Skip to content
Navigation Menu
Toggle navigation
Sign in
In this repository
All GitHub Enterprise
↵
Jump to
↵
No suggested jump to results
In this repository
All GitHub Enterprise
↵
Jump to
↵
In this organization
All GitHub Enterprise
↵
Jump to
↵
In this repository
All GitHub Enterprise
↵
Jump to
↵
Sign in
Reseting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
mariux64
/
linux
Public
Notifications
You must be signed in to change notification settings
Fork
0
Star
0
Code
Issues
2
Pull requests
0
Actions
Projects
0
Wiki
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights
Files
31ebc2f
Documentation
LICENSES
arch
alpha
arc
arm
arm64
c6x
h8300
hexagon
ia64
m68k
microblaze
mips
nds32
nios2
openrisc
parisc
powerpc
boot
configs
crypto
include
asm
book3s
nohash
8xx_immap.h
Kbuild
accounting.h
agp.h
archrandom.h
asm-405.h
asm-compat.h
asm-const.h
asm-offsets.h
asm-prototypes.h
async_tx.h
atomic.h
backlight.h
barrier.h
bitops.h
bootx.h
btext.h
bug.h
bugs.h
cache.h
cacheflush.h
cell-pmu.h
cell-regs.h
checksum.h
cmpxchg.h
code-patching-asm.h
code-patching.h
compat.h
context_tracking.h
copro.h
cpm.h
cpm1.h
cpm2.h
cpu_has_feature.h
cpufeature.h
cpuidle.h
cputable.h
cputhreads.h
cputime.h
current.h
dbdma.h
dbell.h
dcr-generic.h
dcr-mmio.h
dcr-native.h
dcr-regs.h
dcr.h
debug.h
debugfs.h
delay.h
device.h
disassemble.h
dma-direct.h
dma-mapping.h
dma.h
drmem.h
dt_cpu_ftrs.h
edac.h
eeh.h
eeh_event.h
ehv_pic.h
elf.h
emergency-restart.h
emulated_ops.h
epapr_hcalls.h
exception-64e.h
exception-64s.h
exec.h
extable.h
fadump.h
fb.h
feature-fixups.h
firmware.h
fixmap.h
floppy.h
fs_pd.h
fsl_85xx_cache_sram.h
fsl_gtm.h
fsl_hcalls.h
fsl_lbc.h
fsl_pamu_stash.h
fsl_pm.h
ftrace.h
futex.h
grackle.h
hardirq.h
head-64.h
heathrow.h
highmem.h
hmi.h
hugetlb.h
hvcall.h
hvconsole.h
hvcserver.h
hvsi.h
hw_breakpoint.h
hw_irq.h
hydra.h
i8259.h
ibmebus.h
icswx.h
ide.h
ima.h
imc-pmu.h
immap_cpm2.h
io-defs.h
io-workarounds.h
io.h
io_event_irq.h
iommu.h
ipic.h
irq.h
irq_work.h
irqflags.h
isa-bridge.h
jump_label.h
kdebug.h
kdump.h
kexec.h
keylargo.h
kgdb.h
kmap_types.h
kprobes.h
kup.h
kvm_asm.h
kvm_book3s.h
kvm_book3s_32.h
kvm_book3s_64.h
kvm_book3s_asm.h
kvm_booke.h
kvm_booke_hv_asm.h
kvm_fpu.h
kvm_host.h
kvm_para.h
kvm_ppc.h
libata-portmap.h
linkage.h
livepatch.h
local.h
lppaca.h
lv1call.h
machdep.h
macio.h
mc146818rtc.h
mce.h
mediabay.h
membarrier.h
mm-arch-hooks.h
mman.h
mmu-40x.h
mmu-44x.h
mmu-8xx.h
mmu-book3e.h
mmu.h
mmu_context.h
mmzone.h
module.h
mpc5121.h
mpc52xx.h
mpc52xx_psc.h
mpc5xxx.h
mpc6xx.h
mpc8260.h
mpc85xx.h
mpic.h
mpic_msgr.h
mpic_timer.h
msi_bitmap.h
nmi.h
nvram.h
ohare.h
opal-api.h
opal.h
oprofile_impl.h
paca.h
page.h
page_32.h
page_64.h
parport.h
pasemi_dma.h
pci-bridge.h
pci.h
percpu.h
perf_event.h
perf_event_fsl_emb.h
perf_event_server.h
pgalloc.h
pgtable-be-types.h
pgtable-types.h
pgtable.h
pkeys.h
plpar_wrappers.h
pmac_feature.h
pmac_low_i2c.h
pmac_pfunc.h
pmc.h
pmi.h
pnv-ocxl.h
pnv-pci.h
powernv.h
ppc-opcode.h
ppc-pci.h
ppc4xx.h
ppc4xx_ocm.h
ppc_asm.h
probes.h
processor.h
prom.h
ps3.h
ps3av.h
ps3gpu.h
ps3stor.h
pte-common.h
pte-walk.h
ptrace.h
reg.h
reg_8xx.h
reg_a2.h
reg_booke.h
reg_fsl_emb.h
rheap.h
rio.h
rtas.h
runlatch.h
scom.h
seccomp.h
sections.h
security_features.h
serial.h
setjmp.h
setup.h
sfp-machine.h
shmparam.h
signal.h
slice.h
smp.h
smu.h
sparsemem.h
spinlock.h
spinlock_types.h
spu.h
spu_csa.h
spu_info.h
spu_priv1.h
sstep.h
stacktrace.h
string.h
swab.h
swiotlb.h
switch_to.h
synch.h
syscall.h
syscalls.h
systbl.h
tce.h
termios.h
thread_info.h
time.h
timex.h
tlb.h
tlbflush.h
tm.h
topology.h
trace.h
trace_clock.h
tsi108.h
tsi108_irq.h
tsi108_pci.h
types.h
uaccess.h
udbg.h
uic.h
unaligned.h
uninorth.h
unistd.h
uprobes.h
user.h
vas.h
vdso.h
vdso_datapage.h
vga.h
vio.h
word-at-a-time.h
xics.h
xilinx_intc.h
xilinx_pci.h
xive-regs.h
xive.h
xmon.h
xor.h
xor_altivec.h
uapi
kernel
kvm
lib
math-emu
mm
net
oprofile
perf
platforms
purgatory
sysdev
tools
xmon
Kconfig
Kconfig.debug
Makefile
Makefile.postlink
riscv
s390
sh
sparc
um
unicore32
x86
xtensa
.gitignore
Kconfig
block
certs
crypto
drivers
firmware
fs
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
tools
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile
README
Breadcrumbs
linux
/
arch
/
powerpc
/
include
/
asm
/
security_features.h
Blame
Blame
Latest commit
History
History
102 lines (73 loc) · 3.03 KB
Breadcrumbs
linux
/
arch
/
powerpc
/
include
/
asm
/
security_features.h
Top
File metadata and controls
Code
Blame
102 lines (73 loc) · 3.03 KB
Raw
/* SPDX-License-Identifier: GPL-2.0+ */ /* * Security related feature bit definitions. * * Copyright 2018, Michael Ellerman, IBM Corporation. */ #ifndef _ASM_POWERPC_SECURITY_FEATURES_H #define _ASM_POWERPC_SECURITY_FEATURES_H extern unsigned long powerpc_security_features; extern bool rfi_flush; /* These are bit flags */ enum stf_barrier_type { STF_BARRIER_NONE = 0x1, STF_BARRIER_FALLBACK = 0x2, STF_BARRIER_EIEIO = 0x4, STF_BARRIER_SYNC_ORI = 0x8, }; void setup_stf_barrier(void); void do_stf_barrier_fixups(enum stf_barrier_type types); void setup_count_cache_flush(void); static inline void security_ftr_set(unsigned long feature) { powerpc_security_features |= feature; } static inline void security_ftr_clear(unsigned long feature) { powerpc_security_features &= ~feature; } static inline bool security_ftr_enabled(unsigned long feature) { return !!(powerpc_security_features & feature); } // Features indicating support for Spectre/Meltdown mitigations // The L1-D cache can be flushed with ori r30,r30,0 #define SEC_FTR_L1D_FLUSH_ORI30 0x0000000000000001ull // The L1-D cache can be flushed with mtspr 882,r0 (aka SPRN_TRIG2) #define SEC_FTR_L1D_FLUSH_TRIG2 0x0000000000000002ull // ori r31,r31,0 acts as a speculation barrier #define SEC_FTR_SPEC_BAR_ORI31 0x0000000000000004ull // Speculation past bctr is disabled #define SEC_FTR_BCCTRL_SERIALISED 0x0000000000000008ull // Entries in L1-D are private to a SMT thread #define SEC_FTR_L1D_THREAD_PRIV 0x0000000000000010ull // Indirect branch prediction cache disabled #define SEC_FTR_COUNT_CACHE_DISABLED 0x0000000000000020ull // bcctr 2,0,0 triggers a hardware assisted count cache flush #define SEC_FTR_BCCTR_FLUSH_ASSIST 0x0000000000000800ull // Features indicating need for Spectre/Meltdown mitigations // The L1-D cache should be flushed on MSR[HV] 1->0 transition (hypervisor to guest) #define SEC_FTR_L1D_FLUSH_HV 0x0000000000000040ull // The L1-D cache should be flushed on MSR[PR] 0->1 transition (kernel to userspace) #define SEC_FTR_L1D_FLUSH_PR 0x0000000000000080ull // A speculation barrier should be used for bounds checks (Spectre variant 1) #define SEC_FTR_BNDS_CHK_SPEC_BAR 0x0000000000000100ull // Firmware configuration indicates user favours security over performance #define SEC_FTR_FAVOUR_SECURITY 0x0000000000000200ull // Software required to flush count cache on context switch #define SEC_FTR_FLUSH_COUNT_CACHE 0x0000000000000400ull // Software required to flush link stack on context switch #define SEC_FTR_FLUSH_LINK_STACK 0x0000000000001000ull // The L1-D cache should be flushed when entering the kernel #define SEC_FTR_L1D_FLUSH_ENTRY 0x0000000000004000ull // The L1-D cache should be flushed after user accesses from the kernel #define SEC_FTR_L1D_FLUSH_UACCESS 0x0000000000008000ull // Features enabled by default #define SEC_FTR_DEFAULT \ (SEC_FTR_L1D_FLUSH_HV | \ SEC_FTR_L1D_FLUSH_PR | \ SEC_FTR_BNDS_CHK_SPEC_BAR | \ SEC_FTR_L1D_FLUSH_ENTRY | \ SEC_FTR_L1D_FLUSH_UACCESS | \ SEC_FTR_FAVOUR_SECURITY) #endif /* _ASM_POWERPC_SECURITY_FEATURES_H */
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
You can’t perform that action at this time.