[PATCH 4/4] powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes

Joel Stanley joel at jms.id.au
Tue May 4 10:51:26 AEST 2021


On Mon, 3 May 2021 at 13:04, Nicholas Piggin <npiggin at gmail.com> wrote:
>
> These aren't necessarily POWER9 only, and it's not to say some new
> vulnerability may not get discovered on other processors for which
> we would like the flexibility of having the workaround enabled by
> firmware.
>
> Remove the restriction that they only apply to POWER9.

I was wondering how these worked which led me to reviewing your patch.
>From what I could see, these are enabled by default (SEC_FTR_DEFAULT
in arch/powerpc/include/asm/security_features.h), so unless all
non-POWER9 machines have set the "please don't" bit in their firmware
this patch will enable the feature for those machines. Is that what
you wanted?

>
> Signed-off-by: Nicholas Piggin <npiggin at gmail.com>
> ---
>  arch/powerpc/platforms/powernv/setup.c | 9 ---------
>  1 file changed, 9 deletions(-)
>
> diff --git a/arch/powerpc/platforms/powernv/setup.c b/arch/powerpc/platforms/powernv/setup.c
> index a8db3f153063..6ec67223f8c7 100644
> --- a/arch/powerpc/platforms/powernv/setup.c
> +++ b/arch/powerpc/platforms/powernv/setup.c
> @@ -122,15 +122,6 @@ static void pnv_setup_security_mitigations(void)
>                         type = L1D_FLUSH_ORI;
>         }
>
> -       /*
> -        * If we are non-Power9 bare metal, we don't need to flush on kernel
> -        * entry or after user access: they fix a P9 specific vulnerability.
> -        */
> -       if (!pvr_version_is(PVR_POWER9)) {
> -               security_ftr_clear(SEC_FTR_L1D_FLUSH_ENTRY);
> -               security_ftr_clear(SEC_FTR_L1D_FLUSH_UACCESS);
> -       }
> -
>         enable = security_ftr_enabled(SEC_FTR_FAVOUR_SECURITY) && \
>                  (security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR)   || \
>                   security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV));
> --
> 2.23.0
>


More information about the Linuxppc-dev mailing list