]>
Commit | Line | Data |
---|---|---|
4fa5b95e GKH |
1 | From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST |
2 | From: Michael Ellerman <mpe@ellerman.id.au> | |
3 | Date: Mon, 22 Apr 2019 00:20:00 +1000 | |
4 | Subject: powerpc/64s: Enhance the information in cpu_show_meltdown() | |
5 | To: stable@vger.kernel.org, gregkh@linuxfoundation.org | |
6 | Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr | |
7 | Message-ID: <20190421142037.21881-16-mpe@ellerman.id.au> | |
8 | ||
9 | From: Michael Ellerman <mpe@ellerman.id.au> | |
10 | ||
11 | commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream. | |
12 | ||
13 | Now that we have the security feature flags we can make the | |
14 | information displayed in the "meltdown" file more informative. | |
15 | ||
16 | Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> | |
17 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
18 | --- | |
19 | arch/powerpc/include/asm/security_features.h | 1 | |
20 | arch/powerpc/kernel/security.c | 30 +++++++++++++++++++++++++-- | |
21 | 2 files changed, 29 insertions(+), 2 deletions(-) | |
22 | ||
23 | --- a/arch/powerpc/include/asm/security_features.h | |
24 | +++ b/arch/powerpc/include/asm/security_features.h | |
25 | @@ -10,6 +10,7 @@ | |
26 | ||
27 | ||
28 | extern unsigned long powerpc_security_features; | |
29 | +extern bool rfi_flush; | |
30 | ||
31 | static inline void security_ftr_set(unsigned long feature) | |
32 | { | |
33 | --- a/arch/powerpc/kernel/security.c | |
34 | +++ b/arch/powerpc/kernel/security.c | |
35 | @@ -6,6 +6,7 @@ | |
36 | ||
37 | #include <linux/kernel.h> | |
38 | #include <linux/device.h> | |
39 | +#include <linux/seq_buf.h> | |
40 | ||
41 | #include <asm/security_features.h> | |
42 | ||
43 | @@ -19,8 +20,33 @@ unsigned long powerpc_security_features | |
44 | ||
45 | ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf) | |
46 | { | |
47 | - if (rfi_flush) | |
48 | - return sprintf(buf, "Mitigation: RFI Flush\n"); | |
49 | + bool thread_priv; | |
50 | + | |
51 | + thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV); | |
52 | + | |
53 | + if (rfi_flush || thread_priv) { | |
54 | + struct seq_buf s; | |
55 | + seq_buf_init(&s, buf, PAGE_SIZE - 1); | |
56 | + | |
57 | + seq_buf_printf(&s, "Mitigation: "); | |
58 | + | |
59 | + if (rfi_flush) | |
60 | + seq_buf_printf(&s, "RFI Flush"); | |
61 | + | |
62 | + if (rfi_flush && thread_priv) | |
63 | + seq_buf_printf(&s, ", "); | |
64 | + | |
65 | + if (thread_priv) | |
66 | + seq_buf_printf(&s, "L1D private per thread"); | |
67 | + | |
68 | + seq_buf_printf(&s, "\n"); | |
69 | + | |
70 | + return s.len; | |
71 | + } | |
72 | + | |
73 | + if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) && | |
74 | + !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR)) | |
75 | + return sprintf(buf, "Not affected\n"); | |
76 | ||
77 | return sprintf(buf, "Vulnerable\n"); | |
78 | } |