[PATCH] powerpc/security: Fix spectre_v2 reporting
When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 9b8631533e02..b33bafb8fcea 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { -- 2.20.1
Re: powerpc/security: Fix spectre_v2 reporting
On Thu, 2019-03-21 at 04:24:33 UTC, Michael Ellerman wrote: > When I updated the spectre_v2 reporting to handle software count cache > flush I got the logic wrong when there's no software count cache > enabled at all. > > The result is that on systems with the software count cache flush > disabled we print: > > Mitigation: Indirect branch cache disabled, Software count cache flush > > Which correctly indicates that the count cache is disabled, but > incorrectly says the software count cache flush is enabled. > > The root of the problem is that we are trying to handle all > combinations of options. But we know now that we only expect to see > the software count cache flush enabled if the other options are false. > > So split the two cases, which simplifies the logic and fixes the bug. > We were also missing a space before "(hardware accelerated)". > > The result is we see one of: > > Mitigation: Indirect branch serialisation (kernel only) > Mitigation: Indirect branch cache disabled > Mitigation: Software count cache flush > Mitigation: Software count cache flush (hardware accelerated) > > Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache > flush") > Cc: sta...@vger.kernel.org # v4.19+ > Signed-off-by: Michael Ellerman > Reviewed-by: Michael Neuling > Reviewed-by: Diana Craciun Applied to powerpc fixes. https://git.kernel.org/powerpc/c/92edf8df0ff2ae86cc632eeca0e651fd cheers
Re: [PATCH] powerpc/security: Fix spectre_v2 reporting
On Thu, 2019-03-21 at 15:24 +1100, Michael Ellerman wrote: > When I updated the spectre_v2 reporting to handle software count cache > flush I got the logic wrong when there's no software count cache > enabled at all. > > The result is that on systems with the software count cache flush > disabled we print: > > Mitigation: Indirect branch cache disabled, Software count cache flush > > Which correctly indicates that the count cache is disabled, but > incorrectly says the software count cache flush is enabled. > > The root of the problem is that we are trying to handle all > combinations of options. But we know now that we only expect to see > the software count cache flush enabled if the other options are false. > > So split the two cases, which simplifies the logic and fixes the bug. > We were also missing a space before "(hardware accelerated)". > > The result is we see one of: > > Mitigation: Indirect branch serialisation (kernel only) > Mitigation: Indirect branch cache disabled > Mitigation: Software count cache flush > Mitigation: Software count cache flush (hardware accelerated) > > Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache > flush") > Cc: sta...@vger.kernel.org # v4.19+ > Signed-off-by: Michael Ellerman LGTM Reviewed-by: Michael Neuling > --- > arch/powerpc/kernel/security.c | 23 --- > 1 file changed, 8 insertions(+), 15 deletions(-) > > diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c > index 9b8631533e02..b33bafb8fcea 100644 > --- a/arch/powerpc/kernel/security.c > +++ b/arch/powerpc/kernel/security.c > @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct > device_attribute *attr, c > bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); > ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); > > - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { > - bool comma = false; > + if (bcs || ccd) { > seq_buf_printf(&s, "Mitigation: "); > > - if (bcs) { > + if (bcs) > seq_buf_printf(&s, "Indirect branch serialisation > (kernel only)"); > - comma = true; > - } > > - if (ccd) { > - if (comma) > - seq_buf_printf(&s, ", "); > - seq_buf_printf(&s, "Indirect branch cache disabled"); > - comma = true; > - } > - > - if (comma) > + if (bcs && ccd) > seq_buf_printf(&s, ", "); > > - seq_buf_printf(&s, "Software count cache flush"); > + if (ccd) > + seq_buf_printf(&s, "Indirect branch cache disabled"); > + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { > + seq_buf_printf(&s, "Mitigation: Software count cache flush"); > > if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) > - seq_buf_printf(&s, "(hardware accelerated)"); > + seq_buf_printf(&s, " (hardware accelerated)"); > } else if (btb_flush_enabled) { > seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); > } else {
Re: [PATCH] powerpc/security: Fix spectre_v2 reporting
Reviewed-by: Diana Craciun On 3/21/2019 6:24 AM, Michael Ellerman wrote: > When I updated the spectre_v2 reporting to handle software count cache > flush I got the logic wrong when there's no software count cache > enabled at all. > > The result is that on systems with the software count cache flush > disabled we print: > > Mitigation: Indirect branch cache disabled, Software count cache flush > > Which correctly indicates that the count cache is disabled, but > incorrectly says the software count cache flush is enabled. > > The root of the problem is that we are trying to handle all > combinations of options. But we know now that we only expect to see > the software count cache flush enabled if the other options are false. > > So split the two cases, which simplifies the logic and fixes the bug. > We were also missing a space before "(hardware accelerated)". > > The result is we see one of: > > Mitigation: Indirect branch serialisation (kernel only) > Mitigation: Indirect branch cache disabled > Mitigation: Software count cache flush > Mitigation: Software count cache flush (hardware accelerated) > > Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache > flush") > Cc: sta...@vger.kernel.org # v4.19+ > Signed-off-by: Michael Ellerman > --- > arch/powerpc/kernel/security.c | 23 --- > 1 file changed, 8 insertions(+), 15 deletions(-) > > diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c > index 9b8631533e02..b33bafb8fcea 100644 > --- a/arch/powerpc/kernel/security.c > +++ b/arch/powerpc/kernel/security.c > @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct > device_attribute *attr, c > bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); > ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); > > - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { > - bool comma = false; > + if (bcs || ccd) { > seq_buf_printf(&s, "Mitigation: "); > > - if (bcs) { > + if (bcs) > seq_buf_printf(&s, "Indirect branch serialisation > (kernel only)"); > - comma = true; > - } > > - if (ccd) { > - if (comma) > - seq_buf_printf(&s, ", "); > - seq_buf_printf(&s, "Indirect branch cache disabled"); > - comma = true; > - } > - > - if (comma) > + if (bcs && ccd) > seq_buf_printf(&s, ", "); > > - seq_buf_printf(&s, "Software count cache flush"); > + if (ccd) > + seq_buf_printf(&s, "Indirect branch cache disabled"); > + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { > + seq_buf_printf(&s, "Mitigation: Software count cache flush"); > > if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) > - seq_buf_printf(&s, "(hardware accelerated)"); > + seq_buf_printf(&s, " (hardware accelerated)"); > } else if (btb_flush_enabled) { > seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); > } else {
[PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting
commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 720a7a912d0d..48b50fb8dc4b 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -189,29 +189,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { -- 2.20.1
[PATCH stable v4.9 35/35] powerpc/security: Fix spectre_v2 reporting
commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 43ce800e73bf..30542e833ebe 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { -- 2.20.1
[PATCH stable v4.4 51/52] powerpc/security: Fix spectre_v2 reporting
commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 523466345d79..58f0602a92b9 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { -- 2.20.1
Patch "powerpc/security: Fix spectre_v2 reporting" has been added to the 4.19-stable tree
This is a note to let you know that I've just added the patch titled powerpc/security: Fix spectre_v2 reporting to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-security-fix-spectre_v2-reporting.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 16:04:51 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:20 +1100 Subject: powerpc/security: Fix spectre_v2 reporting To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-33-...@ellerman.id.au> From: Michael Ellerman commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -189,29 +189,22 @@ ssize_t cpu_show_spectre_v2(struct devic bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.19/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.19/powerpc-fsl-update-spectre-v2-reporting.patch queue-4.19/powerpc-fsl-add-macro-to-flush-the-branch-predictor.patch queue-4.19/powerpc-security-fix-spectre_v2-reporting.patch queue-4.19/powerpc-fsl-fix-the-flush-of-branch-predictor.patch queue-4.19/powerpc-fsl-enable-runtime-patching-if-nospectre_v2-boot-arg-is-used.patch queue-4.19/powerpc-fsl-fixed-warning-orphan-section-__btb_flush_fixup.patch queue-4.19/powerpc-fsl-add-nospectre_v2-command-line-argument.patch queue-4.19/powerpc-fsl-add-infrastructure-to-fixup-branch-predictor-flush.patch queue-4.19/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-32-bit.patch queue-4.19/powerpc-fsl-flush-branch-predictor-when-entering-kvm.patch
Patch "powerpc/security: Fix spectre_v2 reporting" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled powerpc/security: Fix spectre_v2 reporting to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-security-fix-spectre_v2-reporting.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST From: Michael Ellerman Date: Mon, 22 Apr 2019 00:20:36 +1000 Subject: powerpc/security: Fix spectre_v2 reporting To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, npig...@gmail.com, christophe.le...@c-s.fr Message-ID: <20190421142037.21881-52-...@ellerman.id.au> From: Michael Ellerman commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct devic bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.4/powerpc-64s-add-support-for-a-store-forwarding-barrier-at-kernel-entry-exit.patch queue-4.4/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.4/powerpc-pseries-set-or-clear-security-feature-flags.patch queue-4.4/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.4/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.4/powerpc-pseries-support-firmware-disable-of-rfi-flush.patch queue-4.4/powerpc-rfi-flush-call-setup_rfi_flush-after-lpm-migration.patch queue-4.4/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.4/powerpc-powernv-set-or-clear-security-feature-flags.patch queue-4.4
Patch "[PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting" has been added to the 4.14-stable tree
This is a note to let you know that I've just added the patch titled [PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-security-fix-spectre_v2-reporting.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From foo@baz Fri Mar 29 15:53:50 CET 2019 From: Michael Ellerman Date: Fri, 29 Mar 2019 22:26:20 +1100 Subject: [PATCH stable v4.14 32/32] powerpc/security: Fix spectre_v2 reporting To: sta...@vger.kernel.org, gre...@linuxfoundation.org Cc: linuxppc-...@ozlabs.org, diana.crac...@nxp.com, msucha...@suse.de, christophe.le...@c-s.fr Message-ID: <20190329112620.14489-33-...@ellerman.id.au> From: Michael Ellerman commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream. When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb249fab ("powerpc/64s: Add support for software count cache flush") Cc: sta...@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman Reviewed-by: Michael Neuling Reviewed-by: Diana Craciun Signed-off-by: Michael Ellerman Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/kernel/security.c | 23 --- 1 file changed, 8 insertions(+), 15 deletions(-) --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -189,29 +189,22 @@ ssize_t cpu_show_spectre_v2(struct devic bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); - if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { - bool comma = false; + if (bcs || ccd) { seq_buf_printf(&s, "Mitigation: "); - if (bcs) { + if (bcs) seq_buf_printf(&s, "Indirect branch serialisation (kernel only)"); - comma = true; - } - if (ccd) { - if (comma) - seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Indirect branch cache disabled"); - comma = true; - } - - if (comma) + if (bcs && ccd) seq_buf_printf(&s, ", "); - seq_buf_printf(&s, "Software count cache flush"); + if (ccd) + seq_buf_printf(&s, "Indirect branch cache disabled"); + } else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) { + seq_buf_printf(&s, "Mitigation: Software count cache flush"); if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) - seq_buf_printf(&s, "(hardware accelerated)"); + seq_buf_printf(&s, " (hardware accelerated)"); } else if (btb_flush_enabled) { seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); } else { Patches currently in stable-queue which might be from m...@ellerman.id.au are queue-4.14/powerpc-fsl-emulate-sprn_bucsr-register.patch queue-4.14/powerpc-64-make-stf-barrier-ppc_book3s_64-specific.patch queue-4.14/powerpc-fsl-fix-spectre_v2-mitigations-reporting.patch queue-4.14/powerpc-64s-patch-barrier_nospec-in-modules.patch queue-4.14/powerpc-pseries-query-hypervisor-for-count-cache-flush-settings.patch queue-4.14/powerpc-64s-add-support-for-software-count-cache-flush.patch queue-4.14/powerpc64s-show-ori31-availability-in-spectre_v1-sysfs-file-not-v2.patch queue-4.14/powerpc-fsl-flush-the-branch-predictor-at-each-kernel-entry-64bit.patch queue-4.14/powerpc-fsl-update-spectre-v2