selftests/powerpc: rfi_flush: disable entry flush if present

We are about to add an entry flush. The rfi (exit) flush test measures
the number of L1D flushes over a syscall with the RFI flush enabled and
disabled. But if the entry flush is also enabled, the effect of enabling
and disabling the RFI flush is masked.

If there is a debugfs entry for the entry flush, disable it during the RFI
flush and restore it later.

Reported-by: Spoorthy S <spoorts2@in.ibm.com>
Signed-off-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Daniel Axtens <dja@axtens.net>
CVE-2020-4788
(backported from commit fcb48454c23c5679d1a2e252f127642e91b05cbe)
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Acked-by: Juerg Haefliger <juerg.haefliger@canonical.com>

diff --git a/tools/testing/selftests/powerpc/security/rfi_flush.c b/tools/testing/selftests/powerpc/security/rfi_flush.c
index 0a7d0afb26b88529406fe2543dde1d5a6e7a1092..533315e68133d80f2f68a38706ef964408b9e8d0 100644 (file)
--- a/tools/testing/selftests/powerpc/security/rfi_flush.c
+++ b/tools/testing/selftests/powerpc/security/rfi_flush.c
@@ -50,16 +50,30 @@ int rfi_flush_test(void)
        __u64 l1d_misses_total = 0;
        unsigned long iterations = 100000, zero_size = 24 * 1024;
        unsigned long l1d_misses_expected;
-       int rfi_flush_org, rfi_flush;
+       int rfi_flush_orig, rfi_flush;
+       int have_entry_flush, entry_flush_orig;
 
        SKIP_IF(geteuid() != 0);
 
-       if (read_debugfs_file("powerpc/rfi_flush", &rfi_flush_org)) {
+       if (read_debugfs_file("powerpc/rfi_flush", &rfi_flush_orig) < 0) {
                perror("Unable to read powerpc/rfi_flush debugfs file");
                SKIP_IF(1);
        }
 
-       rfi_flush = rfi_flush_org;
+       if (read_debugfs_file("powerpc/entry_flush", &entry_flush_orig) < 0) {
+               have_entry_flush = 0;
+       } else {
+               have_entry_flush = 1;
+
+               if (entry_flush_orig != 0) {
+                       if (write_debugfs_file("powerpc/entry_flush", 0) < 0) {
+                               perror("error writing to powerpc/entry_flush debugfs file");
+                               return 1;
+                       }
+               }
+       }
+
+       rfi_flush = rfi_flush_orig;
 
        fd = perf_event_open_counter(PERF_TYPE_RAW, /* L1d miss */ 0x400f0, -1);
        FAIL_IF(fd < 0);
@@ -68,6 +82,7 @@ int rfi_flush_test(void)
 
        FAIL_IF(perf_event_enable(fd));
 
+       // disable L1 prefetching
        set_dscr(1);
 
        iter = repetitions;
@@ -109,8 +124,8 @@ again:
                       repetitions * l1d_misses_expected / 2,
                       passes, repetitions);
 
-       if (rfi_flush == rfi_flush_org) {
-               rfi_flush = !rfi_flush_org;
+       if (rfi_flush == rfi_flush_orig) {
+               rfi_flush = !rfi_flush_orig;
                if (write_debugfs_file("powerpc/rfi_flush", rfi_flush) < 0) {
                        perror("error writing to powerpc/rfi_flush debugfs file");
                        return 1;
@@ -126,11 +141,19 @@ again:
 
        set_dscr(0);
 
-       if (write_debugfs_file("powerpc/rfi_flush", rfi_flush_org) < 0) {
+       if (write_debugfs_file("powerpc/rfi_flush", rfi_flush_orig) < 0) {
                perror("unable to restore original value of powerpc/rfi_flush debugfs file");
                return 1;
        }
 
+       if (have_entry_flush) {
+               if (write_debugfs_file("powerpc/entry_flush", entry_flush_orig) < 0) {
+                       perror("unable to restore original value of powerpc/entry_flush "
+                              "debugfs file");
+                       return 1;
+               }
+       }
+
        return rc;
 }