Merge tag 'powerpc-6.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

.. SPDX-License-Identifier: GPL-2.0-or-later

==========================================

DEXCR (Dynamic Execution Control Register)

==========================================

Overview

========

The DEXCR is a privileged special purpose register (SPR) introduced in

PowerPC ISA 3.1B (Power10) that allows per-cpu control over several dynamic

execution behaviours. These behaviours include speculation (e.g., indirect

branch target prediction) and enabling return-oriented programming (ROP)

protection instructions.

The execution control is exposed in hardware as up to 32 bits ('aspects') in

the DEXCR. Each aspect controls a certain behaviour, and can be set or cleared

to enable/disable the aspect. There are several variants of the DEXCR for

different purposes:

DEXCR

    A privileged SPR that can control aspects for userspace and kernel space

HDEXCR

    A hypervisor-privileged SPR that can control aspects for the hypervisor and

    enforce aspects for the kernel and userspace.

UDEXCR

    An optional ultravisor-privileged SPR that can control aspects for the ultravisor.

Userspace can examine the current DEXCR state using a dedicated SPR that

provides a non-privileged read-only view of the userspace DEXCR aspects.

There is also an SPR that provides a read-only view of the hypervisor enforced

aspects, which ORed with the userspace DEXCR view gives the effective DEXCR

state for a process.

Configuration

=============

The DEXCR is currently unconfigurable. All threads are run with the

NPHIE aspect enabled.

coredump and ptrace

===================

The userspace values of the DEXCR and HDEXCR (in this order) are exposed under

``NT_PPC_DEXCR``. These are each 64 bits and readonly, and are intended to

assist with core dumps. The DEXCR may be made writable in future. The top 32

bits of both registers (corresponding to the non-userspace bits) are masked off.

If the kernel config ``CONFIG_CHECKPOINT_RESTORE`` is enabled, then

``NT_PPC_HASHKEYR`` is available and exposes the HASHKEYR value of the process

for reading and writing. This is a tradeoff between increased security and

checkpoint/restore support: a process should normally have no need to know its

secret key, but restoring a process requires setting its original key. The key

therefore appears in core dumps, and an attacker may be able to retrieve it from

a coredump and effectively bypass ROP protection on any threads that share this

key (potentially all threads from the same parent that have not run ``exec()``).

    cxl

    cxlflash

    dawr-power9

    dexcr

    dscr

    eeh-pci-error-recovery

    elf_hwcaps

F:	arch/mips/kvm/

KERNEL VIRTUAL MACHINE FOR POWERPC (KVM/powerpc)

M:	Michael Ellerman <mpe@ellerman.id.au>

R:	Nicholas Piggin <npiggin@gmail.com>

L:	linuxppc-dev@lists.ozlabs.org

L:	kvm@vger.kernel.org

S:	Maintained (Book3S 64-bit HV)

S:	Odd fixes (Book3S 64-bit PR)

S:	Orphan (Book3E and 32-bit)

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git topic/ppc-kvm

F:	arch/powerpc/include/asm/kvm*

F:	arch/powerpc/include/uapi/asm/kvm*

F:	lib/test_linear_ranges.c

LINUX FOR POWER MACINTOSH

M:	Benjamin Herrenschmidt <benh@kernel.crashing.org>

L:	linuxppc-dev@lists.ozlabs.org

S:	Odd Fixes

S:	Orphan

F:	arch/powerpc/platforms/powermac/

F:	drivers/macintosh/

X:	drivers/macintosh/adb-iop.c

X:	drivers/macintosh/via-macii.c

LINUX FOR POWERPC (32-BIT AND 64-BIT)

M:	Michael Ellerman <mpe@ellerman.id.au>

	select HAVE_ARCH_KASAN			if PPC_RADIX_MMU

	select HAVE_ARCH_KASAN			if PPC_BOOK3E_64

	select HAVE_ARCH_KASAN_VMALLOC		if HAVE_ARCH_KASAN

	select HAVE_ARCH_KCSAN            	if PPC_BOOK3S_64

	select HAVE_ARCH_KCSAN

	select HAVE_ARCH_KFENCE			if ARCH_SUPPORTS_DEBUG_PAGEALLOC

	select HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET

	select HAVE_ARCH_WITHIN_STACK_FRAMES

	select HAVE_FUNCTION_DESCRIPTORS	if PPC64_ELF_ABI_V1

	select HAVE_FUNCTION_ERROR_INJECTION

	select HAVE_FUNCTION_GRAPH_TRACER

	select HAVE_FUNCTION_TRACER

	select HAVE_FUNCTION_TRACER		if PPC64 || (PPC32 && CC_IS_GCC)

	select HAVE_GCC_PLUGINS			if GCC_VERSION >= 50200   # plugin support on gcc <= 5.1 is buggy on PPC

	select HAVE_GENERIC_VDSO

	select HAVE_HARDLOCKUP_DETECTOR_ARCH	if PPC_BOOK3S_64 && SMP

	  If unsure, say "N".

config MPROFILE_KERNEL

	depends on PPC64 && CPU_LITTLE_ENDIAN && FUNCTION_TRACER

	def_bool $(success,$(srctree)/arch/powerpc/tools/gcc-check-mprofile-kernel.sh $(CC) -I$(srctree)/include -D__KERNEL__)

	depends on PPC64_ELF_ABI_V2 && FUNCTION_TRACER

	def_bool $(success,$(srctree)/arch/powerpc/tools/gcc-check-mprofile-kernel.sh $(CC) -mlittle-endian) if CPU_LITTLE_ENDIAN

	def_bool $(success,$(srctree)/arch/powerpc/tools/gcc-check-mprofile-kernel.sh $(CC) -mbig-endian) if CPU_BIG_ENDIAN

config HOTPLUG_CPU

	bool "Support for enabling/disabling CPUs"

	def_bool KEXEC_FILE

config PPC64_BIG_ENDIAN_ELF_ABI_V2

	bool "Build big-endian kernel using ELF ABI V2 (EXPERIMENTAL)"

	# Option is available to BFD, but LLD does not support ELFv1 so this is

	# always true there.

	prompt "Build big-endian kernel using ELF ABI V2" if LD_IS_BFD && EXPERT

	def_bool y

	depends on PPC64 && CPU_BIG_ENDIAN

	depends on CC_HAS_ELFV2

	depends on LD_VERSION >= 22400 || LLD_VERSION >= 150000

	help

	  This builds the kernel image using the "Power Architecture 64-Bit ELF

	  V2 ABI Specification", which has a reduced stack overhead and faster

	  it is less well tested by kernel and toolchain. However some distros

	  build userspace this way, and it can produce a functioning kernel.

	  This requires GCC and binutils 2.24 or newer.

config RELOCATABLE

	bool "Build a relocatable kernel"

	depends on PPC64 || (FLATMEM && (44x || PPC_85xx))

machine-$(CONFIG_CPU_LITTLE_ENDIAN) += le

UTS_MACHINE := $(subst $(space),,$(machine-y))

# XXX This needs to be before we override LD below

ifdef CONFIG_PPC32

KBUILD_LDFLAGS_MODULE += arch/powerpc/lib/crtsavres.o

else

ifeq ($(call ld-ifversion, -ge, 22500, y),y)

ifeq ($(CONFIG_PPC64)$(CONFIG_LD_IS_BFD),yy)

# Have the linker provide sfpr if possible.

# There is a corresponding test in arch/powerpc/lib/Makefile

KBUILD_LDFLAGS_MODULE += --save-restore-funcs

else

KBUILD_LDFLAGS_MODULE += arch/powerpc/lib/crtsavres.o

endif

endif

ifdef CONFIG_CPU_LITTLE_ENDIAN

KBUILD_CFLAGS	+= -mlittle-endian

KBUILD_CPPFLAGS	+= -I $(srctree)/arch/$(ARCH) $(asinstr)

KBUILD_AFLAGS	+= $(AFLAGS-y)

KBUILD_CFLAGS	+= $(call cc-option,-msoft-float)

KBUILD_CFLAGS	+= -pipe $(CFLAGS-y)

KBUILD_CFLAGS	+= $(CFLAGS-y)

CPP		= $(CC) -E $(KBUILD_CFLAGS)

CHECKFLAGS	+= -m$(BITS) -D__powerpc__ -D__powerpc$(BITS)__

endif

PHONY += checkbin

# Check toolchain versions:

# - gcc-4.6 is the minimum kernel-wide version so nothing required.

checkbin:

	@if test "x${CONFIG_LD_IS_LLD}" != "xy" -a \

		"x$(call ld-ifversion, -le, 22400, y)" = "xy" ; then \

		echo -n '*** binutils 2.24 miscompiles weak symbols ' ; \

		echo 'in some circumstances.' ; \

		echo    '*** binutils 2.23 do not define the TOC symbol ' ; \

		echo -n '*** Please use a different binutils version.' ; \

	@if test "x${CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT}" = "xy" -a \

		"x${CONFIG_LD_IS_BFD}" = "xy" -a \

		"${CONFIG_LD_VERSION}" = "23700" ; then \

		echo -n '*** binutils 2.37 drops unused section symbols, which recordmcount ' ; \

		echo 'is unable to handle.' ; \

		echo '*** Please use a different binutils version.' ; \

		false ; \

	fi