leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0f9bdfe3c7
linux/arch/powerpc
History
Mauricio Faria de Oliveira 0f9bdfe3c7 powerpc/pseries: Fix clearing of security feature flags 
The H_CPU_BEHAV_* flags should be checked for in the 'behaviour' field
of 'struct h_cpu_char_result' -- 'character' is for H_CPU_CHAR_*
flags.

Found by playing around with QEMU's implementation of the hypercall:

  H_CPU_CHAR=0xf000000000000000
  H_CPU_BEHAV=0x0000000000000000

  This clears H_CPU_BEHAV_FAVOUR_SECURITY and H_CPU_BEHAV_L1D_FLUSH_PR
  so pseries_setup_rfi_flush() disables 'rfi_flush'; and it also
  clears H_CPU_CHAR_L1D_THREAD_PRIV flag. So there is no RFI flush
  mitigation at all for cpu_show_meltdown() to report; but currently
  it does:

  Original kernel:

    # cat /sys/devices/system/cpu/vulnerabilities/meltdown
    Mitigation: RFI Flush

  Patched kernel:

    # cat /sys/devices/system/cpu/vulnerabilities/meltdown
    Not affected

  H_CPU_CHAR=0x0000000000000000
  H_CPU_BEHAV=0xf000000000000000

  This sets H_CPU_BEHAV_BNDS_CHK_SPEC_BAR so cpu_show_spectre_v1() should
  report vulnerable; but currently it doesn't:

  Original kernel:

    # cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
    Not affected

  Patched kernel:

    # cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
    Vulnerable

Brown-paper-bag-by: Michael Ellerman <mpe@ellerman.id.au>
Fixes: f636c14790 ("powerpc/pseries: Set or clear security feature flags")
Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2018-03-31 00:10:31 +11:00
..
boot Merge branch 'fixes' into next 2018-03-28 22:59:50 +11:00
configs powerpc updates for 4.16 2018-02-02 10:01:04 -08:00
crypto crypto: hash - annotate algorithms taking optional key 2018-01-12 23:03:35 +11:00
include Merge branch 'fixes' into next 2018-03-28 22:59:50 +11:00
kernel Merge branch 'fixes' into next 2018-03-28 22:59:50 +11:00
kvm Merge branch 'fixes' into next 2018-03-28 22:59:50 +11:00
lib powerpc/rfi-flush: Differentiate enabled and patched flush types 2018-03-27 19:25:14 +11:00
math-emu License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mm Merge branch 'fixes' into next 2018-03-28 22:59:50 +11:00
net powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access 2018-02-22 14:36:08 +11:00
oprofile powerpc: Use sizeof(*foo) rather than sizeof(struct foo) 2018-03-20 16:47:53 +11:00
perf powerpc/perf: Add blacklisted events for Power9 DD2.2 2018-03-27 19:25:11 +11:00
platforms powerpc/pseries: Fix clearing of security feature flags 2018-03-31 00:10:31 +11:00
purgatory License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sysdev powerpc/xive: Use hw CPU ids when configuring the CPU queues 2018-02-15 09:54:43 +11:00
tools License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xmon Merge branch 'topic/ppc-kvm' into next 2018-03-27 23:55:49 +11:00
Kconfig Merge branch 'linus' into sched/urgent, to resolve conflicts 2018-02-06 21:12:31 +01:00
Kconfig.debug powerpc: Add new kconfig CONFIG_PPC_IRQ_SOFT_MASK_DEBUG 2018-01-19 22:37:03 +11:00
Makefile powerpc: Keep const vars out of writable .sdata 2018-03-06 09:21:21 +11:00
Makefile.postlink License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00