diff options
Diffstat (limited to 'arch/powerpc/kernel/security.c')
| -rw-r--r-- | arch/powerpc/kernel/security.c | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index f6f469fc4073..9b8631533e02 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c | |||
| @@ -4,6 +4,7 @@ | |||
| 4 | // | 4 | // |
| 5 | // Copyright 2018, Michael Ellerman, IBM Corporation. | 5 | // Copyright 2018, Michael Ellerman, IBM Corporation. |
| 6 | 6 | ||
| 7 | #include <linux/cpu.h> | ||
| 7 | #include <linux/kernel.h> | 8 | #include <linux/kernel.h> |
| 8 | #include <linux/device.h> | 9 | #include <linux/device.h> |
| 9 | #include <linux/seq_buf.h> | 10 | #include <linux/seq_buf.h> |
| @@ -22,10 +23,14 @@ enum count_cache_flush_type { | |||
| 22 | COUNT_CACHE_FLUSH_SW = 0x2, | 23 | COUNT_CACHE_FLUSH_SW = 0x2, |
| 23 | COUNT_CACHE_FLUSH_HW = 0x4, | 24 | COUNT_CACHE_FLUSH_HW = 0x4, |
| 24 | }; | 25 | }; |
| 25 | static enum count_cache_flush_type count_cache_flush_type; | 26 | static enum count_cache_flush_type count_cache_flush_type = COUNT_CACHE_FLUSH_NONE; |
| 26 | 27 | ||
| 27 | bool barrier_nospec_enabled; | 28 | bool barrier_nospec_enabled; |
| 28 | static bool no_nospec; | 29 | static bool no_nospec; |
| 30 | static bool btb_flush_enabled; | ||
| 31 | #ifdef CONFIG_PPC_FSL_BOOK3E | ||
| 32 | static bool no_spectrev2; | ||
| 33 | #endif | ||
| 29 | 34 | ||
| 30 | static void enable_barrier_nospec(bool enable) | 35 | static void enable_barrier_nospec(bool enable) |
| 31 | { | 36 | { |
| @@ -101,6 +106,23 @@ static __init int barrier_nospec_debugfs_init(void) | |||
| 101 | device_initcall(barrier_nospec_debugfs_init); | 106 | device_initcall(barrier_nospec_debugfs_init); |
| 102 | #endif /* CONFIG_DEBUG_FS */ | 107 | #endif /* CONFIG_DEBUG_FS */ |
| 103 | 108 | ||
| 109 | #ifdef CONFIG_PPC_FSL_BOOK3E | ||
| 110 | static int __init handle_nospectre_v2(char *p) | ||
| 111 | { | ||
| 112 | no_spectrev2 = true; | ||
| 113 | |||
| 114 | return 0; | ||
| 115 | } | ||
| 116 | early_param("nospectre_v2", handle_nospectre_v2); | ||
| 117 | void setup_spectre_v2(void) | ||
| 118 | { | ||
| 119 | if (no_spectrev2) | ||
| 120 | do_btb_flush_fixups(); | ||
| 121 | else | ||
| 122 | btb_flush_enabled = true; | ||
| 123 | } | ||
| 124 | #endif /* CONFIG_PPC_FSL_BOOK3E */ | ||
| 125 | |||
| 104 | #ifdef CONFIG_PPC_BOOK3S_64 | 126 | #ifdef CONFIG_PPC_BOOK3S_64 |
| 105 | ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) | 127 | ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) |
| 106 | { | 128 | { |
| @@ -191,8 +213,11 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c | |||
| 191 | 213 | ||
| 192 | if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) | 214 | if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW) |
| 193 | seq_buf_printf(&s, "(hardware accelerated)"); | 215 | seq_buf_printf(&s, "(hardware accelerated)"); |
| 194 | } else | 216 | } else if (btb_flush_enabled) { |
| 217 | seq_buf_printf(&s, "Mitigation: Branch predictor state flush"); | ||
| 218 | } else { | ||
| 195 | seq_buf_printf(&s, "Vulnerable"); | 219 | seq_buf_printf(&s, "Vulnerable"); |
| 220 | } | ||
| 196 | 221 | ||
| 197 | seq_buf_printf(&s, "\n"); | 222 | seq_buf_printf(&s, "\n"); |
| 198 | 223 | ||