Commit d02fa40d authored by Nicholas Piggin's avatar Nicholas Piggin Committed by Michael Ellerman

powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes

These aren't necessarily POWER9 only, and it's not to say some new
vulnerability may not get discovered on other processors for which
we would like the flexibility of having the workaround enabled by
firmware.

Remove the restriction that the workarounds only apply to POWER9.

However POWER7 and POWER8 are not affected, and they may not have
older firmware that does not advertise this, so clear these workarounds
manually.
Signed-off-by: default avatarNicholas Piggin <npiggin@gmail.com>
Reviewed-by: default avatarJoel Stanley <joel@jms.id.au>
[mpe: Incorporate changes from Nick, reword comment slightly.]
Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20210503130243.891868-5-npiggin@gmail.com
parent a1d2b210
......@@ -123,10 +123,14 @@ static void pnv_setup_security_mitigations(void)
}
/*
* If we are non-Power9 bare metal, we don't need to flush on kernel
* entry or after user access: they fix a P9 specific vulnerability.
* The issues addressed by the entry and uaccess flush don't affect P7
* or P8, so on bare metal disable them explicitly in case firmware does
* not include the features to disable them. POWER9 and newer processors
* should have the appropriate firmware flags.
*/
if (!pvr_version_is(PVR_POWER9)) {
if (pvr_version_is(PVR_POWER7) || pvr_version_is(PVR_POWER7p) ||
pvr_version_is(PVR_POWER8E) || pvr_version_is(PVR_POWER8NVL) ||
pvr_version_is(PVR_POWER8)) {
security_ftr_clear(SEC_FTR_L1D_FLUSH_ENTRY);
security_ftr_clear(SEC_FTR_L1D_FLUSH_UACCESS);
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment