]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/blob - queue-4.4/powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
projects / thirdparty / kernel / stable-queue.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
4.4-stable patches
[thirdparty/kernel/stable-queue.git] / queue-4.4 / powerpc-powernv-use-the-security-flags-in-pnv_setup_rfi_flush.patch
1 From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
2 From: Michael Ellerman <mpe@ellerman.id.au>
3 Date: Mon, 22 Apr 2019 00:20:01 +1000
4 Subject: powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
5 To: stable@vger.kernel.org, gregkh@linuxfoundation.org
6 Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
7 Message-ID: <20190421142037.21881-17-mpe@ellerman.id.au>
8
9 From: Michael Ellerman <mpe@ellerman.id.au>
10
11 commit 37c0bdd00d3ae83369ab60a6712c28e11e6458d5 upstream.
12
13 Now that we have the security flags we can significantly simplify the
14 code in pnv_setup_rfi_flush(), because we can use the flags instead of
15 checking device tree properties and because the security flags have
16 pessimistic defaults.
17
18 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
19 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
20 ---
21 arch/powerpc/platforms/powernv/setup.c | 41 ++++++++-------------------------
22 1 file changed, 10 insertions(+), 31 deletions(-)
23
24 --- a/arch/powerpc/platforms/powernv/setup.c
25 +++ b/arch/powerpc/platforms/powernv/setup.c
26 @@ -65,7 +65,7 @@ static void init_fw_feat_flags(struct de
27 if (fw_feature_is("enabled", "fw-bcctrl-serialized", np))
28 security_ftr_set(SEC_FTR_BCCTRL_SERIALISED);
29
30 - if (fw_feature_is("enabled", "inst-spec-barrier-ori31,31,0", np))
31 + if (fw_feature_is("enabled", "inst-l1d-flush-ori30,30,0", np))
32 security_ftr_set(SEC_FTR_L1D_FLUSH_ORI30);
33
34 if (fw_feature_is("enabled", "inst-l1d-flush-trig2", np))
35 @@ -98,11 +98,10 @@ static void pnv_setup_rfi_flush(void)
36 {
37 struct device_node *np, *fw_features;
38 enum l1d_flush_type type;
39 - int enable;
40 + bool enable;
41
42 /* Default to fallback in case fw-features are not available */
43 type = L1D_FLUSH_FALLBACK;
44 - enable = 1;
45
46 np = of_find_node_by_name(NULL, "ibm,opal");
47 fw_features = of_get_child_by_name(np, "fw-features");
48 @@ -110,40 +109,20 @@ static void pnv_setup_rfi_flush(void)
49
50 if (fw_features) {
51 init_fw_feat_flags(fw_features);
52 + of_node_put(fw_features);
53
54 - np = of_get_child_by_name(fw_features, "inst-l1d-flush-trig2");
55 - if (np && of_property_read_bool(np, "enabled"))
56 + if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_TRIG2))
57 type = L1D_FLUSH_MTTRIG;
58
59 - of_node_put(np);
60 -
61 - np = of_get_child_by_name(fw_features, "inst-l1d-flush-ori30,30,0");
62 - if (np && of_property_read_bool(np, "enabled"))
63 + if (security_ftr_enabled(SEC_FTR_L1D_FLUSH_ORI30))
64 type = L1D_FLUSH_ORI;
65 -
66 - of_node_put(np);
67 -
68 - /* Enable unless firmware says NOT to */
69 - enable = 2;
70 - np = of_get_child_by_name(fw_features, "needs-l1d-flush-msr-hv-1-to-0");
71 - if (np && of_property_read_bool(np, "disabled"))
72 - enable--;
73 -
74 - of_node_put(np);
75 -
76 - np = of_get_child_by_name(fw_features, "needs-l1d-flush-msr-pr-0-to-1");
77 - if (np && of_property_read_bool(np, "disabled"))
78 - enable--;
79 -
80 - np = of_get_child_by_name(fw_features, "speculation-policy-favor-security");
81 - if (np && of_property_read_bool(np, "disabled"))
82 - enable = 0;
83 -
84 - of_node_put(np);
85 - of_node_put(fw_features);
86 }
87
88 - setup_rfi_flush(type, enable > 0);
89 + enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) && \
90 + (security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR) || \
91 + security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
92 +
93 + setup_rfi_flush(type, enable);
94 }
95
96 static void __init pnv_setup_arch(void)
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git