powerpc: Move default security feature flags

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This moves the definition of the default security feature flags
(i.e., enabled by default) closer to the security feature flags.

This can be used to restore current flags to the default flags.

Signed-off-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>

authored by

Mauricio Faria de Oliveira and committed by

Michael Ellerman 8 years ago e7347a86 252988cb

+9 -6

2 changed files

expand all

arch

powerpc

include

asm

security_features.h

kernel

security.c

arch/powerpc/include/asm/security_features.h

··· 63 63 // Firmware configuration indicates user favours security over performance 64 64 #define SEC_FTR_FAVOUR_SECURITY 0x0000000000000200ull 65 65 66 + 67 + // Features enabled by default 68 + #define SEC_FTR_DEFAULT \ 69 + (SEC_FTR_L1D_FLUSH_HV | \ 70 + SEC_FTR_L1D_FLUSH_PR | \ 71 + SEC_FTR_BNDS_CHK_SPEC_BAR | \ 72 + SEC_FTR_FAVOUR_SECURITY) 73 + 66 74 #endif /* _ASM_POWERPC_SECURITY_FEATURES_H */

+1 -6

arch/powerpc/kernel/security.c

··· 11 11 #include <asm/security_features.h> 12 12 13 13 14 - unsigned long powerpc_security_features __read_mostly = \ 15 - SEC_FTR_L1D_FLUSH_HV | \ 16 - SEC_FTR_L1D_FLUSH_PR | \ 17 - SEC_FTR_BNDS_CHK_SPEC_BAR | \ 18 - SEC_FTR_FAVOUR_SECURITY; 19 - 14 + unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT; 20 15 21 16 ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) 22 17 {