Message ID | 1531825797-14236-5-git-send-email-diana.craciun@nxp.com (mailing list archive) |
---|---|
State | Superseded, archived |
Headers | show |
Series | powerpc/fsl: Speculation barrier for NXP PowerPC Book3E | expand |
Diana Craciun <diana.craciun@nxp.com> a écrit : > The NXP PPC Book3E platforms are not vulnerable to meltdown and > Spectre v4, so make them PPC_BOOK3S_64 specific. > > Signed-off-by: Diana Craciun <diana.craciun@nxp.com> > --- > History: > > v2-->v3 > - used the existing functions for spectre v1/v2 > > arch/powerpc/Kconfig | 7 ++++++- > arch/powerpc/kernel/security.c | 2 ++ > 2 files changed, 8 insertions(+), 1 deletion(-) > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 9f2b75f..116c953 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -165,7 +165,7 @@ config PPC > select GENERIC_CLOCKEVENTS_BROADCAST if SMP > select GENERIC_CMOS_UPDATE > select GENERIC_CPU_AUTOPROBE > - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 > + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC I don't understand. You say this patch is to make something specific to book3s64 specific, and you are creating a new config param that make things less specific Christophe > select GENERIC_IRQ_SHOW > select GENERIC_IRQ_SHOW_LEVEL > select GENERIC_SMP_IDLE_THREAD > @@ -240,6 +240,11 @@ config PPC > # Please keep this list sorted alphabetically. > # > > +config PPC_NOSPEC > + bool > + default y > + depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E > + > config GENERIC_CSUM > def_bool n > > diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c > index 3a4e5c3..539c744 100644 > --- a/arch/powerpc/kernel/security.c > +++ b/arch/powerpc/kernel/security.c > @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void) > device_initcall(barrier_nospec_debugfs_init); > #endif /* CONFIG_DEBUG_FS */ > > +#ifdef CONFIG_PPC_BOOK3S_64 > ssize_t cpu_show_meltdown(struct device *dev, struct > device_attribute *attr, char *buf) > { > bool thread_priv; > @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev, > struct device_attribute *attr, cha > > return sprintf(buf, "Vulnerable\n"); > } > +#endif > > ssize_t cpu_show_spectre_v1(struct device *dev, struct > device_attribute *attr, char *buf) > { > -- > 2.5.5
On 7/17/2018 7:47 PM, LEROY Christophe wrote: > Diana Craciun <diana.craciun@nxp.com> a écrit : > >> The NXP PPC Book3E platforms are not vulnerable to meltdown and >> Spectre v4, so make them PPC_BOOK3S_64 specific. >> >> Signed-off-by: Diana Craciun <diana.craciun@nxp.com> >> --- >> History: >> >> v2-->v3 >> - used the existing functions for spectre v1/v2 >> >> arch/powerpc/Kconfig | 7 ++++++- >> arch/powerpc/kernel/security.c | 2 ++ >> 2 files changed, 8 insertions(+), 1 deletion(-) >> >> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >> index 9f2b75f..116c953 100644 >> --- a/arch/powerpc/Kconfig >> +++ b/arch/powerpc/Kconfig >> @@ -165,7 +165,7 @@ config PPC >> select GENERIC_CLOCKEVENTS_BROADCAST if SMP >> select GENERIC_CMOS_UPDATE >> select GENERIC_CPU_AUTOPROBE >> - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 >> + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC > I don't understand. You say this patch is to make something specific > to book3s64 specific, and you are creating a new config param that > make things less specific > > Christophe In order to enable the vulnerabilities reporting on NXP socs I need to enable them for PPC_FSL_BOOK3E. So they will be enabled for both PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs are not vulnerable to meltdown, so I made the meltdown reporting PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in a separate patch to be more clear. Diana > >> select GENERIC_IRQ_SHOW >> select GENERIC_IRQ_SHOW_LEVEL >> select GENERIC_SMP_IDLE_THREAD >> @@ -240,6 +240,11 @@ config PPC >> # Please keep this list sorted alphabetically. >> # >> >> +config PPC_NOSPEC >> + bool >> + default y >> + depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E >> + >> config GENERIC_CSUM >> def_bool n >> >> diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c >> index 3a4e5c3..539c744 100644 >> --- a/arch/powerpc/kernel/security.c >> +++ b/arch/powerpc/kernel/security.c >> @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void) >> device_initcall(barrier_nospec_debugfs_init); >> #endif /* CONFIG_DEBUG_FS */ >> >> +#ifdef CONFIG_PPC_BOOK3S_64 >> ssize_t cpu_show_meltdown(struct device *dev, struct >> device_attribute *attr, char *buf) >> { >> bool thread_priv; >> @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev, >> struct device_attribute *attr, cha >> >> return sprintf(buf, "Vulnerable\n"); >> } >> +#endif >> >> ssize_t cpu_show_spectre_v1(struct device *dev, struct >> device_attribute *attr, char *buf) >> { >> -- >> 2.5.5 > >
Diana Madalina Craciun <diana.craciun@nxp.com> a écrit : > On 7/17/2018 7:47 PM, LEROY Christophe wrote: >> Diana Craciun <diana.craciun@nxp.com> a écrit : >> >>> The NXP PPC Book3E platforms are not vulnerable to meltdown and >>> Spectre v4, so make them PPC_BOOK3S_64 specific. >>> >>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com> >>> --- >>> History: >>> >>> v2-->v3 >>> - used the existing functions for spectre v1/v2 >>> >>> arch/powerpc/Kconfig | 7 ++++++- >>> arch/powerpc/kernel/security.c | 2 ++ >>> 2 files changed, 8 insertions(+), 1 deletion(-) >>> >>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >>> index 9f2b75f..116c953 100644 >>> --- a/arch/powerpc/Kconfig >>> +++ b/arch/powerpc/Kconfig >>> @@ -165,7 +165,7 @@ config PPC >>> select GENERIC_CLOCKEVENTS_BROADCAST if SMP >>> select GENERIC_CMOS_UPDATE >>> select GENERIC_CPU_AUTOPROBE >>> - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 >>> + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC >> I don't understand. You say this patch is to make something specific >> to book3s64 specific, and you are creating a new config param that >> make things less specific >> >> Christophe > > In order to enable the vulnerabilities reporting on NXP socs I need to > enable them for PPC_FSL_BOOK3E. So they will be enabled for both > PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the > Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs > are not vulnerable to meltdown, so I made the meltdown reporting > PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in > a separate patch to be more clear. Yes you can. Or keep it as a single patch and add the details you gave me in the patch description. Christophe > > Diana > >> >>> select GENERIC_IRQ_SHOW >>> select GENERIC_IRQ_SHOW_LEVEL >>> select GENERIC_SMP_IDLE_THREAD >>> @@ -240,6 +240,11 @@ config PPC >>> # Please keep this list sorted alphabetically. >>> # >>> >>> +config PPC_NOSPEC >>> + bool >>> + default y >>> + depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E >>> + >>> config GENERIC_CSUM >>> def_bool n >>> >>> diff --git a/arch/powerpc/kernel/security.c >>> b/arch/powerpc/kernel/security.c >>> index 3a4e5c3..539c744 100644 >>> --- a/arch/powerpc/kernel/security.c >>> +++ b/arch/powerpc/kernel/security.c >>> @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void) >>> device_initcall(barrier_nospec_debugfs_init); >>> #endif /* CONFIG_DEBUG_FS */ >>> >>> +#ifdef CONFIG_PPC_BOOK3S_64 >>> ssize_t cpu_show_meltdown(struct device *dev, struct >>> device_attribute *attr, char *buf) >>> { >>> bool thread_priv; >>> @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev, >>> struct device_attribute *attr, cha >>> >>> return sprintf(buf, "Vulnerable\n"); >>> } >>> +#endif >>> >>> ssize_t cpu_show_spectre_v1(struct device *dev, struct >>> device_attribute *attr, char *buf) >>> { >>> -- >>> 2.5.5 >> >>
LEROY Christophe <christophe.leroy@c-s.fr> writes: > Diana Madalina Craciun <diana.craciun@nxp.com> a écrit : >> On 7/17/2018 7:47 PM, LEROY Christophe wrote: >>> Diana Craciun <diana.craciun@nxp.com> a écrit : >>>> The NXP PPC Book3E platforms are not vulnerable to meltdown and >>>> Spectre v4, so make them PPC_BOOK3S_64 specific. >>>> >>>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com> >>>> --- >>>> History: >>>> >>>> v2-->v3 >>>> - used the existing functions for spectre v1/v2 >>>> >>>> arch/powerpc/Kconfig | 7 ++++++- >>>> arch/powerpc/kernel/security.c | 2 ++ >>>> 2 files changed, 8 insertions(+), 1 deletion(-) >>>> >>>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >>>> index 9f2b75f..116c953 100644 >>>> --- a/arch/powerpc/Kconfig >>>> +++ b/arch/powerpc/Kconfig >>>> @@ -165,7 +165,7 @@ config PPC >>>> select GENERIC_CLOCKEVENTS_BROADCAST if SMP >>>> select GENERIC_CMOS_UPDATE >>>> select GENERIC_CPU_AUTOPROBE >>>> - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 >>>> + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC >>> I don't understand. You say this patch is to make something specific >>> to book3s64 specific, and you are creating a new config param that >>> make things less specific >>> >>> Christophe >> >> In order to enable the vulnerabilities reporting on NXP socs I need to >> enable them for PPC_FSL_BOOK3E. So they will be enabled for both >> PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the >> Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs >> are not vulnerable to meltdown, so I made the meltdown reporting >> PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in >> a separate patch to be more clear. > > Yes you can. Or keep it as a single patch and add the details you gave > me in the patch description. Yeah I think the patch is fine, but the change log is a bit short on detail. If you just send me a new change log I can fold it in. cheers
On 7/19/2018 3:05 PM, Michael Ellerman wrote: > LEROY Christophe <christophe.leroy@c-s.fr> writes: >> Diana Madalina Craciun <diana.craciun@nxp.com> a écrit : >>> On 7/17/2018 7:47 PM, LEROY Christophe wrote: >>>> Diana Craciun <diana.craciun@nxp.com> a écrit : >>>>> The NXP PPC Book3E platforms are not vulnerable to meltdown and >>>>> Spectre v4, so make them PPC_BOOK3S_64 specific. >>>>> >>>>> Signed-off-by: Diana Craciun <diana.craciun@nxp.com> >>>>> --- >>>>> History: >>>>> >>>>> v2-->v3 >>>>> - used the existing functions for spectre v1/v2 >>>>> >>>>> arch/powerpc/Kconfig | 7 ++++++- >>>>> arch/powerpc/kernel/security.c | 2 ++ >>>>> 2 files changed, 8 insertions(+), 1 deletion(-) >>>>> >>>>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >>>>> index 9f2b75f..116c953 100644 >>>>> --- a/arch/powerpc/Kconfig >>>>> +++ b/arch/powerpc/Kconfig >>>>> @@ -165,7 +165,7 @@ config PPC >>>>> select GENERIC_CLOCKEVENTS_BROADCAST if SMP >>>>> select GENERIC_CMOS_UPDATE >>>>> select GENERIC_CPU_AUTOPROBE >>>>> - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 >>>>> + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC >>>> I don't understand. You say this patch is to make something specific >>>> to book3s64 specific, and you are creating a new config param that >>>> make things less specific >>>> >>>> Christophe >>> In order to enable the vulnerabilities reporting on NXP socs I need to >>> enable them for PPC_FSL_BOOK3E. So they will be enabled for both >>> PPC_FSL_BOOK3E and PPC_BOOK3S_64. This is the reason for adding the >>> Kconfig. However this will enable: spectre v1/v2 and meltdown. NXP socs >>> are not vulnerable to meltdown, so I made the meltdown reporting >>> PPC_BOOK3S_64 specific. I guess I can have the PPC_NOSPEC definition in >>> a separate patch to be more clear. >> Yes you can. Or keep it as a single patch and add the details you gave >> me in the patch description. > Yeah I think the patch is fine, but the change log is a bit short on detail. > > If you just send me a new change log I can fold it in. > > cheers > Thanks! This is the new change log: "The Spectre/Meltdown vulnerabilities will be enabled for both PPC_FSL_BOOK3E and PPC_BOOK3S_64. In order to avoid a complicated ifdef we add a new Kconfig (PPC_NOSPEC) to select the common code between BOOK3S_64 and FSL_BOOK3E. However, the NXP platforms are not vulnerable to Meltdown, so make the Meltdown vulnerability reporting PPC_BOOK3S_64 specific." Regards, Diana
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 9f2b75f..116c953 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -165,7 +165,7 @@ config PPC select GENERIC_CLOCKEVENTS_BROADCAST if SMP select GENERIC_CMOS_UPDATE select GENERIC_CPU_AUTOPROBE - select GENERIC_CPU_VULNERABILITIES if PPC_BOOK3S_64 + select GENERIC_CPU_VULNERABILITIES if PPC_NOSPEC select GENERIC_IRQ_SHOW select GENERIC_IRQ_SHOW_LEVEL select GENERIC_SMP_IDLE_THREAD @@ -240,6 +240,11 @@ config PPC # Please keep this list sorted alphabetically. # +config PPC_NOSPEC + bool + default y + depends on PPC_BOOK3S_64 || PPC_FSL_BOOK3E + config GENERIC_CSUM def_bool n diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 3a4e5c3..539c744 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -92,6 +92,7 @@ static __init int barrier_nospec_debugfs_init(void) device_initcall(barrier_nospec_debugfs_init); #endif /* CONFIG_DEBUG_FS */ +#ifdef CONFIG_PPC_BOOK3S_64 ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) { bool thread_priv; @@ -124,6 +125,7 @@ ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, cha return sprintf(buf, "Vulnerable\n"); } +#endif ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf) {
The NXP PPC Book3E platforms are not vulnerable to meltdown and Spectre v4, so make them PPC_BOOK3S_64 specific. Signed-off-by: Diana Craciun <diana.craciun@nxp.com> --- History: v2-->v3 - used the existing functions for spectre v1/v2 arch/powerpc/Kconfig | 7 ++++++- arch/powerpc/kernel/security.c | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-)