From patchwork Fri Apr 6 00:08:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tyler Hicks X-Patchwork-Id: 895565 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 40HKmB0QrBz9s21; Fri, 6 Apr 2018 10:08:26 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1f4EvR-0006uc-5j; Fri, 06 Apr 2018 00:08:17 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1f4EvP-0006uO-0I for kernel-team@lists.ubuntu.com; Fri, 06 Apr 2018 00:08:15 +0000 Received: from 2.general.tyhicks.us.vpn ([10.172.64.53] helo=sec) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1f4EvO-0002ni-IV for kernel-team@lists.ubuntu.com; Fri, 06 Apr 2018 00:08:14 +0000 Date: Fri, 6 Apr 2018 00:08:12 +0000 From: Tyler Hicks To: kernel-team@lists.ubuntu.com Subject: [BIONIC][PULL] Additional spectre and meltdown patches for ppc64el Message-ID: <20180406000756.GA5466@sec> MIME-Version: 1.0 User-Agent: Mutt/1.5.24 (2015-08-30) X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1760099 These are all clean cherry picks from linux-next. The changes have not yet been merged by Linus but I expect them to be during the current merge window. I've reviewed the patches and they look straightforward. They're mostly cleanups and improved reporting to userspace. They all share a common BugLink but each patch is either specific to a single CVE or all three Spectre/Meltdown CVEs. I listed the specific CVE, or all three, in each patch's commit message but I'm not sure if that was the right thing to do. Splitting the patch set out into separate pull requests is almost certainly not the right thing to do. Let me know if this causes problems with the automated changelog generation and I can adjust the commit messages. The following changes since commit be1171dce6c7dec2bae35061963f08a0e4d5b7f9: UBUNTU: [Config] CONFIG_BLK_DEV_NMVE=m (2018-04-05 08:30:29 -0500) are available in the git repository at: https://git.launchpad.net/~tyhicks/ubuntu/+source/linux/+git/bionic lp1760099-ppc-meltdown-spectre for you to fetch changes up to 275060e52218a903312e6f63025f7cc7c4f5e5dc: powerpc/64s: Wire up cpu_show_spectre_v2() (2018-04-05 23:41:06 +0000) ---------------------------------------------------------------- Mauricio Faria de Oliveira (1): powerpc/rfi-flush: Differentiate enabled and patched flush types Michael Ellerman (14): powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again powerpc/rfi-flush: Always enable fallback flush on pseries powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags powerpc: Add security feature flags for Spectre/Meltdown powerpc/pseries: Set or clear security feature flags powerpc/powernv: Set or clear security feature flags powerpc/64s: Move cpu_show_meltdown() powerpc/64s: Enhance the information in cpu_show_meltdown() powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() powerpc/64s: Wire up cpu_show_spectre_v1() powerpc/64s: Wire up cpu_show_spectre_v2() arch/powerpc/include/asm/hvcall.h | 3 + arch/powerpc/include/asm/security_features.h | 66 +++++++++++++++++++ arch/powerpc/include/asm/setup.h | 2 +- arch/powerpc/kernel/Makefile | 2 +- arch/powerpc/kernel/security.c | 93 +++++++++++++++++++++++++++ arch/powerpc/kernel/setup_64.c | 33 +++++----- arch/powerpc/lib/feature-fixups.c | 9 ++- arch/powerpc/platforms/powernv/setup.c | 95 +++++++++++++++++++--------- arch/powerpc/platforms/pseries/mobility.c | 3 + arch/powerpc/platforms/pseries/pseries.h | 2 + arch/powerpc/platforms/pseries/setup.c | 72 +++++++++++++++------ 11 files changed, 310 insertions(+), 70 deletions(-) create mode 100644 arch/powerpc/include/asm/security_features.h create mode 100644 arch/powerpc/kernel/security.c Acked-by: Kamal Mostafa