leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

powerpc/64s: Patch barrier_nospec in modules

Browse Source 
Note that unlike RFI which is patched only in kernel the nospec state
reflects settings at the time the module was loaded.

Iterating all modules and re-patching every time the settings change
is not implemented.

Based on lwsync patching.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
This commit is contained in:
Michal Suchanek
2018-04-24 14:15:56 +10:00
committed by Michael Ellerman
parent 2eea7f067f
commit 815069ca57
4 changed files with 27 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
arch/powerpc/include/asm/setup.h
View File

@@ -53,6 +53,13 @@ enum l1d_flush_type {
void setup_rfi_flush(enum l1d_flush_type, bool enable); void setup_rfi_flush(enum l1d_flush_type, bool enable);
void do_rfi_flush_fixups(enum l1d_flush_type types); void do_rfi_flush_fixups(enum l1d_flush_type types);
void do_barrier_nospec_fixups(bool enable); void do_barrier_nospec_fixups(bool enable);
extern bool barrier_nospec_enabled;
#ifdef CONFIG_PPC_BOOK3S_64
void do_barrier_nospec_fixups_range(bool enable, void *start, void *end);
#else
static inline void do_barrier_nospec_fixups_range(bool enable, void *start, void *end) { };
#endif
#endif /* !__ASSEMBLY__ */ #endif /* !__ASSEMBLY__ */

6
arch/powerpc/kernel/module.c
View File

@@ -72,6 +72,12 @@ int module_finalize(const Elf_Ehdr *hdr,
do_feature_fixups(powerpc_firmware_features, do_feature_fixups(powerpc_firmware_features,
(void *)sect->sh_addr, (void *)sect->sh_addr,
(void *)sect->sh_addr + sect->sh_size); (void *)sect->sh_addr + sect->sh_size);
sect = find_section(hdr, sechdrs, "__spec_barrier_fixup");
if (sect != NULL)
do_barrier_nospec_fixups_range(barrier_nospec_enabled,
(void *)sect->sh_addr,
(void *)sect->sh_addr + sect->sh_size);
#endif #endif
sect = find_section(hdr, sechdrs, "__lwsync_fixup"); sect = find_section(hdr, sechdrs, "__lwsync_fixup");

2
arch/powerpc/kernel/security.c
View File

@@ -14,7 +14,7 @@
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT; unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
static bool barrier_nospec_enabled; bool barrier_nospec_enabled;
static void enable_barrier_nospec(bool enable) static void enable_barrier_nospec(bool enable)
{ {

16
arch/powerpc/lib/feature-fixups.c
View File

@@ -163,14 +163,14 @@ void do_rfi_flush_fixups(enum l1d_flush_type types)
: "unknown"); : "unknown");
} }
void do_barrier_nospec_fixups(bool enable) void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
{ {
unsigned int instr, *dest; unsigned int instr, *dest;
long *start, *end; long *start, *end;
int i; int i;
start = PTRRELOC(&__start___barrier_nospec_fixup), start = fixup_start;
end = PTRRELOC(&__stop___barrier_nospec_fixup); end = fixup_end;
instr = 0x60000000; /* nop */ instr = 0x60000000; /* nop */
@@ -189,6 +189,16 @@ void do_barrier_nospec_fixups(bool enable)
printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i); printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
} }
void do_barrier_nospec_fixups(bool enable)
{
void *start, *end;
start = PTRRELOC(&__start___barrier_nospec_fixup),
end = PTRRELOC(&__stop___barrier_nospec_fixup);
do_barrier_nospec_fixups_range(enable, start, end);
}
#endif /* CONFIG_PPC_BOOK3S_64 */ #endif /* CONFIG_PPC_BOOK3S_64 */
void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end) void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)