queue-4.4/powerpc-pseries-restore-default-security-feature-flags-on-setup.patch

   1 From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
   2 From: Michael Ellerman <mpe@ellerman.id.au>
   3 Date: Mon, 22 Apr 2019 00:20:07 +1000
   4 Subject: powerpc/pseries: Restore default security feature flags on setup
   5 To: stable@vger.kernel.org, gregkh@linuxfoundation.org
   6 Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
   7 Message-ID: <20190421142037.21881-23-mpe@ellerman.id.au>
   8
   9 From: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
  10
  11 commit 6232774f1599028a15418179d17f7df47ede770a upstream.
  12
  13 After migration the security feature flags might have changed (e.g.,
  14 destination system with unpatched firmware), but some flags are not
  15 set/clear again in init_cpu_char_feature_flags() because it assumes
  16 the security flags to be the defaults.
  17
  18 Additionally, if the H_GET_CPU_CHARACTERISTICS hypercall fails then
  19 init_cpu_char_feature_flags() does not run again, which potentially
  20 might leave the system in an insecure or sub-optimal configuration.
  21
  22 So, just restore the security feature flags to the defaults assumed
  23 by init_cpu_char_feature_flags() so it can set/clear them correctly,
  24 and to ensure safe settings are in place in case the hypercall fail.
  25
  26 Fixes: f636c14790ea ("powerpc/pseries: Set or clear security feature flags")
  27 Depends-on: 19887d6a28e2 ("powerpc: Move default security feature flags")
  28 Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
  29 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
  30 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  31 ---
  32  arch/powerpc/platforms/pseries/setup.c |   11 +++++++++++
  33  1 file changed, 11 insertions(+)
  34
  35 --- a/arch/powerpc/platforms/pseries/setup.c
  36 +++ b/arch/powerpc/platforms/pseries/setup.c
  37 @@ -502,6 +502,10 @@ static void __init find_and_init_phbs(vo
  38
  39  static void init_cpu_char_feature_flags(struct h_cpu_char_result *result)
  40  {
  41 +       /*
  42 +        * The features below are disabled by default, so we instead look to see
  43 +        * if firmware has *enabled* them, and set them if so.
  44 +        */
  45         if (result->character & H_CPU_CHAR_SPEC_BAR_ORI31)
  46                 security_ftr_set(SEC_FTR_SPEC_BAR_ORI31);
  47
  48 @@ -541,6 +545,13 @@ void pseries_setup_rfi_flush(void)
  49         bool enable;
  50         long rc;
  51
  52 +       /*
  53 +        * Set features to the defaults assumed by init_cpu_char_feature_flags()
  54 +        * so it can set/clear again any features that might have changed after
  55 +        * migration, and in case the hypercall fails and it is not even called.
  56 +        */
  57 +       powerpc_security_features = SEC_FTR_DEFAULT;
  58 +
  59         rc = plpar_get_cpu_characteristics(&result);
  60         if (rc == H_SUCCESS)
  61                 init_cpu_char_feature_flags(&result);