations == CPU_SPEC_MITIGATIONS_OFF) do_btb_flush_fixups(); else btb_flush_enabled = true; @@ -300,7 +300,7 @@ void setup_stf_barrier(void) stf_enabled_flush_types = type; - if (!no_stf_barrier) + if (!no_stf_barrier && cpu_spec_mitigations != CPU_SPEC_MITIGATIONS_OFF) stf_barrier_enable(enable); } diff --git a/arch/powerpc/kernel/setup_64.c b/arch/powerpc/kernel/setup_64.c index ba404dd9ce1d..d9d796a66a79 100644 --- a/arch/powerpc/kernel/setup_64.c +++ b/arch/powerpc/kernel/setup_64.c @@ -932,7 +932,7 @@ void setup_rfi_flush(enum l1d_flush_type types, bool enable) enabled_flush_types = types; - if (!no_rfi_flush) + if (!no_rfi_flush || cpu_spec_mitigations != CPU_SPEC_MITIGATIONS_OFF) rfi_flush_enable(enable); }