| Message ID | 20220110100745.711970-1-naveen.n.rao@linux.vnet.ibm.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | powerpc/security: Provide stubs for when PPC_BARRIER_NOSPEC isn't enabled | expand |
| Context | Check | Description |
|---|---|---|
| snowpatch_ozlabs/github-powerpc_selftests | success | Successfully ran 8 jobs. |
| snowpatch_ozlabs/github-powerpc_ppctests | success | Successfully ran 8 jobs. |
| snowpatch_ozlabs/github-powerpc_kernel_qemu | success | Successfully ran 24 jobs. |
| snowpatch_ozlabs/github-powerpc_clang | success | Successfully ran 7 jobs. |
| snowpatch_ozlabs/github-powerpc_sparse | success | Successfully ran 4 jobs. |
Le 10/01/2022 à 11:07, Naveen N. Rao a écrit : > kernel test robot reported the below build error with a randconfig: > powerpc64-linux-ld: arch/powerpc/net/bpf_jit_comp64.o:(.toc+0x0): > undefined reference to `powerpc_security_features' > > This can happen if CONFIG_PPC_BARRIER_NOSPEC is not enabled. Address > this by providing stub functions for security_ftr_enabled() and related > helpers when the config option is not enabled. Looks like this can happen only when E500 is not selected. But what kind of CPU do we have if it's not a E500 ? AFAICS in cputable.c, if not a PPC32 and not a BOOK3S_64 is must be a E500 otherwise there's just no CPU. Should we make Kconfig stricter instead to avoid the Robot selecting a crazy config ? Christophe
Christophe Leroy wrote: > > > Le 10/01/2022 à 11:07, Naveen N. Rao a écrit : >> kernel test robot reported the below build error with a randconfig: >> powerpc64-linux-ld: arch/powerpc/net/bpf_jit_comp64.o:(.toc+0x0): >> undefined reference to `powerpc_security_features' >> >> This can happen if CONFIG_PPC_BARRIER_NOSPEC is not enabled. Address >> this by providing stub functions for security_ftr_enabled() and related >> helpers when the config option is not enabled. > > Looks like this can happen only when E500 is not selected. > > But what kind of CPU do we have if it's not a E500 ? > > AFAICS in cputable.c, if not a PPC32 and not a BOOK3S_64 is must be a > E500 otherwise there's just no CPU. This was triggered for a 64-bit build and the bug report is: http://lkml.kernel.org/r/202201082018.ACTZm4jh-lkp@intel.com The randconfig used is: https://download.01.org/0day-ci/archive/20220108/202201082018.ACTZm4jh-lkp@intel.com/config It just selects the generic cpu and BOOK3E_64: # # Processor support # # CONFIG_PPC_BOOK3S_64 is not set CONFIG_PPC_BOOK3E_64=y CONFIG_GENERIC_CPU=y CONFIG_PPC_BOOK3E=y CONFIG_PPC_FPU_REGS=y CONFIG_PPC_FPU=y CONFIG_BOOKE=y CONFIG_PPC_MMU_NOHASH=y CONFIG_PPC_BOOK3E_MMU=y CONFIG_PMU_SYSFS=y # CONFIG_SMP is not set CONFIG_NR_CPUS=1 CONFIG_PPC_DOORBELL=y # end of Processor support > > Should we make Kconfig stricter instead to avoid the Robot selecting a > crazy config ? If that config is indeed not possible, it sure will be nice to prevent that. - Naveen
Christophe Leroy <christophe.leroy@csgroup.eu> writes: > Le 10/01/2022 à 11:07, Naveen N. Rao a écrit : >> kernel test robot reported the below build error with a randconfig: >> powerpc64-linux-ld: arch/powerpc/net/bpf_jit_comp64.o:(.toc+0x0): >> undefined reference to `powerpc_security_features' >> >> This can happen if CONFIG_PPC_BARRIER_NOSPEC is not enabled. Address >> this by providing stub functions for security_ftr_enabled() and related >> helpers when the config option is not enabled. > > Looks like this can happen only when E500 is not selected. > > But what kind of CPU do we have if it's not a E500 ? > > AFAICS in cputable.c, if not a PPC32 and not a BOOK3S_64 is must be a > E500 otherwise there's just no CPU. That's left over from when we still had support for "A2", the IBM Book3E CPU that never shipped publicly. See when it was removed in: fb5a515704d7 ("powerpc: Remove platforms/wsp and associated pieces") > Should we make Kconfig stricter instead to avoid the Robot selecting a > crazy config ? Yeah. We have a bit of maze of symbols related to all that eg, PPC_BOOK3E_64, PPC_BOOK3E, PPC_FSL_BOOK3E, FSL_BOOKE, E500. Some of them are clearly required, but I think some could be rationalised, now that 64-bit Book3E implies FSL Book3E. But that will be a bunch of work I suspect. For this immediate problem, I think the patch below might be sufficient. It just ensures that PPC_FSL_BOOK3E is always enabled when we're building 64-bit Book3E. I'll run it through some build tests. cheers diff --git a/arch/powerpc/platforms/Kconfig.cputype b/arch/powerpc/platforms/Kconfig.cputype index 87bc1929ee5a..e2e1fec91c6e 100644 --- a/arch/powerpc/platforms/Kconfig.cputype +++ b/arch/powerpc/platforms/Kconfig.cputype @@ -107,6 +107,7 @@ config PPC_BOOK3S_64 config PPC_BOOK3E_64 bool "Embedded processors" + select PPC_FSL_BOOK3E select PPC_FPU # Make it a choice ? select PPC_SMP_MUXED_IPI select PPC_DOORBELL @@ -295,7 +296,7 @@ config FSL_BOOKE config PPC_FSL_BOOK3E bool select ARCH_SUPPORTS_HUGETLBFS if PHYS_64BIT || PPC64 - select FSL_EMB_PERFMON + imply FSL_EMB_PERFMON select PPC_SMP_MUXED_IPI select PPC_DOORBELL select PPC_KUEP
diff --git a/arch/powerpc/include/asm/security_features.h b/arch/powerpc/include/asm/security_features.h index 27574f218b371f..f2b990052641a0 100644 --- a/arch/powerpc/include/asm/security_features.h +++ b/arch/powerpc/include/asm/security_features.h @@ -8,10 +8,6 @@ #ifndef _ASM_POWERPC_SECURITY_FEATURES_H #define _ASM_POWERPC_SECURITY_FEATURES_H - -extern u64 powerpc_security_features; -extern bool rfi_flush; - /* These are bit flags */ enum stf_barrier_type { STF_BARRIER_NONE = 0x1, @@ -20,6 +16,10 @@ enum stf_barrier_type { STF_BARRIER_SYNC_ORI = 0x8, }; +#ifdef CONFIG_PPC_BARRIER_NOSPEC +extern u64 powerpc_security_features; +extern bool rfi_flush; + void setup_stf_barrier(void); void do_stf_barrier_fixups(enum stf_barrier_type types); void setup_count_cache_flush(void); @@ -45,6 +45,13 @@ enum stf_barrier_type stf_barrier_type_get(void); static inline enum stf_barrier_type stf_barrier_type_get(void) { return STF_BARRIER_NONE; } #endif +#else /* CONFIG_PPC_BARRIER_NOSPEC */ +static inline void security_ftr_set(u64 feature) { } +static inline void security_ftr_clear(u64 feature) { } +static inline bool security_ftr_enabled(u64 feature) { return false; } +static inline enum stf_barrier_type stf_barrier_type_get(void) { return STF_BARRIER_NONE; } +#endif /* CONFIG_PPC_BARRIER_NOSPEC */ + // Features indicating support for Spectre/Meltdown mitigations // The L1-D cache can be flushed with ori r30,r30,0
kernel test robot reported the below build error with a randconfig: powerpc64-linux-ld: arch/powerpc/net/bpf_jit_comp64.o:(.toc+0x0): undefined reference to `powerpc_security_features' This can happen if CONFIG_PPC_BARRIER_NOSPEC is not enabled. Address this by providing stub functions for security_ftr_enabled() and related helpers when the config option is not enabled. Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com> --- arch/powerpc/include/asm/security_features.h | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) base-commit: bdcf18e133f656b2c97390a594fc95e37849e682