releases/4.14.110/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch

   1 From foo@baz Fri Mar 29 15:53:50 CET 2019
   2 From: Michael Ellerman <mpe@ellerman.id.au>
   3 Date: Fri, 29 Mar 2019 22:26:08 +1100
   4 Subject: powerpc/fsl: Add infrastructure to fixup branch predictor flush
   5 To: stable@vger.kernel.org, gregkh@linuxfoundation.org
   6 Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, christophe.leroy@c-s.fr
   7 Message-ID: <20190329112620.14489-21-mpe@ellerman.id.au>
   8
   9 From: Diana Craciun <diana.craciun@nxp.com>
  10
  11 commit 76a5eaa38b15dda92cd6964248c39b5a6f3a4e9d upstream.
  12
  13 In order to protect against speculation attacks (Spectre
  14 variant 2) on NXP PowerPC platforms, the branch predictor
  15 should be flushed when the privillege level is changed.
  16 This patch is adding the infrastructure to fixup at runtime
  17 the code sections that are performing the branch predictor flush
  18 depending on a boot arg parameter which is added later in a
  19 separate patch.
  20
  21 Signed-off-by: Diana Craciun <diana.craciun@nxp.com>
  22 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
  23 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  24 ---
  25  arch/powerpc/include/asm/feature-fixups.h |   12 ++++++++++++
  26  arch/powerpc/include/asm/setup.h          |    2 ++
  27  arch/powerpc/kernel/vmlinux.lds.S         |    8 ++++++++
  28  arch/powerpc/lib/feature-fixups.c         |   23 +++++++++++++++++++++++
  29  4 files changed, 45 insertions(+)
  30
  31 --- a/arch/powerpc/include/asm/feature-fixups.h
  32 +++ b/arch/powerpc/include/asm/feature-fixups.h
  33 @@ -219,6 +219,17 @@ label##3:                                          \
  34         FTR_ENTRY_OFFSET 953b-954b;                     \
  35         .popsection;
  36
  37 +#define START_BTB_FLUSH_SECTION                        \
  38 +955:                                                   \
  39 +
  40 +#define END_BTB_FLUSH_SECTION                  \
  41 +956:                                                   \
  42 +       .pushsection __btb_flush_fixup,"a";     \
  43 +       .align 2;                                                       \
  44 +957:                                           \
  45 +       FTR_ENTRY_OFFSET 955b-957b;                     \
  46 +       FTR_ENTRY_OFFSET 956b-957b;                     \
  47 +       .popsection;
  48
  49  #ifndef __ASSEMBLY__
  50  #include <linux/types.h>
  51 @@ -228,6 +239,7 @@ extern long __start___stf_entry_barrier_
  52  extern long __start___stf_exit_barrier_fixup, __stop___stf_exit_barrier_fixup;
  53  extern long __start___rfi_flush_fixup, __stop___rfi_flush_fixup;
  54  extern long __start___barrier_nospec_fixup, __stop___barrier_nospec_fixup;
  55 +extern long __start__btb_flush_fixup, __stop__btb_flush_fixup;
  56
  57  void apply_feature_fixups(void);
  58  void setup_feature_keys(void);
  59 --- a/arch/powerpc/include/asm/setup.h
  60 +++ b/arch/powerpc/include/asm/setup.h
  61 @@ -66,6 +66,8 @@ void do_barrier_nospec_fixups_range(bool
  62  static inline void do_barrier_nospec_fixups_range(bool enable, void *start, void *end) { };
  63  #endif
  64
  65 +void do_btb_flush_fixups(void);
  66 +
  67  #endif /* !__ASSEMBLY__ */
  68
  69  #endif /* _ASM_POWERPC_SETUP_H */
  70 --- a/arch/powerpc/kernel/vmlinux.lds.S
  71 +++ b/arch/powerpc/kernel/vmlinux.lds.S
  72 @@ -164,6 +164,14 @@ SECTIONS
  73         }
  74  #endif /* CONFIG_PPC_BARRIER_NOSPEC */
  75
  76 +#ifdef CONFIG_PPC_FSL_BOOK3E
  77 +       . = ALIGN(8);
  78 +       __spec_btb_flush_fixup : AT(ADDR(__spec_btb_flush_fixup) - LOAD_OFFSET) {
  79 +               __start__btb_flush_fixup = .;
  80 +               *(__btb_flush_fixup)
  81 +               __stop__btb_flush_fixup = .;
  82 +       }
  83 +#endif
  84         EXCEPTION_TABLE(0)
  85
  86         NOTES :kernel :notes
  87 --- a/arch/powerpc/lib/feature-fixups.c
  88 +++ b/arch/powerpc/lib/feature-fixups.c
  89 @@ -347,6 +347,29 @@ void do_barrier_nospec_fixups_range(bool
  90
  91         printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
  92  }
  93 +
  94 +static void patch_btb_flush_section(long *curr)
  95 +{
  96 +       unsigned int *start, *end;
  97 +
  98 +       start = (void *)curr + *curr;
  99 +       end = (void *)curr + *(curr + 1);
 100 +       for (; start < end; start++) {
 101 +               pr_devel("patching dest %lx\n", (unsigned long)start);
 102 +               patch_instruction(start, PPC_INST_NOP);
 103 +       }
 104 +}
 105 +
 106 +void do_btb_flush_fixups(void)
 107 +{
 108 +       long *start, *end;
 109 +
 110 +       start = PTRRELOC(&__start__btb_flush_fixup);
 111 +       end = PTRRELOC(&__stop__btb_flush_fixup);
 112 +
 113 +       for (; start < end; start += 2)
 114 +               patch_btb_flush_section(start);
 115 +}
 116  #endif /* CONFIG_PPC_FSL_BOOK3E */
 117
 118  void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)