[mirror_ubuntu-bionic-kernel.git] / arch / powerpc / include / asm / security_features.h

/* SPDX-License-Identifier: GPL-2.0+ */
/*
 * Security related feature bit definitions.
 *
 * Copyright 2018, Michael Ellerman, IBM Corporation.
 */

#ifndef _ASM_POWERPC_SECURITY_FEATURES_H
#define _ASM_POWERPC_SECURITY_FEATURES_H


extern unsigned long powerpc_security_features;
extern bool rfi_flush;

/* These are bit flags */
enum stf_barrier_type {
	STF_BARRIER_NONE	= 0x1,
	STF_BARRIER_FALLBACK	= 0x2,
	STF_BARRIER_EIEIO	= 0x4,
	STF_BARRIER_SYNC_ORI	= 0x8,
};

void setup_stf_barrier(void);
void do_stf_barrier_fixups(enum stf_barrier_type types);

static inline void security_ftr_set(unsigned long feature)
{
	powerpc_security_features |= feature;
}

static inline void security_ftr_clear(unsigned long feature)
{
	powerpc_security_features &= ~feature;
}

static inline bool security_ftr_enabled(unsigned long feature)
{
	return !!(powerpc_security_features & feature);
}


// Features indicating support for Spectre/Meltdown mitigations

// The L1-D cache can be flushed with ori r30,r30,0
#define SEC_FTR_L1D_FLUSH_ORI30		0x0000000000000001ull

// The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2)
#define SEC_FTR_L1D_FLUSH_TRIG2		0x0000000000000002ull

// ori r31,r31,0 acts as a speculation barrier
#define SEC_FTR_SPEC_BAR_ORI31		0x0000000000000004ull

// Speculation past bctr is disabled
#define SEC_FTR_BCCTRL_SERIALISED	0x0000000000000008ull

// Entries in L1-D are private to a SMT thread
#define SEC_FTR_L1D_THREAD_PRIV		0x0000000000000010ull

// Indirect branch prediction cache disabled
#define SEC_FTR_COUNT_CACHE_DISABLED	0x0000000000000020ull


// Features indicating need for Spectre/Meltdown mitigations

// The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to guest)
#define SEC_FTR_L1D_FLUSH_HV		0x0000000000000040ull

// The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to userspace)
#define SEC_FTR_L1D_FLUSH_PR		0x0000000000000080ull

// A speculation barrier should be used for bounds checks (Spectre variant 1)
#define SEC_FTR_BNDS_CHK_SPEC_BAR	0x0000000000000100ull

// Firmware configuration indicates user favours security over performance
#define SEC_FTR_FAVOUR_SECURITY		0x0000000000000200ull


// Features enabled by default
#define SEC_FTR_DEFAULT \
	(SEC_FTR_L1D_FLUSH_HV | \
	 SEC_FTR_L1D_FLUSH_PR | \
	 SEC_FTR_BNDS_CHK_SPEC_BAR | \
	 SEC_FTR_FAVOUR_SECURITY)

#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */
Commit	Line	Data
6e61041f ME	1	/* SPDX-License-Identifier: GPL-2.0+ */
	2	/*
	3	* Security related feature bit definitions.
	4	*
	5	* Copyright 2018, Michael Ellerman, IBM Corporation.
	6	*/
	7
	8	#ifndef _ASM_POWERPC_SECURITY_FEATURES_H
	9	#define _ASM_POWERPC_SECURITY_FEATURES_H
	10
	11
	12	extern unsigned long powerpc_security_features;
a11b7f41	13	extern bool rfi_flush;
6e61041f	14
cc437c1d NP	15	/* These are bit flags */
	16	enum stf_barrier_type {
	17	STF_BARRIER_NONE = 0x1,
	18	STF_BARRIER_FALLBACK = 0x2,
	19	STF_BARRIER_EIEIO = 0x4,
	20	STF_BARRIER_SYNC_ORI = 0x8,
	21	};
	22
	23	void setup_stf_barrier(void);
	24	void do_stf_barrier_fixups(enum stf_barrier_type types);
	25
6e61041f ME	26	static inline void security_ftr_set(unsigned long feature)
	27	{
	28	powerpc_security_features \|= feature;
	29	}
	30
	31	static inline void security_ftr_clear(unsigned long feature)
	32	{
	33	powerpc_security_features &= ~feature;
	34	}
	35
	36	static inline bool security_ftr_enabled(unsigned long feature)
	37	{
	38	return !!(powerpc_security_features & feature);
	39	}
	40
	41
	42	// Features indicating support for Spectre/Meltdown mitigations
	43
	44	// The L1-D cache can be flushed with ori r30,r30,0
	45	#define SEC_FTR_L1D_FLUSH_ORI30 0x0000000000000001ull
	46
	47	// The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2)
	48	#define SEC_FTR_L1D_FLUSH_TRIG2 0x0000000000000002ull
	49
	50	// ori r31,r31,0 acts as a speculation barrier
	51	#define SEC_FTR_SPEC_BAR_ORI31 0x0000000000000004ull
	52
	53	// Speculation past bctr is disabled
	54	#define SEC_FTR_BCCTRL_SERIALISED 0x0000000000000008ull
	55
	56	// Entries in L1-D are private to a SMT thread
	57	#define SEC_FTR_L1D_THREAD_PRIV 0x0000000000000010ull
	58
	59	// Indirect branch prediction cache disabled
	60	#define SEC_FTR_COUNT_CACHE_DISABLED 0x0000000000000020ull
	61
	62
	63	// Features indicating need for Spectre/Meltdown mitigations
	64
	65	// The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to guest)
	66	#define SEC_FTR_L1D_FLUSH_HV 0x0000000000000040ull
	67
	68	// The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to userspace)
	69	#define SEC_FTR_L1D_FLUSH_PR 0x0000000000000080ull
	70
	71	// A speculation barrier should be used for bounds checks (Spectre variant 1)
	72	#define SEC_FTR_BNDS_CHK_SPEC_BAR 0x0000000000000100ull
	73
	74	// Firmware configuration indicates user favours security over performance
	75	#define SEC_FTR_FAVOUR_SECURITY 0x0000000000000200ull
	76
35cfd685 MFO	77
	78	// Features enabled by default
	79	#define SEC_FTR_DEFAULT \
	80	(SEC_FTR_L1D_FLUSH_HV \| \
	81	SEC_FTR_L1D_FLUSH_PR \| \
	82	SEC_FTR_BNDS_CHK_SPEC_BAR \| \
	83	SEC_FTR_FAVOUR_SECURITY)
	84
6e61041f	85	#endif /* _ASM_POWERPC_SECURITY_FEATURES_H */