------- Comment on attachment From [email protected] 2019-04-12 05:43 EDT-------
Hi Manoj, thank you. I attached a tarball with patches - in addition to that one it looked best to add these in: 8cf4c05712f0 powerpc/lib/code-patching: refactor patch_instruction() 8183d99f4a22 powerpc/lib/feature-fixups: use raw_patch_instruction() 51c3c62b58b3 powerpc: Avoid code patching freed init sections b45ba4a51cde powerpc/lib: fix book3s/32 boot failure due to code patching The first two are just pre-reqs to keep it cleaner, but since 37bc3e5fd764 is in that seems the right thing to do. The last mostly fixes an error on 32 bit ppc kernels, which aren't supported, but this keeps it closer to upstream in the event of needing some further changes and cleans it up. I tested this with: root@ltc-wspoon5:/home/mranweil# echo 0 > /sys/kernel/debug/powerpc/barrier_nospec root@ltc-wspoon5:/home/mranweil# dmesg |grep -i skip [ 345.961730] Skipping init section patching addr: 0xc0000000010e2b1c root@ltc-wspoon5:/home/mranweil# In addition to the previous tests. ** Attachment added: "tarball of patches for bionic with additional pre-reqs" https://bugs.launchpad.net/bugs/1822870/+attachment/5255147/+files/dd23spectre-patches-bionic.tgz -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1822870 Title: Backport support for software count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3) Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: In Progress Bug description: For the different kernels: The HWE a563fd9c62f0 UBUNTU: Ubuntu-hwe-4.18.0-17.18~18.04.1 appears to have all patches. Disco appears to be missing only this patch: 92edf8df0ff2ae86cc632eeca0e651fd8431d40d powerpc/security: Fix spectre_v2 reporting Cosmic (which is supported until July) is missing a number of patches: cf175dc315f90185128fb061dc05b6fbb211aa2f powerpc/64: Disable the speculation barrier from the command line 6453b532f2c8856a80381e6b9a1f5ea2f12294df powerpc/64: Make stf barrier PPC_BOOK3S_64 specific. 179ab1cbf883575c3a585bcfc0f2160f1d22a149 powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC af375eefbfb27cbb5b831984e66d724a40d26b5c powerpc/64: Call setup_barrier_nospec() from setup_arch() 406d2b6ae3420f5bb2b3db6986dc6f0b6dbb637b powerpc/64: Make meltdown reporting Book3S 64 specific 06d0bbc6d0f56dacac3a79900e9a9a0d5972d818 powerpc/asm: Add a patch_site macro & helpers for patching instructions dc8c6cce9a26a51fc19961accb978217a3ba8c75 powerpc/64s: Add new security feature flags for count cache flush ee13cb249fabdff8b90aaff61add347749280087 powerpc/64s: Add support for software count cache flush ba72dc171954b782a79d25e0f4b3ed91090c3b1e powerpc/pseries: Query hypervisor for count cache flush settings 99d54754d3d5f896a8f616b0b6520662bc99d66b powerpc/powernv: Query firmware for count cache flush settings 7d8bad99ba5a22892f0cad6881289fdc3875a930 powerpc/fsl: Fix spectre_v2 mitigations reporting 92edf8df0ff2ae86cc632eeca0e651fd8431d40d powerpc/security: Fix spectre_v2 reporting This appears to already be in -next. For the bionic 18.04.1 (4.15) kernel only this patch is already part of master-next: a6b3964ad71a61bb7c61d80a60bea7d42187b2eb powerpc/64s: Add barrier_nospec The others are ported, there were only 3 that were not clean. Those are: 2eea7f067f495e33b8b116b35b5988ab2b8aec55 powerpc/64s: Add support for ori barrier_nospec patching This failed because commit a048a07d7f4535baa4cbad6bc024f175317ab938 is missing, but it does not look like that is required here. cb3d6759a93c6d0aea1c10deb6d00e111c29c19c powerpc/64s: Enable barrier_nospec based on firmware settings This failed because debugfs was already included, I can see that previously added, I didn't see where it was previously removed. 06d0bbc6d0f56dacac3a79900e9a9a0d5972d818 powerpc/asm: Add a patch_site macro & helpers for patching instructions This failed because 8183d99f4a22c is not included - but doesn't seem necessary. All other patches applied with, at most, some fuzz. Has had a little testing - boots, check debugfs, etc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1822870/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
