APPLIED: [PULL][Bionic] Address Spectre V2 on Power9 DD2.3

Kleber Souza kleber.souza at canonical.com
Tue Apr 23 15:49:57 UTC 2019 

On 4/12/19 9:39 PM, Manoj Iyer wrote:
> 
> BugLink: https://bugs.launchpad.net/bugs/1822870
> 
> Please consider the following patches to address Spectre V2 Meltdown 
> vulnerability in Power9 DD2.3. The patches were identified as IBM as being 
> critical for addressing this issue on Bionic 4.15 kernel. Majority of the 
> patches were clean cherry-picks and a few patches requiring minor 
> backports.
> 
> A test kernel was made available in PPA: ppa:ubuntu-power-triage/lp1822870 
> (built for Power and AMD64 archs) and test results based on this kernel on 
> Power9 DD2.3 is available in the bug report. We do not have Power9 DD2.3 
> hardware in-house, so all testing was done by IBM.
> 
> The patches are isolated to the ppc64el architecture, and IBM has not 
> reported any regressions, and they have verified that the test kernel 
> works as expected.
> 
> I have cced Michael Ranweiler at IBM on this pull request so that we can get 
> help to address any concerns you might have after SRU review.
> 
> The following changes since commit 
> c50532b9d7b623ff98aeaf0b848e58adae54ca75:
> 
>    UBUNTU: Ubuntu-4.15.0-48.51 (2019-04-02 18:31:55 +0200)
> 
> are available in the Git repository at:
> 
>    git+ssh://git.launchpad.net/~manjo/+git/bionic-lp1822870 spectre-1822870
> 
> for you to fetch changes up to a527672055a2477c4d93bb0cce7a2bdc9e8558b8:
> 
>    powerpc: Avoid code patching freed init sections (2019-04-12 13:36:07 
> -0500)
> 
> ----------------------------------------------------------------
> Christophe Leroy (2):
>        powerpc/lib/code-patching: refactor patch_instruction()
>        powerpc/lib/feature-fixups: use raw_patch_instruction()
> 
> Diana Craciun (5):
>        powerpc/64: Disable the speculation barrier from the command line
>        powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
>        powerpc/64: Make meltdown reporting Book3S 64 specific
>        powerpc/fsl: Fix spectre_v2 mitigations reporting
>        powerpc/fsl: Add nospectre_v2 command line argument
> 
> Michael Ellerman (11):
>        powerpc: Use barrier_nospec in copy_from_user()
>        powerpc/64: Use barrier_nospec in syscall entry
>        powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
>        powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
>        powerpc/64: Call setup_barrier_nospec() from setup_arch()
>        powerpc/asm: Add a patch_site macro & helpers for patching 
> instructions
>        powerpc/64s: Add new security feature flags for count cache flush
>        powerpc/64s: Add support for software count cache flush
>        powerpc/pseries: Query hypervisor for count cache flush settings
>        powerpc/powernv: Query firmware for count cache flush settings
>        powerpc/security: Fix spectre_v2 reporting
> 
> Michael Neuling (1):
>        powerpc: Avoid code patching freed init sections
> 
> Michal Suchanek (4):
>        powerpc/64s: Add support for ori barrier_nospec patching
>        powerpc/64s: Patch barrier_nospec in modules
>        powerpc/64s: Enable barrier_nospec based on firmware settings
>        powerpc/64s: Enhance the information in cpu_show_spectre_v1()
> 
> Suraj Jitindar Singh (1):
>        KVM: PPC: Book3S: Add count cache flush parameters to 
> kvmppc_get_cpu_char()
> 
>   arch/powerpc/Kconfig                         |   7 +-
>   arch/powerpc/include/asm/asm-prototypes.h    |  15 ++
>   arch/powerpc/include/asm/barrier.h           |   8 +-
>   arch/powerpc/include/asm/code-patching-asm.h |  18 +++
>   arch/powerpc/include/asm/code-patching.h     |   3 +
>   arch/powerpc/include/asm/feature-fixups.h    |   9 ++
>   arch/powerpc/include/asm/hvcall.h            |   2 +
>   arch/powerpc/include/asm/security_features.h |   7 +
>   arch/powerpc/include/asm/setup.h             |  21 +++
>   arch/powerpc/include/asm/uaccess.h           |  11 +-
>   arch/powerpc/include/uapi/asm/kvm.h          |   2 +
>   arch/powerpc/kernel/Makefile                 |   3 +-
>   arch/powerpc/kernel/entry_64.S               |  64 ++++++++
>   arch/powerpc/kernel/module.c                 |  10 +-
>   arch/powerpc/kernel/security.c               | 215 
> +++++++++++++++++++++++++--
>   arch/powerpc/kernel/setup-common.c           |   2 +
>   arch/powerpc/kernel/vmlinux.lds.S            |  11 +-
>   arch/powerpc/kvm/powerpc.c                   |  18 ++-
>   arch/powerpc/lib/code-patching.c             |  55 +++++--
>   arch/powerpc/lib/feature-fixups.c            |  47 +++++-
>   arch/powerpc/mm/mem.c                        |   2 +
>   arch/powerpc/platforms/powernv/setup.c       |   7 +
>   arch/powerpc/platforms/pseries/setup.c       |   7 +
>   23 files changed, 502 insertions(+), 42 deletions(-)
>   create mode 100644 arch/powerpc/include/asm/code-patching-asm.h
> 
> --
> ============================
> Manoj Iyer
> Ubuntu/Canonical
> ============================
> 

Applied to bionic/master-next branch.

Thanks,
Kleber

More information about the kernel-team mailing list