UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious

CVE-2017-5754 BugLink: http://bugs.launchpad.net/bugs/1742772 Assume we need to do the fallback flush, unless firmware tells us explicitly not to, by having the two needs-l1d-flush properties set to disabled. The previous logic assumed that the existence of a "fw-features" node with no further properties was sufficient to indicate the flush wasn't needed. This should make no difference in practice with current firmwares, because the "fw-features" node has only just been introduced, so there are no machines in the wild which have an empty "fw-features" node. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>

UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious
CVE-2017-5754 BugLink: http://bugs.launchpad.net/bugs/1742772 Assume we need to do the fallback flush, unless firmware tells us explicitly not to, by having the two needs-l1d-flush properties set to disabled. The previous logic assumed that the existence of a "fw-features" node with no further properties was sufficient to indicate the flush wasn't needed. This should make no difference in practice with current firmwares, because the "fw-features" node has only just been introduced, so there are no machines in the wild which have an empty "fw-features" node. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
88424261 · Michael Ellerman · Marcelo Henrique Cerri · ee71154e · 88424261
Commit 88424261 authored Jan 07, 2018 by Michael Ellerman Committed by Marcelo Henrique Cerri Jan 12, 2018
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 12 deletions

arch/powerpc/platforms/powernv/setup.c arch/powerpc/platforms/powernv/setup.c +9 -12

No files found.
--- a/arch/powerpc/platforms/powernv/setup.c
+++ b/arch/powerpc/platforms/powernv/setup.c
@@ -43,20 +43,17 @@ static void pnv_setup_rfi_flush(void)
 {
 	struct device_node *np, *fw_features;
 	enum l1d_flush_type type;
-	bool enable;
+	int enable;
 	/* Default to fallback in case fw-features are not available */
 	type = L1D_FLUSH_FALLBACK;
-	enable = true;
+	enable = 1;
 	np = of_find_node_by_name(NULL, "ibm,opal");
 	fw_features = of_get_child_by_name(np, "fw-features");
 	of_node_put(np);
 	if (fw_features) {
-		/* Default to no flush, unless firmware says otherwise */
-		type = L1D_FLUSH_NONE;
 		np = of_get_child_by_name(fw_features, "inst-l1d-flush-trig2");
 		if (np && of_property_read_bool(np, "enabled"))
 			type = L1D_FLUSH_MTTRIG;
@@ -69,23 +66,23 @@ static void pnv_setup_rfi_flush(void)
 		of_node_put(np);
-		/* Don't enable unless firmware says so */
+		/* Enable unless firmware says NOT to */
-		enable = false;
+		enable = 2;
 		np = of_get_child_by_name(fw_features, "needs-l1d-flush-msr-hv-1-to-0");
-		if (np && of_property_read_bool(np, "enabled"))
+		if (np && of_property_read_bool(np, "disabled"))
-			enable = true;
+			enable--;
 		of_node_put(np);
 		np = of_get_child_by_name(fw_features, "needs-l1d-flush-msr-pr-0-to-1");
-		if (np && of_property_read_bool(np, "enabled"))
+		if (np && of_property_read_bool(np, "disabled"))
-			enable = true;
+			enable--;
 		of_node_put(np);
 		of_node_put(fw_features);
 	}
-	setup_rfi_flush(type, enable);
+	setup_rfi_flush(type, enable > 0);
 }
 static void __init pnv_setup_arch(void)