From patchwork Thu Apr 4 16:44:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josh Poimboeuf X-Patchwork-Id: 1077507 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44Zpsv32B2z9sP8 for ; Fri, 5 Apr 2019 03:53:07 +1100 (AEDT) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 44Zpsv1rH6zDqFY for ; Fri, 5 Apr 2019 03:53:07 +1100 (AEDT) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=redhat.com (client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=jpoimboe@redhat.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=redhat.com Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 44Zphv6SZFzDqHr for ; Fri, 5 Apr 2019 03:45:19 +1100 (AEDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4DD193007432; Thu, 4 Apr 2019 16:45:17 +0000 (UTC) Received: from treble.redhat.com (ovpn-125-158.rdu2.redhat.com [10.10.125.158]) by smtp.corp.redhat.com (Postfix) with ESMTP id A26E5608E2; Thu, 4 Apr 2019 16:45:14 +0000 (UTC) From: Josh Poimboeuf To: linux-kernel@vger.kernel.org Subject: [PATCH RFC 4/5] s390/speculation: Add support for 'cpu_spec_mitigations=' cmdline options Date: Thu, 4 Apr 2019 11:44:14 -0500 Message-Id: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Thu, 04 Apr 2019 16:45:17 +0000 (UTC) X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Zijlstra , Heiko Carstens , Paul Mackerras , "H . Peter Anvin" , Ingo Molnar , Andrea Arcangeli , linux-s390@vger.kernel.org, x86@kernel.org, Will Deacon , Linus Torvalds , Catalin Marinas , Waiman Long , linux-arch@vger.kernel.org, Jon Masters , Jiri Kosina , Borislav Petkov , Andy Lutomirski , Thomas Gleixner , linux-arm-kernel@lists.infradead.org, Greg Kroah-Hartman , Tyler Hicks , Martin Schwidefsky , linuxppc-dev@lists.ozlabs.org Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Configure s390 runtime CPU speculation bug mitigations in accordance with the 'cpu_spec_mitigations=' cmdline options. This affects Spectre v1 and Spectre v2. The default behavior is unchanged. Signed-off-by: Josh Poimboeuf --- Documentation/admin-guide/kernel-parameters.txt | 7 ++++--- arch/s390/kernel/nospec-branch.c | 4 +++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 0e8eae1e8a25..e838af96daa4 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2554,8 +2554,9 @@ Disable all speculative CPU mitigations. Equivalent to: nopti [x86, powerpc] nospectre_v1 [powerpc] - nospectre_v2 [x86] + nospectre_v2 [x86, powerpc, s390] spectre_v2_user=off [x86] + nobp=0 [s390] spec_store_bypass_disable=off [x86, powerpc] l1tf=off [x86] @@ -2567,7 +2568,7 @@ upgrades, or who have other ways of avoiding SMT-based attacks. Equivalent to: pti=auto [x86] - spectre_v2=auto [x86] + spectre_v2=auto [x86, s390] spectre_v2_user=auto [x86] spec_store_bypass_disable=auto [x86, powerpc] l1tf=flush [x86] @@ -2578,7 +2579,7 @@ always want to be fully mitigated, even if it means losing SMT. Equivalent to: pti=auto [x86] - spectre_v2=auto [x86] + spectre_v2=auto [x86, s390] spectre_v2_user=auto [x86] spec_store_bypass_disable=auto [x86, powerpc] l1tf=flush,nosmt [x86] diff --git a/arch/s390/kernel/nospec-branch.c b/arch/s390/kernel/nospec-branch.c index bdddaae96559..c40eb672b43a 100644 --- a/arch/s390/kernel/nospec-branch.c +++ b/arch/s390/kernel/nospec-branch.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 #include #include +#include #include static int __init nobp_setup_early(char *str) @@ -58,7 +59,8 @@ early_param("nospectre_v2", nospectre_v2_setup_early); void __init nospec_auto_detect(void) { - if (test_facility(156)) { + if (test_facility(156) || + cpu_spec_mitigations == CPU_SPEC_MITIGATIONS_OFF) { /* * The machine supports etokens. * Disable expolines and disable nobp.