From 8126b694f8dbf39fde23bc974de2e070092ab939 Mon Sep 17 00:00:00 2001 From: Michael Ellerman Date: Wed, 10 Jan 2018 23:36:50 +0530 Subject: [PATCH 12/26] UBUNTU: SAUCE: rfi-flush: Make it possible to call setup_rfi_flush() again CVE-2017-5754 For PowerVM migration we want to be able to call setup_rfi_flush() again after we've migrated the partition. To support that we need to check that we're not trying to allocate the fallback flush area after memblock has gone away. If so we just fail, we don't support migrating from a patched to an unpatched machine. Or we do support it, but there will be no RFI flush enabled on the destination. Signed-off-by: Michael Ellerman [mauricfo: s/ppc64_caches.l1d.size/ppc64_caches.dsize/] Signed-off-by: Mauricio Faria de Oliveira Signed-off-by: Stefan Bader --- arch/powerpc/kernel/setup_64.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/kernel/setup_64.c b/arch/powerpc/kernel/setup_64.c index f52190f..51a17a7 100644 --- a/arch/powerpc/kernel/setup_64.c +++ b/arch/powerpc/kernel/setup_64.c @@ -772,11 +772,22 @@ void rfi_flush_enable(bool enable) rfi_flush = enable; } -static void init_fallback_flush(void) +static bool init_fallback_flush(void) { u64 l1d_size, limit; int cpu; + if (l1d_flush_fallback_area) + return true; + + /* + * Once the slab allocator is up it's too late to allocate the fallback + * flush area, so return an error. This could happen if we migrated from + * a patched machine to an unpatched machine. + */ + if (slab_is_available()) + return false; + l1d_size = ppc64_caches.dsize; limit = min(safe_stack_limit(), ppc64_rma_size); @@ -803,13 +814,19 @@ static void init_fallback_flush(void) paca[cpu].l1d_flush_congruence = c; paca[cpu].l1d_flush_sets = c / 128; } + + return true; } void setup_rfi_flush(enum l1d_flush_type types, bool enable) { if (types & L1D_FLUSH_FALLBACK) { - pr_info("rfi-flush: Using fallback displacement flush\n"); - init_fallback_flush(); + if (init_fallback_flush()) + pr_info("rfi-flush: Using fallback displacement flush\n"); + else { + pr_warn("rfi-flush: Error unable to use fallback displacement flush!\n"); + types &= ~L1D_FLUSH_FALLBACK; + } } if (types & L1D_FLUSH_ORI) -- 2.7.4