[PATCH v4 0/6] powerpc/fsl: Speculation barrier for NXP PowerPC Book3E

[PATCH v4 0/6] powerpc/fsl: Speculation barrier for NXP PowerPC Book3E

[Diana Craciun]

Implement barrier_nospec for NXP PowerPC Book3E processors.

Diana Craciun (6):
  Disable the speculation barrier from the command line
  Document nospectre_v1 kernel parameter.
  Make stf barrier PPC_BOOK3S_64 specific.
  Enable cpu vulnerabilities reporting for NXP PPC BOOK3E
  Add barrier_nospec implementation for NXP PowerPC Book3E
  powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit
    platforms

 Documentation/admin-guide/kernel-parameters.txt |  4 +++
 arch/powerpc/Kconfig                            |  7 ++++-
 arch/powerpc/include/asm/barrier.h              | 12 ++++++---
 arch/powerpc/include/asm/setup.h                |  6 ++++-
 arch/powerpc/kernel/Makefile                    |  3 ++-
 arch/powerpc/kernel/entry_32.S                  | 10 +++++++
 arch/powerpc/kernel/module.c                    |  4 ++-
 arch/powerpc/kernel/security.c                  | 17 +++++++++++-
 arch/powerpc/kernel/setup-common.c              |  2 ++
 arch/powerpc/kernel/vmlinux.lds.S               |  4 ++-
 arch/powerpc/lib/feature-fixups.c               | 35 ++++++++++++++++++++++++-
 arch/powerpc/platforms/powernv/setup.c          |  1 -
 arch/powerpc/platforms/pseries/setup.c          |  1 -
 13 files changed, 94 insertions(+), 12 deletions(-)

--
History:
v3 --> v4
- fixed compilation issues

v2 --> v3
- addressed review comments
- included the 32bit sanitization in the same patch series

v1 --> v2
- added implementation for cpu_show_spectre_x functions
- the mitigation is no longer enabled through device tree options

2.5.5

[PATCH v4 1/6] powerpc/fsl: Disable the speculation barrier from the command line

[Diana Craciun]

The speculation barrier can be disabled from the command line
with the parameter: "nospectre_v1".

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v2-->v3
- no changes

 arch/powerpc/kernel/security.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c
index a8b2773..2ebfc5b 100644
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -16,6 +16,7 @@
 unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
 
 bool barrier_nospec_enabled;
+static bool no_nospec;
 
 static void enable_barrier_nospec(bool enable)
 {
@@ -42,9 +43,18 @@ void setup_barrier_nospec(void)
 	enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) &&
 		 security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR);
 
-	enable_barrier_nospec(enable);
+	if (!no_nospec)
+		enable_barrier_nospec(enable);
 }
 
+static int __init handle_nospectre_v1(char *p)
+{
+	no_nospec = true;
+
+	return 0;
+}
+early_param("nospectre_v1", handle_nospectre_v1);
+
 #ifdef CONFIG_DEBUG_FS
 static int barrier_nospec_set(void *data, u64 val)
 {
-- 
2.5.5

[PATCH v4 2/6] powerpc/fsl: Document nospectre_v1 kernel parameter.

[Diana Craciun]

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v2-->v3
- new

 Documentation/admin-guide/kernel-parameters.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index efc7aa7..b346cc7 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2687,6 +2687,10 @@
 	nosmt		[KNL,S390] Disable symmetric multithreading (SMT).
 			Equivalent to smt=1.
 
+	nospectre_v1	[PPC] Disable mitigations for Spectre Variant 1
+				(bounds check bypass). With this option data leaks are
+				possible in the system.
+
 	nospectre_v2	[X86] Disable all mitigations for the Spectre variant 2
 			(indirect branch prediction) vulnerability. System may
 			allow data leaks with this option, which is equivalent
-- 
2.5.5

[PATCH v4 3/6] powerpc/fsl: Make stf barrier PPC_BOOK3S_64 specific.

[Diana Craciun]

NXP Book3E platforms are not vulnerable to speculative store
bypass, so make the mitigations PPC_BOOK3S_64 specific.

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v2-->v3
- new

 arch/powerpc/kernel/security.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c
index 2ebfc5b..3a4e5c3 100644
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -169,6 +169,7 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c
 	return s.len;
 }
 
+#ifdef CONFIG_PPC_BOOK3S_64
 /*
  * Store-forwarding barrier support.
  */
@@ -316,3 +317,5 @@ static __init int stf_barrier_debugfs_init(void)
 }
 device_initcall(stf_barrier_debugfs_init);
 #endif /* CONFIG_DEBUG_FS */
+#endif /* CONFIG_PPC_BOOK3S_64 */
+
-- 
2.5.5

[PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[Diana Craciun]

The NXP PPC Book3E platforms are not vulnerable to meltdown and
Spectre v4, so make them PPC_BOOK3S_64 specific.

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v2-->v3
- used the existing functions for spectre v1/v2

 arch/powerpc/Kconfig           | 7 ++++++-
 arch/powerpc/kernel/security.c | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 9f2b75f..116c953 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -165,7 +165,7 @@ config PPC
 	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP
 	select GENERIC_CMOS_UPDATE
 	select GENERIC_CPU_AUTOPROBE
-	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64
+	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC
 	select GENERIC_IRQ_SHOW
 	select GENERIC_IRQ_SHOW_LEVEL
 	select GENERIC_SMP_IDLE_THREAD
@@ -240,6 +240,11 @@ config PPC
 	# Please keep this list sorted alphabetically.
 	#
 
+config PPC_NOSPEC
+    bool
+    default y
+    depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E
+
 config GENERIC_CSUM
 	def_bool n
 
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c
index 3a4e5c3..539c744 100644
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void)
 device_initcall(barrier_nospec_debugfs_init);
 #endif /* CONFIG_DEBUG_FS */
 
+#ifdef CONFIG_PPC_BOOK3S_64
 ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf)
 {
 	bool thread_priv;
@@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, cha
 
 	return sprintf(buf, "Vulnerable\n");
 }
+#endif
 
 ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf)
 {
-- 
2.5.5

Re: [PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[LEROY Christophe]

Diana Craciun <diana.craciun@nxp.com> a =C3=A9crit=C2=A0:

> The NXP PPC Book3E platforms are not vulnerable to meltdown and
> Spectre v4, so make them PPC_BOOK3S_64 specific.
>
> Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
> ---
> History:
>
> v2-->v3
> - used the existing functions for spectre v1/v2
>
>  arch/powerpc/Kconfig           | 7 ++++++-
>  arch/powerpc/kernel/security.c | 2 ++
>  2 files changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index 9f2b75f..116c953 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -165,7 +165,7 @@ config PPC
>  	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP
>  	select GENERIC_CMOS_UPDATE
>  	select GENERIC_CPU_AUTOPROBE
> -	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64
> +	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC

I don't understand.  You say this patch is to make something specific=20=20
to=20book3s64 specific, and you are creating a new config param that=20=20
make=20things less specific

Christophe

>  	select GENERIC_IRQ_SHOW
>  	select GENERIC_IRQ_SHOW_LEVEL
>  	select GENERIC_SMP_IDLE_THREAD
> @@ -240,6 +240,11 @@ config PPC
>  	# Please keep this list sorted alphabetically.
>  	#
>
> +config PPC_NOSPEC
> +    bool
> +    default y
> +    depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E
> +
>  config GENERIC_CSUM
>  	def_bool n
>
> diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/securit=
y.c
> index 3a4e5c3..539c744 100644
> --- a/arch/powerpc/kernel/security.c
> +++ b/arch/powerpc/kernel/security.c
> @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void)
>  device_initcall(barrier_nospec_debugfs_init);
>  #endif /* CONFIG_DEBUG_FS */
>
> +#ifdef CONFIG_PPC_BOOK3S_64
>  ssize_t cpu_show_meltdown(struct device *dev, struct=20=20
>=20device_attribute *attr, char *buf)
>  {
>  	bool thread_priv;
> @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev,=20=20
>=20struct device_attribute *attr, cha
>
>  	return sprintf(buf, "Vulnerable\n");
>  }
> +#endif
>
>  ssize_t cpu_show_spectre_v1(struct device *dev, struct=20=20
>=20device_attribute *attr, char *buf)
>  {
> --
> 2.5.5

Re: [PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[Diana Madalina Craciun]

On 7/17/2018 7:47 PM, LEROY Christophe wrote:=0A=
> Diana Craciun <diana.craciun@nxp.com> a =E9crit :=0A=
>=0A=
>> The NXP PPC Book3E platforms are not vulnerable to meltdown and=0A=
>> Spectre v4, so make them PPC_BOOK3S_64 specific.=0A=
>>=0A=
>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com>=0A=
>> ---=0A=
>> History:=0A=
>>=0A=
>> v2-->v3=0A=
>> - used the existing functions for spectre v1/v2=0A=
>>=0A=
>>  arch/powerpc/Kconfig           | 7 ++++++-=0A=
>>  arch/powerpc/kernel/security.c | 2 ++=0A=
>>  2 files changed, 8 insertions(+), 1 deletion(-)=0A=
>>=0A=
>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig=0A=
>> index 9f2b75f..116c953 100644=0A=
>> --- a/arch/powerpc/Kconfig=0A=
>> +++ b/arch/powerpc/Kconfig=0A=
>> @@ -165,7 +165,7 @@ config PPC=0A=
>>  	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP=0A=
>>  	select GENERIC_CMOS_UPDATE=0A=
>>  	select GENERIC_CPU_AUTOPROBE=0A=
>> -	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64=0A=
>> +	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC=0A=
> I don't understand.  You say this patch is to make something specific  =
=0A=
> to book3s64 specific, and you are creating a new config param that  =0A=
> make things less specific=0A=
>=0A=
> Christophe=0A=
=0A=
In order to enable the vulnerabilities reporting on NXP socs I need to=0A=
enable them for PPC_FSL_BOOK3E. So they will be enabled for both=0A=
PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the=0A=
Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs=0A=
are not vulnerable to meltdown, so I made the meltdown reporting=0A=
PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in=0A=
a separate patch to be more clear.=0A=
=0A=
Diana=0A=
=0A=
>=0A=
>>  	select GENERIC_IRQ_SHOW=0A=
>>  	select GENERIC_IRQ_SHOW_LEVEL=0A=
>>  	select GENERIC_SMP_IDLE_THREAD=0A=
>> @@ -240,6 +240,11 @@ config PPC=0A=
>>  	# Please keep this list sorted alphabetically.=0A=
>>  	#=0A=
>>=0A=
>> +config PPC_NOSPEC=0A=
>> +    bool=0A=
>> +    default y=0A=
>> +    depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E=0A=
>> +=0A=
>>  config GENERIC_CSUM=0A=
>>  	def_bool n=0A=
>>=0A=
>> diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/securi=
ty.c=0A=
>> index 3a4e5c3..539c744 100644=0A=
>> --- a/arch/powerpc/kernel/security.c=0A=
>> +++ b/arch/powerpc/kernel/security.c=0A=
>> @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void)=0A=
>>  device_initcall(barrier_nospec_debugfs_init);=0A=
>>  #endif /* CONFIG_DEBUG_FS */=0A=
>>=0A=
>> +#ifdef CONFIG_PPC_BOOK3S_64=0A=
>>  ssize_t cpu_show_meltdown(struct device *dev, struct  =0A=
>> device_attribute *attr, char *buf)=0A=
>>  {=0A=
>>  	bool thread_priv;=0A=
>> @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev,  =0A=
>> struct device_attribute *attr, cha=0A=
>>=0A=
>>  	return sprintf(buf, "Vulnerable\n");=0A=
>>  }=0A=
>> +#endif=0A=
>>=0A=
>>  ssize_t cpu_show_spectre_v1(struct device *dev, struct  =0A=
>> device_attribute *attr, char *buf)=0A=
>>  {=0A=
>> --=0A=
>> 2.5.5=0A=
>=0A=
>=0A=
=0A=

Re: [PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[LEROY Christophe]

Diana Madalina Craciun <diana.craciun@nxp.com> a =C3=A9crit=C2=A0:

> On 7/17/2018 7:47 PM, LEROY Christophe wrote:
>> Diana Craciun <diana.craciun@nxp.com> a =C3=A9crit :
>>
>>> The NXP PPC Book3E platforms are not vulnerable to meltdown and
>>> Spectre v4, so make them PPC_BOOK3S_64 specific.
>>>
>>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
>>> ---
>>> History:
>>>
>>> v2-->v3
>>> - used the existing functions for spectre v1/v2
>>>
>>>  arch/powerpc/Kconfig           | 7 ++++++-
>>>  arch/powerpc/kernel/security.c | 2 ++
>>>  2 files changed, 8 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
>>> index 9f2b75f..116c953 100644
>>> --- a/arch/powerpc/Kconfig
>>> +++ b/arch/powerpc/Kconfig
>>> @@ -165,7 +165,7 @@ config PPC
>>>  	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP
>>>  	select GENERIC_CMOS_UPDATE
>>>  	select GENERIC_CPU_AUTOPROBE
>>> -	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64
>>> +	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC
>> I don't understand.  You say this patch is to make something specific
>> to book3s64 specific, and you are creating a new config param that
>> make things less specific
>>
>> Christophe
>
> In order to enable the vulnerabilities reporting on NXP socs I need to
> enable them for PPC_FSL_BOOK3E. So they will be enabled for both
> PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the
> Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs
> are not vulnerable to meltdown, so I made the meltdown reporting
> PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in
> a separate patch to be more clear.

Yes you can. Or keep it as a single patch and add the details you gave=20=
=20
me=20in the patch description.

Christophe

>
> Diana
>
>>
>>>  	select GENERIC_IRQ_SHOW
>>>  	select GENERIC_IRQ_SHOW_LEVEL
>>>  	select GENERIC_SMP_IDLE_THREAD
>>> @@ -240,6 +240,11 @@ config PPC
>>>  	# Please keep this list sorted alphabetically.
>>>  	#
>>>
>>> +config PPC_NOSPEC
>>> +    bool
>>> +    default y
>>> +    depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E
>>> +
>>>  config GENERIC_CSUM
>>>  	def_bool n
>>>
>>> diff --git a/arch/powerpc/kernel/security.c=20=20
>>>=20b/arch/powerpc/kernel/security.c
>>> index 3a4e5c3..539c744 100644
>>> --- a/arch/powerpc/kernel/security.c
>>> +++ b/arch/powerpc/kernel/security.c
>>> @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void)
>>>  device_initcall(barrier_nospec_debugfs_init);
>>>  #endif /* CONFIG_DEBUG_FS */
>>>
>>> +#ifdef CONFIG_PPC_BOOK3S_64
>>>  ssize_t cpu_show_meltdown(struct device *dev, struct
>>> device_attribute *attr, char *buf)
>>>  {
>>>  	bool thread_priv;
>>> @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev,
>>> struct device_attribute *attr, cha
>>>
>>>  	return sprintf(buf, "Vulnerable\n");
>>>  }
>>> +#endif
>>>
>>>  ssize_t cpu_show_spectre_v1(struct device *dev, struct
>>> device_attribute *attr, char *buf)
>>>  {
>>> --
>>> 2.5.5
>>
>>

Re: [PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[Michael Ellerman]

LEROY Christophe <christophe.leroy@c-s.fr> writes:
> Diana Madalina Craciun <diana.craciun@nxp.com> a =C3=A9crit=C2=A0:
>> On 7/17/2018 7:47 PM, LEROY Christophe wrote:
>>> Diana Craciun <diana.craciun@nxp.com> a =C3=A9crit :
>>>> The NXP PPC Book3E platforms are not vulnerable to meltdown and
>>>> Spectre v4, so make them PPC_BOOK3S_64 specific.
>>>>
>>>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
>>>> ---
>>>> History:
>>>>
>>>> v2-->v3
>>>> - used the existing functions for spectre v1/v2
>>>>
>>>>  arch/powerpc/Kconfig           | 7 ++++++-
>>>>  arch/powerpc/kernel/security.c | 2 ++
>>>>  2 files changed, 8 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
>>>> index 9f2b75f..116c953 100644
>>>> --- a/arch/powerpc/Kconfig
>>>> +++ b/arch/powerpc/Kconfig
>>>> @@ -165,7 +165,7 @@ config PPC
>>>>  	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP
>>>>  	select GENERIC_CMOS_UPDATE
>>>>  	select GENERIC_CPU_AUTOPROBE
>>>> -	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64
>>>> +	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC
>>> I don't understand.  You say this patch is to make something specific
>>> to book3s64 specific, and you are creating a new config param that
>>> make things less specific
>>>
>>> Christophe
>>
>> In order to enable the vulnerabilities reporting on NXP socs I need to
>> enable them for PPC_FSL_BOOK3E. So they will be enabled for both
>> PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the
>> Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs
>> are not vulnerable to meltdown, so I made the meltdown reporting
>> PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in
>> a separate patch to be more clear.
>
> Yes you can. Or keep it as a single patch and add the details you gave=20=
=20
> me in the patch description.

Yeah I think the patch is fine, but the change log is a bit short on detail.

If you just send me a new change log I can fold it in.

cheers

Re: [PATCH v4 4/6] powerpc/fsl: Enable cpu vulnerabilities reporting for NXP PPC BOOK3E

[Diana Madalina Craciun]

On 7/19/2018 3:05 PM, Michael Ellerman wrote:=0A=
> LEROY Christophe <christophe.leroy@c-s.fr> writes:=0A=
>> Diana Madalina Craciun <diana.craciun@nxp.com> a =E9crit :=0A=
>>> On 7/17/2018 7:47 PM, LEROY Christophe wrote:=0A=
>>>> Diana Craciun <diana.craciun@nxp.com> a =E9crit :=0A=
>>>>> The NXP PPC Book3E platforms are not vulnerable to meltdown and=0A=
>>>>> Spectre v4, so make them PPC_BOOK3S_64 specific.=0A=
>>>>>=0A=
>>>>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com>=0A=
>>>>> ---=0A=
>>>>> History:=0A=
>>>>>=0A=
>>>>> v2-->v3=0A=
>>>>> - used the existing functions for spectre v1/v2=0A=
>>>>>=0A=
>>>>>  arch/powerpc/Kconfig           | 7 ++++++-=0A=
>>>>>  arch/powerpc/kernel/security.c | 2 ++=0A=
>>>>>  2 files changed, 8 insertions(+), 1 deletion(-)=0A=
>>>>>=0A=
>>>>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig=0A=
>>>>> index 9f2b75f..116c953 100644=0A=
>>>>> --- a/arch/powerpc/Kconfig=0A=
>>>>> +++ b/arch/powerpc/Kconfig=0A=
>>>>> @@ -165,7 +165,7 @@ config PPC=0A=
>>>>>  	select GENERIC_CLOCKEVENTS_BROADCAST	if SMP=0A=
>>>>>  	select GENERIC_CMOS_UPDATE=0A=
>>>>>  	select GENERIC_CPU_AUTOPROBE=0A=
>>>>> -	select GENERIC_CPU_VULNERABILITIES	if PPC_BOOK3S_64=0A=
>>>>> +	select GENERIC_CPU_VULNERABILITIES	if PPC_NOSPEC=0A=
>>>> I don't understand.  You say this patch is to make something specific=
=0A=
>>>> to book3s64 specific, and you are creating a new config param that=0A=
>>>> make things less specific=0A=
>>>>=0A=
>>>> Christophe=0A=
>>> In order to enable the vulnerabilities reporting on NXP socs I need to=
=0A=
>>> enable them for PPC_FSL_BOOK3E. So they will be enabled for both=0A=
>>> PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the=0A=
>>> Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs=
=0A=
>>> are not vulnerable to meltdown, so I made the meltdown reporting=0A=
>>> PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in=
=0A=
>>> a separate patch to be more clear.=0A=
>> Yes you can. Or keep it as a single patch and add the details you gave  =
=0A=
>> me in the patch description.=0A=
> Yeah I think the patch is fine, but the change log is a bit short on deta=
il.=0A=
>=0A=
> If you just send me a new change log I can fold it in.=0A=
>=0A=
> cheers=0A=
>=0A=
Thanks! This is the new change log:=0A=
=0A=
"The Spectre/Meltdown vulnerabilities will be enabled for both=0A=
PPC_FSL_BOOK3E and PPC_BOOK3S_64. In order to avoid a complicated ifdef=0A=
we add a new Kconfig (PPC_NOSPEC) to select the common code between=0A=
BOOK3S_64 and FSL_BOOK3E. However, the NXP platforms are not vulnerable=0A=
to Meltdown, so make the Meltdown vulnerability reporting PPC_BOOK3S_64=0A=
specific."=0A=
=0A=
Regards,=0A=
=0A=
Diana=0A=
=0A=

[PATCH v4 5/6] powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E

[Diana Craciun]

Implement the barrier_nospec as a isync;sync instruction sequence.
The implementation uses the infrastructure built for BOOK3S 64.

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v3-->v4
- fixed compilation issues

v2-->v3
- added PPC_NOSPEC Kconfig
- addressed the review comments

It was a discussion at the previous review cycle about the place in the code
where to call setup_barrier_nospec. I have chosen to call the function in the
common code in order to be re-used on multiple platforms. However, I am not sure
that changes concerning powernv/pseries are correct, I need some input here.

 arch/powerpc/include/asm/barrier.h     | 12 +++++++++---
 arch/powerpc/include/asm/setup.h       |  6 +++++-
 arch/powerpc/kernel/Makefile           |  3 ++-
 arch/powerpc/kernel/module.c           |  4 +++-
 arch/powerpc/kernel/setup-common.c     |  2 ++
 arch/powerpc/kernel/vmlinux.lds.S      |  4 +++-
 arch/powerpc/lib/feature-fixups.c      | 35 +++++++++++++++++++++++++++++++++-
 arch/powerpc/platforms/powernv/setup.c |  1 -
 arch/powerpc/platforms/pseries/setup.c |  1 -
 9 files changed, 58 insertions(+), 10 deletions(-)

diff --git a/arch/powerpc/include/asm/barrier.h b/arch/powerpc/include/asm/barrier.h
index f67b3f6..0bdfa81 100644
--- a/arch/powerpc/include/asm/barrier.h
+++ b/arch/powerpc/include/asm/barrier.h
@@ -77,19 +77,25 @@ do {									\
 })
 
 #ifdef CONFIG_PPC_BOOK3S_64
+#define NOSPEC_BARRIER_SLOT   nop
+#elif defined(CONFIG_PPC_FSL_BOOK3E)
+#define NOSPEC_BARRIER_SLOT   nop; nop
+#endif /* CONFIG_PPC_BOOK3S_64 */
+
+#ifdef CONFIG_PPC_NOSPEC
 /*
  * Prevent execution of subsequent instructions until preceding branches have
  * been fully resolved and are no longer executing speculatively.
  */
-#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; nop
+#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; NOSPEC_BARRIER_SLOT
 
 // This also acts as a compiler barrier due to the memory clobber.
 #define barrier_nospec() asm (stringify_in_c(barrier_nospec_asm) ::: "memory")
 
-#else /* !CONFIG_PPC_BOOK3S_64 */
+#else /* !CONFIG_PPC_NOSPEC */
 #define barrier_nospec_asm
 #define barrier_nospec()
-#endif
+#endif /* CONFIG_PPC_NOSPEC */
 
 #include <asm-generic/barrier.h>
 
diff --git a/arch/powerpc/include/asm/setup.h b/arch/powerpc/include/asm/setup.h
index 8721fd0..a794a40 100644
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -52,11 +52,15 @@ enum l1d_flush_type {
 
 void setup_rfi_flush(enum l1d_flush_type, bool enable);
 void do_rfi_flush_fixups(enum l1d_flush_type types);
+#ifdef CONFIG_PPC_NOSPEC
 void setup_barrier_nospec(void);
+#else
+static inline void setup_barrier_nospec(void) { };
+#endif
 void do_barrier_nospec_fixups(bool enable);
 extern bool barrier_nospec_enabled;
 
-#ifdef CONFIG_PPC_BOOK3S_64
+#ifdef CONFIG_PPC_NOSPEC
 void do_barrier_nospec_fixups_range(bool enable, void *start, void *end);
 #else
 static inline void do_barrier_nospec_fixups_range(bool enable, void *start, void *end) { };
diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile
index 2b4c40b2..cd0eb38 100644
--- a/arch/powerpc/kernel/Makefile
+++ b/arch/powerpc/kernel/Makefile
@@ -42,9 +42,10 @@ obj-$(CONFIG_VDSO32)		+= vdso32/
 obj-$(CONFIG_PPC_WATCHDOG)	+= watchdog.o
 obj-$(CONFIG_HAVE_HW_BREAKPOINT)	+= hw_breakpoint.o
 obj-$(CONFIG_PPC_BOOK3S_64)	+= cpu_setup_ppc970.o cpu_setup_pa6t.o
-obj-$(CONFIG_PPC_BOOK3S_64)	+= cpu_setup_power.o security.o
+obj-$(CONFIG_PPC_BOOK3S_64)	+= cpu_setup_power.o
 obj-$(CONFIG_PPC_BOOK3S_64)	+= mce.o mce_power.o
 obj-$(CONFIG_PPC_BOOK3E_64)	+= exceptions-64e.o idle_book3e.o
+obj-$(CONFIG_PPC_NOSPEC) += security.o
 obj-$(CONFIG_PPC64)		+= vdso64/
 obj-$(CONFIG_ALTIVEC)		+= vecemu.o
 obj-$(CONFIG_PPC_970_NAP)	+= idle_power4.o
diff --git a/arch/powerpc/kernel/module.c b/arch/powerpc/kernel/module.c
index 1b3c683..a0c4967 100644
--- a/arch/powerpc/kernel/module.c
+++ b/arch/powerpc/kernel/module.c
@@ -72,13 +72,15 @@ int module_finalize(const Elf_Ehdr *hdr,
 		do_feature_fixups(powerpc_firmware_features,
 				  (void *)sect->sh_addr,
 				  (void *)sect->sh_addr + sect->sh_size);
+#endif /* CONFIG_PPC64 */
 
+#if defined(CONFIG_PPC64) || defined(CONFIG_PPC_FSL_BOOK3E)
 	sect = find_section(hdr, sechdrs, "__spec_barrier_fixup");
 	if (sect != NULL)
 		do_barrier_nospec_fixups_range(barrier_nospec_enabled,
 				  (void *)sect->sh_addr,
 				  (void *)sect->sh_addr + sect->sh_size);
-#endif
+#endif /* CONFIG_PPC64 || CONFIG_PPC_FSL_BOOK3E */
 
 	sect = find_section(hdr, sechdrs, "__lwsync_fixup");
 	if (sect != NULL)
diff --git a/arch/powerpc/kernel/setup-common.c b/arch/powerpc/kernel/setup-common.c
index 40b44bb..93fa0c9 100644
--- a/arch/powerpc/kernel/setup-common.c
+++ b/arch/powerpc/kernel/setup-common.c
@@ -972,6 +972,8 @@ void __init setup_arch(char **cmdline_p)
 	if (ppc_md.setup_arch)
 		ppc_md.setup_arch();
 
+	setup_barrier_nospec();
+
 	paging_init();
 
 	/* Initialize the MMU context management stuff. */
diff --git a/arch/powerpc/kernel/vmlinux.lds.S b/arch/powerpc/kernel/vmlinux.lds.S
index 5baac79..6087b02 100644
--- a/arch/powerpc/kernel/vmlinux.lds.S
+++ b/arch/powerpc/kernel/vmlinux.lds.S
@@ -153,14 +153,16 @@ SECTIONS
 		*(__rfi_flush_fixup)
 		__stop___rfi_flush_fixup = .;
 	}
+#endif /* CONFIG_PPC64 */
 
+#if defined(CONFIG_PPC64) || defined(CONFIG_PPC_FSL_BOOK3E)
 	. = ALIGN(8);
 	__spec_barrier_fixup : AT(ADDR(__spec_barrier_fixup) - LOAD_OFFSET) {
 		__start___barrier_nospec_fixup = .;
 		*(__barrier_nospec_fixup)
 		__stop___barrier_nospec_fixup = .;
 	}
-#endif
+#endif /* CONFIG_PPC64 || CONFIG_PPC_FSL_BOOK3E */
 
 	EXCEPTION_TABLE(0)
 
diff --git a/arch/powerpc/lib/feature-fixups.c b/arch/powerpc/lib/feature-fixups.c
index 8b69f86..41f372e 100644
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c
@@ -304,6 +304,9 @@ void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_
 	printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
 }
 
+#endif /* CONFIG_PPC_BOOK3S_64 */
+
+#ifdef CONFIG_PPC_NOSPEC
 void do_barrier_nospec_fixups(bool enable)
 {
 	void *start, *end;
@@ -313,8 +316,38 @@ void do_barrier_nospec_fixups(bool enable)
 
 	do_barrier_nospec_fixups_range(enable, start, end);
 }
+#endif /* CONFIG_PPC_NOSPEC */
 
-#endif /* CONFIG_PPC_BOOK3S_64 */
+#ifdef CONFIG_PPC_FSL_BOOK3E
+void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
+{
+	unsigned int instr[2], *dest;
+	long *start, *end;
+	int i;
+
+	start = fixup_start;
+	end = fixup_end;
+
+	instr[0] = PPC_INST_NOP;
+	instr[1] = PPC_INST_NOP;
+
+	if (enable) {
+		pr_info("barrier-nospec: using isync; sync as speculation barrier\n");
+		instr[0] = PPC_INST_ISYNC;
+		instr[1] = PPC_INST_SYNC;
+	}
+
+	for (i = 0; start < end; start++, i++) {
+		dest = (void *)start + *start;
+
+		pr_devel("patching dest %lx\n", (unsigned long)dest);
+		patch_instruction(dest, instr[0]);
+		patch_instruction(dest + 1, instr[1]);
+	}
+
+	printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
+}
+#endif /* CONFIG_PPC_FSL_BOOK3E */
 
 void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
 {
diff --git a/arch/powerpc/platforms/powernv/setup.c b/arch/powerpc/platforms/powernv/setup.c
index f96df0a..1ab6dc7 100644
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -124,7 +124,6 @@ static void pnv_setup_rfi_flush(void)
 		  security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
 
 	setup_rfi_flush(type, enable);
-	setup_barrier_nospec();
 }
 
 static void __init pnv_setup_arch(void)
diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c
index 139f0af..fdb32e0 100644
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -534,7 +534,6 @@ void pseries_setup_rfi_flush(void)
 		 security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR);
 
 	setup_rfi_flush(types, enable);
-	setup_barrier_nospec();
 }
 
 #ifdef CONFIG_PCI_IOV
-- 
2.5.5

[PATCH v4 6/6] powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms

[Diana Craciun]

Used barrier_nospec to sanitize the syscall table.

Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
---
History:

v2-->v3
- included in the series

 arch/powerpc/kernel/entry_32.S | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index 973577f..8f05280 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -33,6 +33,7 @@
 #include <asm/unistd.h>
 #include <asm/ptrace.h>
 #include <asm/export.h>
+#include <asm/barrier.h>
 
 /*
  * MSR_KERNEL is > 0x10000 on 4xx/Book-E since it include MSR_CE.
@@ -358,6 +359,15 @@ syscall_dotrace_cont:
 	ori	r10,r10,sys_call_table@l
 	slwi	r0,r0,2
 	bge-	66f
+
+	barrier_nospec_asm
+	/*
+	 * Prevent the load of the handler below (based on the user-passed
+	 * system call number) being speculatively executed until the test
+	 * against NR_syscalls and branch to .66f above has
+	 * committed.
+	 */
+
 	lwzx	r10,r10,r0	/* Fetch system call handler [ptr] */
 	mtlr	r10
 	addi	r9,r1,STACK_FRAME_OVERHEAD
-- 
2.5.5

Re: [PATCH v4 0/6] powerpc/fsl: Speculation barrier for NXP PowerPC Book3E

[LEROY Christophe]

Diana Craciun <diana.craciun@nxp.com> a =C3=A9crit=C2=A0:

> Implement barrier_nospec for NXP PowerPC Book3E processors.
>
> Diana Craciun (6):
>   Disable the speculation barrier from the command line
>   Document nospectre_v1 kernel parameter.
>   Make stf barrier PPC_BOOK3S_64 specific.
>   Enable cpu vulnerabilities reporting for NXP PPC BOOK3E
>   Add barrier_nospec implementation for NXP PowerPC Book3E
>   powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit
>     platforms

This list doesn't corresponds to the names of following 6 patches

Christophe

>
>  Documentation/admin-guide/kernel-parameters.txt |  4 +++
>  arch/powerpc/Kconfig                            |  7 ++++-
>  arch/powerpc/include/asm/barrier.h              | 12 ++++++---
>  arch/powerpc/include/asm/setup.h                |  6 ++++-
>  arch/powerpc/kernel/Makefile                    |  3 ++-
>  arch/powerpc/kernel/entry_32.S                  | 10 +++++++
>  arch/powerpc/kernel/module.c                    |  4 ++-
>  arch/powerpc/kernel/security.c                  | 17 +++++++++++-
>  arch/powerpc/kernel/setup-common.c              |  2 ++
>  arch/powerpc/kernel/vmlinux.lds.S               |  4 ++-
>  arch/powerpc/lib/feature-fixups.c               | 35=20=20
>=20++++++++++++++++++++++++-
>  arch/powerpc/platforms/powernv/setup.c          |  1 -
>  arch/powerpc/platforms/pseries/setup.c          |  1 -
>  13 files changed, 94 insertions(+), 12 deletions(-)
>
> --
> History:
> v3 --> v4
> - fixed compilation issues
>
> v2 --> v3
> - addressed review comments
> - included the 32bit sanitization in the same patch series
>
> v1 --> v2
> - added implementation for cpu_show_spectre_x functions
> - the mitigation is no longer enabled through device tree options
>
> 2.5.5