powerpc/pseries: add new branch prediction security bits for link stack

The hypervisor interface has defined branch prediction security bits for
handling the link stack. Wire them up.

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20200825075612.224656-1-npiggin@gmail.com

diff --git a/arch/powerpc/include/asm/hvcall.h b/arch/powerpc/include/asm/hvcall.h
index e8f116a..c1fbccb 100644 (file)
--- a/arch/powerpc/include/asm/hvcall.h
+++ b/arch/powerpc/include/asm/hvcall.h
@@ -375,11 +375,13 @@
 #define H_CPU_CHAR_THREAD_RECONFIG_CTRL        (1ull << 57) // IBM bit 6
 #define H_CPU_CHAR_COUNT_CACHE_DISABLED        (1ull << 56) // IBM bit 7
 #define H_CPU_CHAR_BCCTR_FLUSH_ASSIST  (1ull << 54) // IBM bit 9
+#define H_CPU_CHAR_BCCTR_LINK_FLUSH_ASSIST (1ull << 52) // IBM bit 11
 
 #define H_CPU_BEHAV_FAVOUR_SECURITY    (1ull << 63) // IBM bit 0
 #define H_CPU_BEHAV_L1D_FLUSH_PR       (1ull << 62) // IBM bit 1
 #define H_CPU_BEHAV_BNDS_CHK_SPEC_BAR  (1ull << 61) // IBM bit 2
 #define H_CPU_BEHAV_FLUSH_COUNT_CACHE  (1ull << 58) // IBM bit 5
+#define H_CPU_BEHAV_FLUSH_LINK_STACK   (1ull << 57) // IBM bit 6
 
 /* Flag values used in H_REGISTER_PROC_TBL hcall */
 #define PROC_TABLE_OP_MASK     0x18

diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c
index 2f4ee0a..633c45e 100644 (file)
--- a/arch/powerpc/platforms/pseries/setup.c
+++ b/arch/powerpc/platforms/pseries/setup.c
@@ -519,9 +519,15 @@ static void init_cpu_char_feature_flags(struct h_cpu_char_result *result)
        if (result->character & H_CPU_CHAR_BCCTR_FLUSH_ASSIST)
                security_ftr_set(SEC_FTR_BCCTR_FLUSH_ASSIST);
 
+       if (result->character & H_CPU_CHAR_BCCTR_LINK_FLUSH_ASSIST)
+               security_ftr_set(SEC_FTR_BCCTR_LINK_FLUSH_ASSIST);
+
        if (result->behaviour & H_CPU_BEHAV_FLUSH_COUNT_CACHE)
                security_ftr_set(SEC_FTR_FLUSH_COUNT_CACHE);
 
+       if (result->behaviour & H_CPU_BEHAV_FLUSH_LINK_STACK)
+               security_ftr_set(SEC_FTR_FLUSH_LINK_STACK);
+
        /*
         * The features below are enabled by default, so we instead look to see
         * if firmware has *disabled* them, and clear them if so.