[thirdparty/kernel/stable-queue.git] / queue-4.4 / powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch

From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
From: Michael Ellerman <mpe@ellerman.id.au>
Date: Mon, 22 Apr 2019 00:20:00 +1000
Subject: powerpc/64s: Enhance the information in cpu_show_meltdown()
To: stable@vger.kernel.org, gregkh@linuxfoundation.org
Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
Message-ID: <20190421142037.21881-16-mpe@ellerman.id.au>

From: Michael Ellerman <mpe@ellerman.id.au>

commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream.

Now that we have the security feature flags we can make the
information displayed in the "meltdown" file more informative.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 arch/powerpc/include/asm/security_features.h |    1 
 arch/powerpc/kernel/security.c               |   30 +++++++++++++++++++++++++--
 2 files changed, 29 insertions(+), 2 deletions(-)

--- a/arch/powerpc/include/asm/security_features.h
+++ b/arch/powerpc/include/asm/security_features.h
@@ -10,6 +10,7 @@
 
 
 extern unsigned long powerpc_security_features;
+extern bool rfi_flush;
 
 static inline void security_ftr_set(unsigned long feature)
 {
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -6,6 +6,7 @@
 
 #include <linux/kernel.h>
 #include <linux/device.h>
+#include <linux/seq_buf.h>
 
 #include <asm/security_features.h>
 
@@ -19,8 +20,33 @@ unsigned long powerpc_security_features
 
 ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf)
 {
-	if (rfi_flush)
-		return sprintf(buf, "Mitigation: RFI Flush\n");
+	bool thread_priv;
+
+	thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV);
+
+	if (rfi_flush || thread_priv) {
+		struct seq_buf s;
+		seq_buf_init(&s, buf, PAGE_SIZE - 1);
+
+		seq_buf_printf(&s, "Mitigation: ");
+
+		if (rfi_flush)
+			seq_buf_printf(&s, "RFI Flush");
+
+		if (rfi_flush && thread_priv)
+			seq_buf_printf(&s, ", ");
+
+		if (thread_priv)
+			seq_buf_printf(&s, "L1D private per thread");
+
+		seq_buf_printf(&s, "\n");
+
+		return s.len;
+	}
+
+	if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) &&
+	    !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR))
+		return sprintf(buf, "Not affected\n");
 
 	return sprintf(buf, "Vulnerable\n");
 }
Commit	Line	Data
4fa5b95e GKH	1	From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
	2	From: Michael Ellerman <mpe@ellerman.id.au>
	3	Date: Mon, 22 Apr 2019 00:20:00 +1000
	4	Subject: powerpc/64s: Enhance the information in cpu_show_meltdown()
	5	To: stable@vger.kernel.org, gregkh@linuxfoundation.org
	6	Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
	7	Message-ID: <20190421142037.21881-16-mpe@ellerman.id.au>
	8
	9	From: Michael Ellerman <mpe@ellerman.id.au>
	10
	11	commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream.
	12
	13	Now that we have the security feature flags we can make the
	14	information displayed in the "meltdown" file more informative.
	15
	16	Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
	17	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	18	---
	19	arch/powerpc/include/asm/security_features.h \| 1
	20	arch/powerpc/kernel/security.c \| 30 +++++++++++++++++++++++++--
	21	2 files changed, 29 insertions(+), 2 deletions(-)
	22
	23	--- a/arch/powerpc/include/asm/security_features.h
	24	+++ b/arch/powerpc/include/asm/security_features.h
	25	@@ -10,6 +10,7 @@
	26
	27
	28	extern unsigned long powerpc_security_features;
	29	+extern bool rfi_flush;
	30
	31	static inline void security_ftr_set(unsigned long feature)
	32	{
	33	--- a/arch/powerpc/kernel/security.c
	34	+++ b/arch/powerpc/kernel/security.c
	35	@@ -6,6 +6,7 @@
	36
	37	#include <linux/kernel.h>
	38	#include <linux/device.h>
	39	+#include <linux/seq_buf.h>
	40
	41	#include <asm/security_features.h>
	42
	43	@@ -19,8 +20,33 @@ unsigned long powerpc_security_features
	44
	45	ssize_t cpu_show_meltdown(struct device dev, struct device_attribute attr, char *buf)
	46	{
	47	- if (rfi_flush)
	48	- return sprintf(buf, "Mitigation: RFI Flush\n");
	49	+ bool thread_priv;
	50	+
	51	+ thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV);
	52	+
	53	+ if (rfi_flush \|\| thread_priv) {
	54	+ struct seq_buf s;
	55	+ seq_buf_init(&s, buf, PAGE_SIZE - 1);
	56	+
	57	+ seq_buf_printf(&s, "Mitigation: ");
	58	+
	59	+ if (rfi_flush)
	60	+ seq_buf_printf(&s, "RFI Flush");
	61	+
	62	+ if (rfi_flush && thread_priv)
	63	+ seq_buf_printf(&s, ", ");
	64	+
65	+ if (thread_priv)
66	+ seq_buf_printf(&s, "L1D private per thread");
67	+
68	+ seq_buf_printf(&s, "\n");
69	+
70	+ return s.len;
71	+ }
72	+
73	+ if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) &&
74	+ !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR))
75	+ return sprintf(buf, "Not affected\n");
76
77	return sprintf(buf, "Vulnerable\n");
78	}