| From foo@baz Fri Mar 29 15:53:50 CET 2019 |
| From: Michael Ellerman <mpe@ellerman.id.au> |
| Date: Fri, 29 Mar 2019 22:25:55 +1100 |
| Subject: powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 |
| To: stable@vger.kernel.org, gregkh@linuxfoundation.org |
| Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, christophe.leroy@c-s.fr |
| Message-ID: <20190329112620.14489-8-mpe@ellerman.id.au> |
| |
| From: Michael Ellerman <mpe@ellerman.id.au> |
| |
| commit 6d44acae1937b81cf8115ada8958e04f601f3f2e upstream. |
| |
| When I added the spectre_v2 information in sysfs, I included the |
| availability of the ori31 speculation barrier. |
| |
| Although the ori31 barrier can be used to mitigate v2, it's primarily |
| intended as a spectre v1 mitigation. Spectre v2 is mitigated by |
| hardware changes. |
| |
| So rework the sysfs files to show the ori31 information in the |
| spectre_v1 file, rather than v2. |
| |
| Currently we display eg: |
| |
| $ grep . spectre_v* |
| spectre_v1:Mitigation: __user pointer sanitization |
| spectre_v2:Mitigation: Indirect branch cache disabled, ori31 speculation barrier enabled |
| |
| After: |
| |
| $ grep . spectre_v* |
| spectre_v1:Mitigation: __user pointer sanitization, ori31 speculation barrier enabled |
| spectre_v2:Mitigation: Indirect branch cache disabled |
| |
| Fixes: d6fbe1c55c55 ("powerpc/64s: Wire up cpu_show_spectre_v2()") |
| Cc: stable@vger.kernel.org # v4.17+ |
| Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/powerpc/kernel/security.c | 27 +++++++++++++++++---------- |
| 1 file changed, 17 insertions(+), 10 deletions(-) |
| |
| --- a/arch/powerpc/kernel/security.c |
| +++ b/arch/powerpc/kernel/security.c |
| @@ -117,25 +117,35 @@ ssize_t cpu_show_meltdown(struct device |
| |
| ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf) |
| { |
| - if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR)) |
| - return sprintf(buf, "Not affected\n"); |
| + struct seq_buf s; |
| + |
| + seq_buf_init(&s, buf, PAGE_SIZE - 1); |
| + |
| + if (security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR)) { |
| + if (barrier_nospec_enabled) |
| + seq_buf_printf(&s, "Mitigation: __user pointer sanitization"); |
| + else |
| + seq_buf_printf(&s, "Vulnerable"); |
| |
| - if (barrier_nospec_enabled) |
| - return sprintf(buf, "Mitigation: __user pointer sanitization\n"); |
| + if (security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31)) |
| + seq_buf_printf(&s, ", ori31 speculation barrier enabled"); |
| |
| - return sprintf(buf, "Vulnerable\n"); |
| + seq_buf_printf(&s, "\n"); |
| + } else |
| + seq_buf_printf(&s, "Not affected\n"); |
| + |
| + return s.len; |
| } |
| |
| ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, char *buf) |
| { |
| - bool bcs, ccd, ori; |
| struct seq_buf s; |
| + bool bcs, ccd; |
| |
| seq_buf_init(&s, buf, PAGE_SIZE - 1); |
| |
| bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED); |
| ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED); |
| - ori = security_ftr_enabled(SEC_FTR_SPEC_BAR_ORI31); |
| |
| if (bcs || ccd) { |
| seq_buf_printf(&s, "Mitigation: "); |
| @@ -151,9 +161,6 @@ ssize_t cpu_show_spectre_v2(struct devic |
| } else |
| seq_buf_printf(&s, "Vulnerable"); |
| |
| - if (ori) |
| - seq_buf_printf(&s, ", ori31 speculation barrier enabled"); |
| - |
| seq_buf_printf(&s, "\n"); |
| |
| return s.len; |