From nobody Sun Nov 9 14:51:28 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1551244826371435.64710286605475; Tue, 26 Feb 2019 21:20:26 -0800 (PST) Received: from localhost ([127.0.0.1]:38152 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gyrde-0001FR-IN for importer@patchew.org; Wed, 27 Feb 2019 00:20:14 -0500 Received: from eggs.gnu.org ([209.51.188.92]:55676) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gyrcj-0000tv-Ge for qemu-devel@nongnu.org; Wed, 27 Feb 2019 00:19:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gyrch-00066g-E6 for qemu-devel@nongnu.org; Wed, 27 Feb 2019 00:19:17 -0500 Received: from mail-pf1-x444.google.com ([2607:f8b0:4864:20::444]:43986) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gyrcb-00063O-NU; Wed, 27 Feb 2019 00:19:10 -0500 Received: by mail-pf1-x444.google.com with SMTP id q17so7401515pfh.10; Tue, 26 Feb 2019 21:19:09 -0800 (PST) Received: from localhost.au.ibm.com ([43.245.162.131]) by smtp.gmail.com with ESMTPSA id x23sm32067370pfe.0.2019.02.26.21.19.05 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 26 Feb 2019 21:19:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=HO6DPrhRzHXI4q2rY+iKSMcRnH7bSWzB+71riLvDZAE=; b=gj+811+yUK+uFK/leP8lyhHDywU6aFKLjzJA9weNz0g9UzjCvzT+o2HNyH1hyLD9sF Im8i6Zw4A15h7hpIsXqO35Hsg3DgBCWMYgouGO7UjHq0Xvl15ciWCFM7j0RTSwvePi/t ZCEwC0e9uhgjoj22S0jR4eE3EbE5tEVWGk68169lAmioyKUf6oF7fx3952ll6BFoob7w 6uhhytLSehxGdWWM8DZIrfnu61I+kPOleDPgIyv3dJgeThPC0lpzHfrw2MGTfwTB5S7v +pe0VaaLXl2v9XpweoXnxyzU6VTPEzHRo66u0JVZjoAqt9D6PzRtgmdVc+S4+ni8BiOe 69kA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=HO6DPrhRzHXI4q2rY+iKSMcRnH7bSWzB+71riLvDZAE=; b=qSqLKLX/60vLmvV7CSTMKDrrFADY22Mw0EdF9+z/xI4JkEJwygVLP2iNAZECFv10et ms1p1UnfaIFmXOZ/iwYvNJY8dyfNzDNafitjxoyjtBWrLO8qntDYnLs6ecJgJ0npFuGK /QZJXggdTnaP79K7Ht7LloKFMC329ajtmJ/qd+PeJadGX1EeA4Tojnb0YeznRWQsVPdE P+R4qEHNdcwLqO6ksmxwd8hkLQTLDT4h/Xkj8jvNSqeKWERcpphqd+NidUIEFv7zyDCY g3CTmOEZdV9wqc2e8IvHqHj+LElw0vOtZ/jvaxQ0G6AQKUb/GMj8oQlYFcJgenitOvFl fiTg== X-Gm-Message-State: AHQUAuYMQCOIxsOdmTYbFBtemVhO5yd3nyPCG27yHrxRNmAzpMN0grVd 2fvCOTuolAA/QVnsCvbJ1FheV0wZ X-Google-Smtp-Source: AHgI3IZztSH1eaXVQGsBCm233nAffHT1w9mvnb9Yf3YGFriylUuQXmyid+2ghGACEozvT2/TOIqkJA== X-Received: by 2002:a63:d04f:: with SMTP id s15mr1263725pgi.80.1551244748230; Tue, 26 Feb 2019 21:19:08 -0800 (PST) From: Suraj Jitindar Singh To: qemu-ppc@nongnu.org Date: Wed, 27 Feb 2019 16:18:59 +1100 Message-Id: <20190227051859.26026-1-sjitindarsingh@gmail.com> X-Mailer: git-send-email 2.13.6 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::444 Subject: [Qemu-devel] [QEMU-PPC] [PATCH] target/ppc/spapr: Enable mitigations by default for pseries-4.0 machine type X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-devel@nongnu.org, Suraj Jitindar Singh , david@gibson.dropbear.id.au Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" There are currently 3 vulnerability mitigations controlled by the spapr-caps mechanism, cap-cfpc, cap-sbbc, and cap-ibs. Enable these mitigations by default for the pseries-4.0 machine type. By now machine firmware should have been upgraded to allow these settings. Note: This means these caps will have to be set to broken for tcg Signed-off-by: Suraj Jitindar Singh --- hw/ppc/spapr.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 73aba70aa9..1ef8865dc5 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -4313,9 +4313,9 @@ static void spapr_machine_class_init(ObjectClass *oc,= void *data) smc->default_caps.caps[SPAPR_CAP_HTM] =3D SPAPR_CAP_OFF; smc->default_caps.caps[SPAPR_CAP_VSX] =3D SPAPR_CAP_ON; smc->default_caps.caps[SPAPR_CAP_DFP] =3D SPAPR_CAP_ON; - smc->default_caps.caps[SPAPR_CAP_CFPC] =3D SPAPR_CAP_BROKEN; - smc->default_caps.caps[SPAPR_CAP_SBBC] =3D SPAPR_CAP_BROKEN; - smc->default_caps.caps[SPAPR_CAP_IBS] =3D SPAPR_CAP_BROKEN; + smc->default_caps.caps[SPAPR_CAP_CFPC] =3D SPAPR_CAP_WORKAROUND; + smc->default_caps.caps[SPAPR_CAP_SBBC] =3D SPAPR_CAP_WORKAROUND; + smc->default_caps.caps[SPAPR_CAP_IBS] =3D SPAPR_CAP_FIXED_CCD; smc->default_caps.caps[SPAPR_CAP_HPT_MAXPAGESIZE] =3D 16; /* 64kiB */ smc->default_caps.caps[SPAPR_CAP_NESTED_KVM_HV] =3D SPAPR_CAP_OFF; smc->default_caps.caps[SPAPR_CAP_LARGE_DECREMENTER] =3D 1; @@ -4394,6 +4394,9 @@ static void spapr_machine_3_1_class_options(MachineCl= ass *mc) mc->default_cpu_type =3D POWERPC_CPU_TYPE_NAME("power8_v2.0"); smc->update_dt_enabled =3D false; smc->dr_phb_enabled =3D false; + smc->default_caps.caps[SPAPR_CAP_CFPC] =3D SPAPR_CAP_BROKEN; + smc->default_caps.caps[SPAPR_CAP_SBBC] =3D SPAPR_CAP_BROKEN; + smc->default_caps.caps[SPAPR_CAP_IBS] =3D SPAPR_CAP_BROKEN; smc->default_caps.caps[SPAPR_CAP_LARGE_DECREMENTER] =3D 0; } =20 --=20 2.13.6