Re: [PATCH v2 1/2] powerpc/powernv: Get L1D flush requirements from device-tree

From: Joel Stanley <joel@jms.id.au>
To: Russell Currey <ruscur@russell.cc>
Cc: "Murilo Opsfelder Araújo" <mopsfelder@gmail.com>,
	linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
	"Nicholas Piggin" <npiggin@gmail.com>
Subject: Re: [PATCH v2 1/2] powerpc/powernv: Get L1D flush requirements from device-tree
Date: Tue, 5 Apr 2022 02:49:21 +0000	[thread overview]
Message-ID: <CACPK8XdifXFmjCJL3KDu8PJi4KLKWnOBeq86wZvN0kiHGQ=JHw@mail.gmail.com> (raw)
In-Reply-To: <20220404101536.104794-1-ruscur@russell.cc>

On Mon, 4 Apr 2022 at 10:15, Russell Currey <ruscur@russell.cc> wrote:
>
> The device-tree properties no-need-l1d-flush-msr-pr-1-to-0 and
> no-need-l1d-flush-kernel-on-user-access are the equivalents of
> H_CPU_BEHAV_NO_L1D_FLUSH_ENTRY and H_CPU_BEHAV_NO_L1D_FLUSH_UACCESS
> from the H_GET_CPU_CHARACTERISTICS hcall on pseries respectively.
>
> In commit d02fa40d759f ("powerpc/powernv: Remove POWER9 PVR version
> check for entry and uaccess flushes") the condition for disabling the
> L1D flush on kernel entry and user access was changed from any non-P9
> CPU to only checking P7 and P8.  Without the appropriate device-tree
> checks for newer processors on powernv, these flushes are unnecessarily
> enabled on those systems.  This patch corrects this.
>
> Fixes: d02fa40d759f ("powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes")
> Reported-by: Joel Stanley <joel@jms.id.au>
> Signed-off-by: Russell Currey <ruscur@russell.cc>

I booted both patches in this series on a power10 powernv machine,
applied on top of v5.18-rc1:

$ dmesg |grep -i flush
[    0.000000] rfi-flush: fallback displacement flush available
[    0.000000] rfi-flush: patched 12 locations (no flush)
[    0.000000] count-cache-flush: flush disabled.
[    0.000000] link-stack-flush: flush disabled.

$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/itlb_multihit:Not affected
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
pointer sanitization, ori31 speculation barrier enabled
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation:
Software count cache flush (hardware accelerated), Software link stack
flush
/sys/devices/system/cpu/vulnerabilities/srbds:Not affected
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected

Does that match what we expect?

Cheers,

Joel

> ---
>  arch/powerpc/platforms/powernv/setup.c | 6 ++++++
>  1 file changed, 6 insertions(+)
>
> diff --git a/arch/powerpc/platforms/powernv/setup.c b/arch/powerpc/platforms/powernv/setup.c
> index 105d889abd51..378f7e5f18d2 100644
> --- a/arch/powerpc/platforms/powernv/setup.c
> +++ b/arch/powerpc/platforms/powernv/setup.c
> @@ -96,6 +96,12 @@ static void __init init_fw_feat_flags(struct device_node *np)
>
>         if (fw_feature_is("disabled", "needs-spec-barrier-for-bound-checks", np))
>                 security_ftr_clear(SEC_FTR_BNDS_CHK_SPEC_BAR);
> +
> +       if (fw_feature_is("enabled", "no-need-l1d-flush-msr-pr-1-to-0", np))
> +               security_ftr_clear(SEC_FTR_L1D_FLUSH_ENTRY);
> +
> +       if (fw_feature_is("enabled", "no-need-l1d-flush-kernel-on-user-access", np))
> +               security_ftr_clear(SEC_FTR_L1D_FLUSH_UACCESS);
>  }
>
>  static void __init pnv_setup_security_mitigations(void)
> --
> 2.35.1
>