Merge android-4.4.180 (71cb827) into msm-4.4

* refs/heads/tmp-71cb827 Linux 4.4.180 powerpc/lib: fix book3s/32 boot failure due to code patching powerpc/booke64: set RI in default MSR drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl bonding: fix arp_validate toggling in active-backup mode ipv4: Fix raw socket lookup for local traffic vrf: sit mtu should not be updated when vrf netdev is the link vlan: disable SIOCSHWTSTAMP in container packet: Fix error path in packet_init net: ucc_geth - fix Oops when changing number of buffers in the ring bridge: Fix error path for kobject_init_and_add() powerpc/64s: Include cpu header USB: serial: fix unthrottle races USB: serial: use variable for status x86/bugs: Change L1TF mitigation string to match upstream x86/speculation/mds: Fix documentation typo Documentation: Correct the possible MDS sysfs values x86/mds: Add MDSUM variant to the MDS documentation x86/speculation/mds: Add 'mitigations=' support for MDS x86/speculation: Support 'mitigations=' cmdline option cpu/speculation: Add 'mitigations=' cmdline option x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off x86/speculation/mds: Fix comment x86/speculation/mds: Add SMT warning message x86/speculation: Move arch_smt_update() call to after mitigation decisions x86/cpu/bugs: Use __initconst for 'const' init data Documentation: Add MDS vulnerability documentation Documentation: Move L1TF to separate directory x86/speculation/mds: Add mitigation mode VMWERV x86/speculation/mds: Add sysfs reporting for MDS x86/speculation/l1tf: Document l1tf in sysfs x86/speculation/mds: Add mitigation control for MDS x86/speculation/mds: Conditionally clear CPU buffers on idle entry x86/speculation/mds: Clear CPU buffers on exit to user x86/speculation/mds: Add mds_clear_cpu_buffers() x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests x86/speculation/mds: Add BUG_MSBDS_ONLY x86/speculation/mds: Add basic bug infrastructure for MDS x86/speculation: Consolidate CPU whitelists x86/msr-index: Cleanup bit defines kvm: x86: Report STIBP on GET_SUPPORTED_CPUID x86/speculation: Provide IBPB always command line options x86/speculation: Add seccomp Spectre v2 user space protection mode x86/speculation: Enable prctl mode for spectre_v2_user x86/speculation: Add prctl() control for indirect branch speculation x86/speculation: Prevent stale SPEC_CTRL msr content x86/speculation: Prepare arch_smt_update() for PRCTL mode x86/speculation: Split out TIF update x86/speculation: Prepare for conditional IBPB in switch_mm() x86/speculation: Avoid __switch_to_xtra() calls x86/process: Consolidate and simplify switch_to_xtra() code x86/speculation: Prepare for per task indirect branch speculation control x86/speculation: Add command line control for indirect branch speculation x86/speculation: Unify conditional spectre v2 print functions x86/speculataion: Mark command line parser data __initdata x86/speculation: Mark string arrays const correctly x86/speculation: Reorder the spec_v2 code x86/speculation: Rework SMT state change sched: Add sched_smt_active() x86/Kconfig: Select SCHED_SMT if SMP enabled x86/speculation: Reorganize speculation control MSRs update x86/speculation: Rename SSBD update functions x86/speculation: Disable STIBP when enhanced IBRS is in use x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() x86/speculation: Remove unnecessary ret variable in cpu_show_common() x86/speculation: Clean up spectre_v2_parse_cmdline() x86/speculation: Update the TIF_SSBD comment x86/speculation: Propagate information about RSB filling mitigation to sysfs x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation x86/speculation: Apply IBPB more strictly to avoid cross-process data leak x86/mm: Use WRITE_ONCE() when setting PTEs KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled x86/cpu: Sanitize FAM6_ATOM naming x86/microcode: Update the new microcode revision unconditionally x86/microcode: Make sure boot_cpu_data.microcode is up-to-date x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features x86/bugs: Add AMD's SPEC_CTRL MSR usage x86/bugs: Add AMD's variant of SSB_NO x86/speculation: Simplify the CPU bug detection logic x86/speculation: Support Enhanced IBRS on future CPUs x86/cpufeatures: Hide AMD-specific speculation flags x86/MCE: Save microcode revision in machine check records x86/microcode/intel: Check microcode revision before updating sibling threads bitops: avoid integer overflow in GENMASK(_ULL) x86: stop exporting msr-index.h to userland x86/microcode/intel: Add a helper which gives the microcode revision locking/static_keys: Provide DECLARE and well as DEFINE macros Don't jump to compute_result state from check_result state x86/vdso: Pass --eh-frame-hdr to the linker cw1200: fix missing unlock on error in cw1200_hw_scan() gpu: ipu-v3: dp: fix CSC handling selftests/net: correct the return value for run_netsocktests s390: ctcm: fix ctcm_new_device error return code ipvs: do not schedule icmp errors from tunnels init: initialize jump labels before command line option parsing tools lib traceevent: Fix missing equality check for strcmp KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing s390/3270: fix lockdep false positive on view->lock s390/dasd: Fix capacity calculation for large volumes libnvdimm/btt: Fix a kmemdup failure check HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys HID: input: add mapping for Expose/Overview key iio: adc: xilinx: fix potential use-after-free on remove platform/x86: sony-laptop: Fix unintentional fall-through netfilter: compat: initialize all fields in xt_init timer/debug: Change /proc/timer_stats from 0644 to 0600 ASoC: Intel: avoid Oops if DMA setup fails ipv6: fix a potential deadlock in do_ipv6_setsockopt() UAS: fix alignment of scatter/gather segments Bluetooth: Align minimum encryption key size for LE and BR/EDR connections Bluetooth: hidp: fix buffer overflow scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines usb: dwc3: Fix default lpm_nyet_threshold value genirq: Prevent use-after-free and work list corruption iommu/amd: Set exclusion range correctly scsi: csiostor: fix missing data copy in csio_scsi_err_handler() perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS ASoC: tlv320aic32x4: Fix Common Pins ASoC: cs4270: Set auto-increment bit for register writes ASoC:soc-pcm:fix a codec fixup issue in TDM case scsi: libsas: fix a race condition when smp task timeout media: v4l2: i2c: ov7670: Fix PLL bypass register values x86/mce: Improve error message when kernel cannot recover, p2 selinux: never allow relabeling on context mounts Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ staging: iio: adt7316: fix the dac write calculation staging: iio: adt7316: fix the dac read calculation staging: iio: adt7316: allow adt751x to use internal vref for all dacs usb: usbip: fix isoc packet num validation in get_pipe ARM: iop: don't use using 64-bit DMA masks ARM: orion: don't use using 64-bit DMA masks xsysace: Fix error handling in ace_setup hugetlbfs: fix memory leak for resv_map net: hns: Fix WARNING when remove HNS driver with SMMU enabled net: hns: Use NAPI_POLL_WEIGHT for hns driver scsi: storvsc: Fix calculation of sub-channel count vfio/pci: use correct format characters rtc: da9063: set uie_unsupported when relevant debugfs: fix use-after-free on symlink traversal jffs2: fix use-after-free on symlink traversal bonding: show full hw address in sysfs for slave entries igb: Fix WARN_ONCE on runtime suspend rtc: sh: Fix invalid alarm warning for non-enabled alarm HID: debug: fix race condition with between rdesc_show() and device removal USB: core: Fix bug caused by duplicate interface PM usage counter USB: core: Fix unterminated string returned by usb_string() USB: w1 ds2490: Fix bug caused by improper use of altsetting array USB: yurex: Fix protection fault after device removal packet: validate msg_namelen in send directly bnxt_en: Improve multicast address setup logic. ipv6: invert flowlabel sharing check in process and user mode ipv6/flowlabel: wait rcu grace period before put_pid() ipv4: ip_do_fragment: Preserve skb_iif during fragmentation ALSA: line6: use dynamic buffers vfio/type1: Limit DMA mappings per container kconfig/[mn]conf: handle backspace (^H) key libata: fix using DMA buffers on stack scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN ceph: fix use-after-free on symlink traversal usb: u132-hcd: fix resource leak scsi: qla4xxx: fix a potential NULL pointer dereference net: ethernet: ti: fix possible object reference leak net: ibm: fix possible object reference leak net: xilinx: fix possible object reference leak net: ks8851: Set initial carrier state to down net: ks8851: Delay requesting IRQ until opened net: ks8851: Reassert reset pin if chip ID check fails net: ks8851: Dequeue RX packets explicitly ARM: dts: pfla02: increase phy reset duration usb: gadget: net2272: Fix net2272_dequeue() usb: gadget: net2280: Fix net2280_dequeue() usb: gadget: net2280: Fix overrun of OUT messages sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING qlcnic: Avoid potential NULL pointer dereference usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set usbnet: ipheth: prevent TX queue timeouts when device not ready Documentation: Add nospectre_v1 parameter powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) powerpc/fsl: Emulate SPRN_BUCSR register powerpc/fsl: Flush branch predictor when entering KVM powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used ipv4: set the tcp_min_rtt_wlen range from 0 to one day net: stmmac: move stmmac_check_ether_addr() to driver probe team: fix possible recursive locking when add slaves ipv4: add sanity checks in ipv4_link_failure() Revert "block/loop: Use global lock for ioctl() operation." bpf: reject wrong sized filters earlier tipc: check link name with right length in tipc_nl_compat_link_set tipc: check bearer name with right length in tipc_nl_compat_bearer_enable netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. fs/proc/proc_sysctl.c: Fix a NULL pointer dereference intel_th: gth: Fix an off-by-one in output unassigning slip: make slhc_free() silently accept an error pointer tipc: handle the err returned from cmd header function powerpc/fsl: Fix the flush of branch predictor. powerpc/security: Fix spectre_v2 reporting powerpc/fsl: Update Spectre v2 reporting powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) powerpc/fsl: Add nospectre_v2 command line argument powerpc/fsl: Fix spectre_v2 mitigations reporting powerpc/fsl: Add macro to flush the branch predictor powerpc/fsl: Add infrastructure to fixup branch predictor flush powerpc: Avoid code patching freed init sections powerpc/powernv: Query firmware for count cache flush settings powerpc/pseries: Query hypervisor for count cache flush settings powerpc/64s: Add support for software count cache flush powerpc/64s: Add new security feature flags for count cache flush powerpc/asm: Add a patch_site macro & helpers for patching instructions powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E powerpc/64: Make meltdown reporting Book3S 64 specific powerpc/64: Call setup_barrier_nospec() from setup_arch() powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC powerpc/64: Make stf barrier PPC_BOOK3S_64 specific. powerpc/64: Disable the speculation barrier from the command line powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 powerpc/64s: Enhance the information in cpu_show_spectre_v1() powerpc: Use barrier_nospec in copy_from_user() powerpc/64: Use barrier_nospec in syscall entry powerpc/64s: Enable barrier_nospec based on firmware settings powerpc/64s: Patch barrier_nospec in modules powerpc/64s: Add support for ori barrier_nospec patching powerpc/64s: Add barrier_nospec powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() powerpc/pseries: Restore default security feature flags on setup powerpc: Move default security feature flags powerpc/pseries: Fix clearing of security feature flags powerpc/64s: Wire up cpu_show_spectre_v2() powerpc/64s: Wire up cpu_show_spectre_v1() powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() powerpc/64s: Enhance the information in cpu_show_meltdown() powerpc/64s: Move cpu_show_meltdown() powerpc/powernv: Set or clear security feature flags powerpc/pseries: Set or clear security feature flags powerpc: Add security feature flags for Spectre/Meltdown powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags powerpc/rfi-flush: Differentiate enabled and patched flush types powerpc/rfi-flush: Always enable fallback flush on pseries powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code powerpc/powernv: Support firmware disable of RFI flush powerpc/pseries: Support firmware disable of RFI flush powerpc/64s: Improve RFI L1-D cache flush fallback powerpc/xmon: Add RFI flush related fields to paca dump USB: Consolidate LPM checks to avoid enabling LPM twice USB: Add new USB LPM helpers sunrpc: don't mark uninitialised items as VALID. nfsd: Don't release the callback slot unless it was actually held ceph: fix ci->i_head_snapc leak ceph: ensure d_name stability in ceph_dentry_hash() sched/numa: Fix a possible divide-by-zero trace: Fix preempt_enable_no_resched() abuse MIPS: scall64-o32: Fix indirect syscall number load cifs: do not attempt cifs operation on smb2+ rename error KVM: fail KVM_SET_VCPU_EVENTS with invalid exception number kbuild: simplify ld-option implementation ANDROID: cuttlefish_defconfig: Disable DEVTMPFS ANDROID: Move from clang r349610 to r353983c. f2fs: fix to avoid accessing xattr across the boundary f2fs: fix to avoid potential race on sbi->unusable_block_count access/update f2fs: add tracepoint for f2fs_filemap_fault() f2fs: introduce DATA_GENERIC_ENHANCE f2fs: fix to handle error in f2fs_disable_checkpoint() f2fs: remove redundant check in f2fs_file_write_iter() f2fs: fix to be aware of readonly device in write_checkpoint() f2fs: fix to skip recovery on readonly device f2fs: fix to consider multiple device for readonly check f2fs: relocate chksum_offset for large_nat_bitmap feature f2fs: allow unfixed f2fs_checkpoint.checksum_offset f2fs: Replace spaces with tab f2fs: insert space before the open parenthesis '(' f2fs: allow address pointer number of dnode aligning to specified size f2fs: introduce f2fs_read_single_page() for cleanup f2fs: mark is_extension_exist() inline f2fs: fix to set FI_UPDATE_WRITE correctly f2fs: fix to avoid panic in f2fs_inplace_write_data() f2fs: fix to do sanity check on valid block count of segment f2fs: fix to do sanity check on valid node/block count f2fs: fix to avoid panic in do_recover_data() f2fs: fix to do sanity check on free nid f2fs: fix to do checksum even if inode page is uptodate f2fs: fix to avoid panic in f2fs_remove_inode_page() f2fs: fix to clear dirty inode in error path of f2fs_iget() f2fs: remove new blank line of f2fs kernel message f2fs: fix wrong __is_meta_io() macro f2fs: fix to avoid panic in dec_valid_node_count() f2fs: fix to avoid panic in dec_valid_block_count() f2fs: fix to use inline space only if inline_xattr is enable f2fs: fix to retrieve inline xattr space f2fs: fix error path of recovery f2fs: fix to avoid deadloop in foreground GC f2fs: data: fix warning Using plain integer as NULL pointer f2fs: add tracepoint for f2fs_file_write_iter() f2fs: add comment for conditional compilation statement f2fs: fix potential recursive call when enabling data_flush f2fs: improve discard handling with multi-device volumes f2fs: Reduce zoned block device memory usage f2fs: Fix use of number of devices Sleepable function handle_lmk_event() is called in atomic context, so ignored the commit "ANDROID: Communicates LMK events to userland where they can be logged" Conflicts: arch/powerpc/include/asm/uaccess.h kernel/cpu.c kernel/irq/manage.c kernel/time/timer_stats.c net/ipv4/sysctl_net_ipv4.c Change-Id: I3e5bd447057b44a28fc5000403198ae0fd644480 Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
author: Srinivasarao P <spathi@codeaurora.org> 2019-05-23 14:05:20 +0530
committer: Srinivasarao P <spathi@codeaurora.org> 2019-05-23 14:22:20 +0530
commit: 780ec0d562724e68ed866498dedc7c2ef229609f (patch)
tree: 2809bda61108d547b8794ba2495978311d4b7e72 /arch/powerpc/include
parent: d1a5c038050401f5dbd7de222c43a1262083e027 (diff)
parent: 71cb827c0249e87c62139bd4d5897cf59f51cb55 (diff)
14 files changed, 282 insertions, 5 deletions
diff --git a/arch/powerpc/include/asm/asm-prototypes.h b/arch/powerpc/include/asm/asm-prototypes.h
new file mode 100644
index 000000000000..8944c55591cf
--- /dev/null
+++ b/arch/powerpc/include/asm/asm-prototypes.h
@@ -0,0 +1,21 @@
+#ifndef _ASM_POWERPC_ASM_PROTOTYPES_H
+#define _ASM_POWERPC_ASM_PROTOTYPES_H
+/*
+ * This file is for prototypes of C functions that are only called
+ * from asm, and any associated variables.
+ *
+ * Copyright 2016, Daniel Axtens, IBM Corporation.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ */
+
+/* Patch sites */
+extern s32 patch__call_flush_count_cache;
+extern s32 patch__flush_count_cache_return;
+
+extern long flush_count_cache;
+
+#endif /* _ASM_POWERPC_ASM_PROTOTYPES_H */
diff --git a/arch/powerpc/include/asm/barrier.h b/arch/powerpc/include/asm/barrier.h
index b9e16855a037..e7cb72cdb2ba 100644
--- a/arch/powerpc/include/asm/barrier.h
+++ b/arch/powerpc/include/asm/barrier.h
@@ -92,4 +92,25 @@ do {									\
 #define smp_mb__after_atomic()      smp_mb()
 #define smp_mb__before_spinlock()   smp_mb()
 
+#ifdef CONFIG_PPC_BOOK3S_64
+#define NOSPEC_BARRIER_SLOT   nop
+#elif defined(CONFIG_PPC_FSL_BOOK3E)
+#define NOSPEC_BARRIER_SLOT   nop; nop
+#endif
+
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
+/*
+ * Prevent execution of subsequent instructions until preceding branches have
+ * been fully resolved and are no longer executing speculatively.
+ */
+#define barrier_nospec_asm NOSPEC_BARRIER_FIXUP_SECTION; NOSPEC_BARRIER_SLOT
+
+// This also acts as a compiler barrier due to the memory clobber.
+#define barrier_nospec() asm (stringify_in_c(barrier_nospec_asm) ::: "memory")
+
+#else /* !CONFIG_PPC_BARRIER_NOSPEC */
+#define barrier_nospec_asm
+#define barrier_nospec()
+#endif /* CONFIG_PPC_BARRIER_NOSPEC */
+
 #endif /* _ASM_POWERPC_BARRIER_H */
diff --git a/arch/powerpc/include/asm/code-patching-asm.h b/arch/powerpc/include/asm/code-patching-asm.h
new file mode 100644
index 000000000000..ed7b1448493a
--- /dev/null
+++ b/arch/powerpc/include/asm/code-patching-asm.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright 2018, Michael Ellerman, IBM Corporation.
+ */
+#ifndef _ASM_POWERPC_CODE_PATCHING_ASM_H
+#define _ASM_POWERPC_CODE_PATCHING_ASM_H
+
+/* Define a "site" that can be patched */
+.macro patch_site label name
+	.pushsection ".rodata"
+	.balign 4
+	.global \name
+\name:
+	.4byte	\label - .
+	.popsection
+.endm
+
+#endif /* _ASM_POWERPC_CODE_PATCHING_ASM_H */
diff --git a/arch/powerpc/include/asm/code-patching.h b/arch/powerpc/include/asm/code-patching.h
index 840a5509b3f1..a734b4b34d26 100644
--- a/arch/powerpc/include/asm/code-patching.h
+++ b/arch/powerpc/include/asm/code-patching.h
@@ -28,6 +28,8 @@ unsigned int create_cond_branch(const unsigned int *addr,
 				unsigned long target, int flags);
 int patch_branch(unsigned int *addr, unsigned long target, int flags);
 int patch_instruction(unsigned int *addr, unsigned int instr);
+int patch_instruction_site(s32 *addr, unsigned int instr);
+int patch_branch_site(s32 *site, unsigned long target, int flags);
 
 int instr_is_relative_branch(unsigned int instr);
 int instr_is_branch_to_addr(const unsigned int *instr, unsigned long addr);
diff --git a/arch/powerpc/include/asm/exception-64s.h b/arch/powerpc/include/asm/exception-64s.h
index 9bddbec441b8..3ed536bec462 100644
--- a/arch/powerpc/include/asm/exception-64s.h
+++ b/arch/powerpc/include/asm/exception-64s.h
@@ -50,6 +50,27 @@
 #define EX_PPR		88	/* SMT thread status register (priority) */
 #define EX_CTR		96
 
+#define STF_ENTRY_BARRIER_SLOT						\
+	STF_ENTRY_BARRIER_FIXUP_SECTION;				\
+	nop;								\
+	nop;								\
+	nop
+
+#define STF_EXIT_BARRIER_SLOT						\
+	STF_EXIT_BARRIER_FIXUP_SECTION;					\
+	nop;								\
+	nop;								\
+	nop;								\
+	nop;								\
+	nop;								\
+	nop
+
+/*
+ * r10 must be free to use, r13 must be paca
+ */
+#define INTERRUPT_TO_KERNEL						\
+	STF_ENTRY_BARRIER_SLOT
+
 /*
  * Macros for annotating the expected destination of (h)rfid
  *
@@ -66,16 +87,19 @@
 	rfid
 
 #define RFI_TO_USER							\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	rfid;								\
 	b	rfi_flush_fallback
 
 #define RFI_TO_USER_OR_KERNEL						\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	rfid;								\
 	b	rfi_flush_fallback
 
 #define RFI_TO_GUEST							\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	rfid;								\
 	b	rfi_flush_fallback
@@ -84,21 +108,25 @@
 	hrfid
 
 #define HRFI_TO_USER							\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	hrfid;								\
 	b	hrfi_flush_fallback
 
 #define HRFI_TO_USER_OR_KERNEL						\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	hrfid;								\
 	b	hrfi_flush_fallback
 
 #define HRFI_TO_GUEST							\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	hrfid;								\
 	b	hrfi_flush_fallback
 
 #define HRFI_TO_UNKNOWN							\
+	STF_EXIT_BARRIER_SLOT;						\
 	RFI_FLUSH_SLOT;							\
 	hrfid;								\
 	b	hrfi_flush_fallback
@@ -226,6 +254,7 @@ END_FTR_SECTION_NESTED(ftr,ftr,943)
 #define __EXCEPTION_PROLOG_1(area, extra, vec)				\
 	OPT_SAVE_REG_TO_PACA(area+EX_PPR, r9, CPU_FTR_HAS_PPR);		\
 	OPT_SAVE_REG_TO_PACA(area+EX_CFAR, r10, CPU_FTR_CFAR);		\
+	INTERRUPT_TO_KERNEL;						\
 	SAVE_CTR(r10, area);						\
 	mfcr	r9;							\
 	extra(vec);							\
@@ -512,6 +541,12 @@ label##_relon_hv:						\
 #define _MASKABLE_EXCEPTION_PSERIES(vec, label, h, extra)		\
 	__MASKABLE_EXCEPTION_PSERIES(vec, label, h, extra)
 
+#define MASKABLE_EXCEPTION_OOL(vec, label)				\
+	.globl label##_ool;						\
+label##_ool:								\
+	EXCEPTION_PROLOG_1(PACA_EXGEN, SOFTEN_TEST_PR, vec);		\
+	EXCEPTION_PROLOG_PSERIES_1(label##_common, EXC_STD);
+
 #define MASKABLE_EXCEPTION_PSERIES(loc, vec, label)			\
 	. = loc;							\
 	.globl label##_pSeries;						\
diff --git a/arch/powerpc/include/asm/feature-fixups.h b/arch/powerpc/include/asm/feature-fixups.h
index 7068bafbb2d6..145a37ab2d3e 100644
--- a/arch/powerpc/include/asm/feature-fixups.h
+++ b/arch/powerpc/include/asm/feature-fixups.h
@@ -184,6 +184,22 @@ label##3:					       	\
 	FTR_ENTRY_OFFSET label##1b-label##3b;		\
 	.popsection;
 
+#define STF_ENTRY_BARRIER_FIXUP_SECTION			\
+953:							\
+	.pushsection __stf_entry_barrier_fixup,"a";	\
+	.align 2;					\
+954:							\
+	FTR_ENTRY_OFFSET 953b-954b;			\
+	.popsection;
+
+#define STF_EXIT_BARRIER_FIXUP_SECTION			\
+955:							\
+	.pushsection __stf_exit_barrier_fixup,"a";	\
+	.align 2;					\
+956:							\
+	FTR_ENTRY_OFFSET 955b-956b;			\
+	.popsection;
+
 #define RFI_FLUSH_FIXUP_SECTION				\
 951:							\
 	.pushsection __rfi_flush_fixup,"a";		\
@@ -192,10 +208,34 @@ label##3:					       	\
 	FTR_ENTRY_OFFSET 951b-952b;			\
 	.popsection;
 
+#define NOSPEC_BARRIER_FIXUP_SECTION			\
+953:							\
+	.pushsection __barrier_nospec_fixup,"a";	\
+	.align 2;					\
+954:							\
+	FTR_ENTRY_OFFSET 953b-954b;			\
+	.popsection;
+
+#define START_BTB_FLUSH_SECTION			\
+955:							\
+
+#define END_BTB_FLUSH_SECTION			\
+956:							\
+	.pushsection __btb_flush_fixup,"a";	\
+	.align 2;							\
+957:						\
+	FTR_ENTRY_OFFSET 955b-957b;			\
+	FTR_ENTRY_OFFSET 956b-957b;			\
+	.popsection;
 
 #ifndef __ASSEMBLY__
 
+extern long stf_barrier_fallback;
+extern long __start___stf_entry_barrier_fixup, __stop___stf_entry_barrier_fixup;
+extern long __start___stf_exit_barrier_fixup, __stop___stf_exit_barrier_fixup;
 extern long __start___rfi_flush_fixup, __stop___rfi_flush_fixup;
+extern long __start___barrier_nospec_fixup, __stop___barrier_nospec_fixup;
+extern long __start__btb_flush_fixup, __stop__btb_flush_fixup;
 
 #endif
 
diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h
index 449bbb87c257..b57db9d09db9 100644
--- a/arch/powerpc/include/asm/hvcall.h
+++ b/arch/powerpc/include/asm/hvcall.h
@@ -292,10 +292,15 @@
 #define H_CPU_CHAR_L1D_FLUSH_ORI30	(1ull << 61) // IBM bit 2
 #define H_CPU_CHAR_L1D_FLUSH_TRIG2	(1ull << 60) // IBM bit 3
 #define H_CPU_CHAR_L1D_THREAD_PRIV	(1ull << 59) // IBM bit 4
+#define H_CPU_CHAR_BRANCH_HINTS_HONORED	(1ull << 58) // IBM bit 5
+#define H_CPU_CHAR_THREAD_RECONFIG_CTRL	(1ull << 57) // IBM bit 6
+#define H_CPU_CHAR_COUNT_CACHE_DISABLED	(1ull << 56) // IBM bit 7
+#define H_CPU_CHAR_BCCTR_FLUSH_ASSIST	(1ull << 54) // IBM bit 9
 
 #define H_CPU_BEHAV_FAVOUR_SECURITY	(1ull << 63) // IBM bit 0
 #define H_CPU_BEHAV_L1D_FLUSH_PR	(1ull << 62) // IBM bit 1
 #define H_CPU_BEHAV_BNDS_CHK_SPEC_BAR	(1ull << 61) // IBM bit 2
+#define H_CPU_BEHAV_FLUSH_COUNT_CACHE	(1ull << 58) // IBM bit 5
 
 #ifndef __ASSEMBLY__
 #include <linux/types.h>
diff --git a/arch/powerpc/include/asm/paca.h b/arch/powerpc/include/asm/paca.h
index 45e2aefece16..08e5df3395fa 100644
--- a/arch/powerpc/include/asm/paca.h
+++ b/arch/powerpc/include/asm/paca.h
@@ -199,8 +199,7 @@ struct paca_struct {
 	 */
 	u64 exrfi[13] __aligned(0x80);
 	void *rfi_flush_fallback_area;
-	u64 l1d_flush_congruence;
-	u64 l1d_flush_sets;
+	u64 l1d_flush_size;
 #endif
 };
 
diff --git a/arch/powerpc/include/asm/ppc-opcode.h b/arch/powerpc/include/asm/ppc-opcode.h
index 7ab04fc59e24..faf1bb045dee 100644
--- a/arch/powerpc/include/asm/ppc-opcode.h
+++ b/arch/powerpc/include/asm/ppc-opcode.h
@@ -147,6 +147,7 @@
 #define PPC_INST_LWSYNC			0x7c2004ac
 #define PPC_INST_SYNC			0x7c0004ac
 #define PPC_INST_SYNC_MASK		0xfc0007fe
+#define PPC_INST_ISYNC			0x4c00012c
 #define PPC_INST_LXVD2X			0x7c000698
 #define PPC_INST_MCRXR			0x7c000400
 #define PPC_INST_MCRXR_MASK		0xfc0007fe
diff --git a/arch/powerpc/include/asm/ppc_asm.h b/arch/powerpc/include/asm/ppc_asm.h
index 160bb2311bbb..d219816b3e19 100644
--- a/arch/powerpc/include/asm/ppc_asm.h
+++ b/arch/powerpc/include/asm/ppc_asm.h
@@ -821,4 +821,15 @@ END_FTR_SECTION_NESTED(CPU_FTR_HAS_PPR,CPU_FTR_HAS_PPR,945)
 	.long 0x2400004c  /* rfid				*/
 #endif /* !CONFIG_PPC_BOOK3E */
 #endif /*  __ASSEMBLY__ */
+
+#ifdef CONFIG_PPC_FSL_BOOK3E
+#define BTB_FLUSH(reg)			\
+	lis reg,BUCSR_INIT@h;		\
+	ori reg,reg,BUCSR_INIT@l;	\
+	mtspr SPRN_BUCSR,reg;		\
+	isync;
+#else
+#define BTB_FLUSH(reg)
+#endif /* CONFIG_PPC_FSL_BOOK3E */
+
 #endif /* _ASM_POWERPC_PPC_ASM_H */
diff --git a/arch/powerpc/include/asm/reg_booke.h b/arch/powerpc/include/asm/reg_booke.h
index 2fef74b474f0..410ebee9e339 100644
--- a/arch/powerpc/include/asm/reg_booke.h
+++ b/arch/powerpc/include/asm/reg_booke.h
@@ -41,7 +41,7 @@
 #if defined(CONFIG_PPC_BOOK3E_64)
 #define MSR_64BIT	MSR_CM
 
-#define MSR_		(MSR_ME | MSR_CE)
+#define MSR_		(MSR_ME | MSR_RI | MSR_CE)
 #define MSR_KERNEL	(MSR_ | MSR_64BIT)
 #define MSR_USER32	(MSR_ | MSR_PR | MSR_EE)
 #define MSR_USER64	(MSR_USER32 | MSR_64BIT)
diff --git a/arch/powerpc/include/asm/security_features.h b/arch/powerpc/include/asm/security_features.h
new file mode 100644
index 000000000000..759597bf0fd8
--- /dev/null
+++ b/arch/powerpc/include/asm/security_features.h
@@ -0,0 +1,92 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Security related feature bit definitions.
+ *
+ * Copyright 2018, Michael Ellerman, IBM Corporation.
+ */
+
+#ifndef _ASM_POWERPC_SECURITY_FEATURES_H
+#define _ASM_POWERPC_SECURITY_FEATURES_H
+
+
+extern unsigned long powerpc_security_features;
+extern bool rfi_flush;
+
+/* These are bit flags */
+enum stf_barrier_type {
+	STF_BARRIER_NONE	= 0x1,
+	STF_BARRIER_FALLBACK	= 0x2,
+	STF_BARRIER_EIEIO	= 0x4,
+	STF_BARRIER_SYNC_ORI	= 0x8,
+};
+
+void setup_stf_barrier(void);
+void do_stf_barrier_fixups(enum stf_barrier_type types);
+void setup_count_cache_flush(void);
+
+static inline void security_ftr_set(unsigned long feature)
+{
+	powerpc_security_features |= feature;
+}
+
+static inline void security_ftr_clear(unsigned long feature)
+{
+	powerpc_security_features &= ~feature;
+}
+
+static inline bool security_ftr_enabled(unsigned long feature)
+{
+	return !!(powerpc_security_features & feature);
+}
+
+
+// Features indicating support for Spectre/Meltdown mitigations
+
+// The L1-D cache can be flushed with ori r30,r30,0
+#define SEC_FTR_L1D_FLUSH_ORI30		0x0000000000000001ull
+
+// The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2)
+#define SEC_FTR_L1D_FLUSH_TRIG2		0x0000000000000002ull
+
+// ori r31,r31,0 acts as a speculation barrier
+#define SEC_FTR_SPEC_BAR_ORI31		0x0000000000000004ull
+
+// Speculation past bctr is disabled
+#define SEC_FTR_BCCTRL_SERIALISED	0x0000000000000008ull
+
+// Entries in L1-D are private to a SMT thread
+#define SEC_FTR_L1D_THREAD_PRIV		0x0000000000000010ull
+
+// Indirect branch prediction cache disabled
+#define SEC_FTR_COUNT_CACHE_DISABLED	0x0000000000000020ull
+
+// bcctr 2,0,0 triggers a hardware assisted count cache flush
+#define SEC_FTR_BCCTR_FLUSH_ASSIST	0x0000000000000800ull
+
+
+// Features indicating need for Spectre/Meltdown mitigations
+
+// The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to guest)
+#define SEC_FTR_L1D_FLUSH_HV		0x0000000000000040ull
+
+// The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to userspace)
+#define SEC_FTR_L1D_FLUSH_PR		0x0000000000000080ull
+
+// A speculation barrier should be used for bounds checks (Spectre variant 1)
+#define SEC_FTR_BNDS_CHK_SPEC_BAR	0x0000000000000100ull
+
+// Firmware configuration indicates user favours security over performance
+#define SEC_FTR_FAVOUR_SECURITY		0x0000000000000200ull
+
+// Software required to flush count cache on context switch
+#define SEC_FTR_FLUSH_COUNT_CACHE	0x0000000000000400ull
+
+
+// Features enabled by default
+#define SEC_FTR_DEFAULT \
+	(SEC_FTR_L1D_FLUSH_HV | \
+	 SEC_FTR_L1D_FLUSH_PR | \
+	 SEC_FTR_BNDS_CHK_SPEC_BAR | \
+	 SEC_FTR_FAVOUR_SECURITY)
+
+#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */
diff --git a/arch/powerpc/include/asm/setup.h b/arch/powerpc/include/asm/setup.h
index 7916b56f2e60..d299479c770b 100644
--- a/arch/powerpc/include/asm/setup.h
+++ b/arch/powerpc/include/asm/setup.h
@@ -8,6 +8,7 @@ extern void ppc_printk_progress(char *s, unsigned short hex);
 
 extern unsigned int rtas_data;
 extern unsigned long long memory_limit;
+extern bool init_mem_is_free;
 extern unsigned long klimit;
 extern void *zalloc_maybe_bootmem(size_t size, gfp_t mask);
 
@@ -36,8 +37,28 @@ enum l1d_flush_type {
 	L1D_FLUSH_MTTRIG	= 0x8,
 };
 
-void __init setup_rfi_flush(enum l1d_flush_type, bool enable);
+void setup_rfi_flush(enum l1d_flush_type, bool enable);
 void do_rfi_flush_fixups(enum l1d_flush_type types);
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
+void setup_barrier_nospec(void);
+#else
+static inline void setup_barrier_nospec(void) { };
+#endif
+void do_barrier_nospec_fixups(bool enable);
+extern bool barrier_nospec_enabled;
+
+#ifdef CONFIG_PPC_BARRIER_NOSPEC
+void do_barrier_nospec_fixups_range(bool enable, void *start, void *end);
+#else
+static inline void do_barrier_nospec_fixups_range(bool enable, void *start, void *end) { };
+#endif
+
+#ifdef CONFIG_PPC_FSL_BOOK3E
+void setup_spectre_v2(void);
+#else
+static inline void setup_spectre_v2(void) {};
+#endif
+void do_btb_flush_fixups(void);
 
 #endif /* !__ASSEMBLY__ */
 
diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h
index 1542c4e009c8..f86fb4243a08 100644
--- a/arch/powerpc/include/asm/uaccess.h
+++ b/arch/powerpc/include/asm/uaccess.h
@@ -269,6 +269,7 @@ do {								\
 	__chk_user_ptr(ptr);					\
 	if (!is_kernel_addr((unsigned long)__gu_addr))		\
 		might_fault();					\
+	barrier_nospec();					\
 	__get_user_size(__gu_val, __gu_addr, (size), __gu_err);	\
 	(x) = (__typeof__(*(ptr)))__gu_val;			\
 	__gu_err;						\
@@ -283,6 +284,7 @@ do {								\
 	__chk_user_ptr(ptr);					\
 	if (!is_kernel_addr((unsigned long)__gu_addr))		\
 		might_fault();					\
+	barrier_nospec();					\
 	__get_user_size(__gu_val, __gu_addr, (size), __gu_err);	\
 	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
 	__gu_err;						\
@@ -295,8 +297,10 @@ do {								\
 	unsigned long  __gu_val = 0;					\
 	__typeof__(*(ptr)) __user *__gu_addr = (ptr);		\
 	might_fault();							\
-	if (access_ok(VERIFY_READ, __gu_addr, (size)))			\
+	if (access_ok(VERIFY_READ, __gu_addr, (size))) {		\
+		barrier_nospec();					\
 		__get_user_size(__gu_val, __gu_addr, (size), __gu_err);	\
+	}								\
 	(x) = (__force __typeof__(*(ptr)))__gu_val;				\
 	__gu_err;							\
 })
@@ -307,6 +311,7 @@ do {								\
 	unsigned long __gu_val;					\
 	__typeof__(*(ptr)) __user *__gu_addr = (ptr);	\
 	__chk_user_ptr(ptr);					\
+	barrier_nospec();					\
 	__get_user_size(__gu_val, __gu_addr, (size), __gu_err);	\
 	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
 	__gu_err;						\
@@ -325,6 +330,7 @@ static inline unsigned long copy_from_user(void *to,
 {
 	if (likely(access_ok(VERIFY_READ, from, n))) {
 		check_object_size(to, n, false);
+		barrier_nospec();
 		return __copy_tofrom_user((__force void __user *)to, from, n);
 	}
 	memset(to, 0, n);
@@ -363,15 +369,19 @@ static inline unsigned long __copy_from_user_inatomic(void *to,
 
 		switch (n) {
 		case 1:
+			barrier_nospec();
 			__get_user_size(*(u8 *)to, from, 1, ret);
 			break;
 		case 2:
+			barrier_nospec();
 			__get_user_size(*(u16 *)to, from, 2, ret);
 			break;
 		case 4:
+			barrier_nospec();
 			__get_user_size(*(u32 *)to, from, 4, ret);
 			break;
 		case 8:
+			barrier_nospec();
 			__get_user_size(*(u64 *)to, from, 8, ret);
 			break;
 		}
@@ -381,6 +391,7 @@ static inline unsigned long __copy_from_user_inatomic(void *to,
 
 	check_object_size(to, n, false);
 
+	barrier_nospec();
 	return __copy_tofrom_user((__force void __user *)to, from, n);
 }
author	Srinivasarao P <spathi@codeaurora.org>	2019-05-23 14:05:20 +0530
committer	Srinivasarao P <spathi@codeaurora.org>	2019-05-23 14:22:20 +0530
commit	780ec0d562724e68ed866498dedc7c2ef229609f (patch)
tree	2809bda61108d547b8794ba2495978311d4b7e72 /arch/powerpc/include
parent	d1a5c038050401f5dbd7de222c43a1262083e027 (diff)
parent	71cb827c0249e87c62139bd4d5897cf59f51cb55 (diff)