]>
Commit | Line | Data |
---|---|---|
4fa5b95e GKH |
1 | From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST |
2 | From: Michael Ellerman <mpe@ellerman.id.au> | |
3 | Date: Mon, 22 Apr 2019 00:20:06 +1000 | |
4 | Subject: powerpc: Move default security feature flags | |
5 | To: stable@vger.kernel.org, gregkh@linuxfoundation.org | |
6 | Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr | |
7 | Message-ID: <20190421142037.21881-22-mpe@ellerman.id.au> | |
8 | ||
9 | From: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com> | |
10 | ||
11 | commit e7347a86830f38dc3e40c8f7e28c04412b12a2e7 upstream. | |
12 | ||
13 | This moves the definition of the default security feature flags | |
14 | (i.e., enabled by default) closer to the security feature flags. | |
15 | ||
16 | This can be used to restore current flags to the default flags. | |
17 | ||
18 | Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com> | |
19 | Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> | |
20 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
21 | --- | |
22 | arch/powerpc/include/asm/security_features.h | 8 ++++++++ | |
23 | arch/powerpc/kernel/security.c | 7 +------ | |
24 | 2 files changed, 9 insertions(+), 6 deletions(-) | |
25 | ||
26 | --- a/arch/powerpc/include/asm/security_features.h | |
27 | +++ b/arch/powerpc/include/asm/security_features.h | |
28 | @@ -63,4 +63,12 @@ static inline bool security_ftr_enabled( | |
29 | // Firmware configuration indicates user favours security over performance | |
30 | #define SEC_FTR_FAVOUR_SECURITY 0x0000000000000200ull | |
31 | ||
32 | + | |
33 | +// Features enabled by default | |
34 | +#define SEC_FTR_DEFAULT \ | |
35 | + (SEC_FTR_L1D_FLUSH_HV | \ | |
36 | + SEC_FTR_L1D_FLUSH_PR | \ | |
37 | + SEC_FTR_BNDS_CHK_SPEC_BAR | \ | |
38 | + SEC_FTR_FAVOUR_SECURITY) | |
39 | + | |
40 | #endif /* _ASM_POWERPC_SECURITY_FEATURES_H */ | |
41 | --- a/arch/powerpc/kernel/security.c | |
42 | +++ b/arch/powerpc/kernel/security.c | |
43 | @@ -11,12 +11,7 @@ | |
44 | #include <asm/security_features.h> | |
45 | ||
46 | ||
47 | -unsigned long powerpc_security_features __read_mostly = \ | |
48 | - SEC_FTR_L1D_FLUSH_HV | \ | |
49 | - SEC_FTR_L1D_FLUSH_PR | \ | |
50 | - SEC_FTR_BNDS_CHK_SPEC_BAR | \ | |
51 | - SEC_FTR_FAVOUR_SECURITY; | |
52 | - | |
53 | +unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT; | |
54 | ||
55 | ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) | |
56 | { |