queue-4.4/powerpc-64s-enhance-the-information-in-cpu_show_meltdown.patch

   1 From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
   2 From: Michael Ellerman <mpe@ellerman.id.au>
   3 Date: Mon, 22 Apr 2019 00:20:00 +1000
   4 Subject: powerpc/64s: Enhance the information in cpu_show_meltdown()
   5 To: stable@vger.kernel.org, gregkh@linuxfoundation.org
   6 Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
   7 Message-ID: <20190421142037.21881-16-mpe@ellerman.id.au>
   8
   9 From: Michael Ellerman <mpe@ellerman.id.au>
  10
  11 commit ff348355e9c72493947be337bb4fae4fc1a41eba upstream.
  12
  13 Now that we have the security feature flags we can make the
  14 information displayed in the "meltdown" file more informative.
  15
  16 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
  17 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  18 ---
  19  arch/powerpc/include/asm/security_features.h |    1
  20  arch/powerpc/kernel/security.c               |   30 +++++++++++++++++++++++++--
  21  2 files changed, 29 insertions(+), 2 deletions(-)
  22
  23 --- a/arch/powerpc/include/asm/security_features.h
  24 +++ b/arch/powerpc/include/asm/security_features.h
  25 @@ -10,6 +10,7 @@
  26
  27
  28  extern unsigned long powerpc_security_features;
  29 +extern bool rfi_flush;
  30
  31  static inline void security_ftr_set(unsigned long feature)
  32  {
  33 --- a/arch/powerpc/kernel/security.c
  34 +++ b/arch/powerpc/kernel/security.c
  35 @@ -6,6 +6,7 @@
  36
  37  #include <linux/kernel.h>
  38  #include <linux/device.h>
  39 +#include <linux/seq_buf.h>
  40
  41  #include <asm/security_features.h>
  42
  43 @@ -19,8 +20,33 @@ unsigned long powerpc_security_features
  44
  45  ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, char *buf)
  46  {
  47 -       if (rfi_flush)
  48 -               return sprintf(buf, "Mitigation: RFI Flush\n");
  49 +       bool thread_priv;
  50 +
  51 +       thread_priv = security_ftr_enabled(SEC_FTR_L1D_THREAD_PRIV);
  52 +
  53 +       if (rfi_flush || thread_priv) {
  54 +               struct seq_buf s;
  55 +               seq_buf_init(&s, buf, PAGE_SIZE - 1);
  56 +
  57 +               seq_buf_printf(&s, "Mitigation: ");
  58 +
  59 +               if (rfi_flush)
  60 +                       seq_buf_printf(&s, "RFI Flush");
  61 +
  62 +               if (rfi_flush && thread_priv)
  63 +                       seq_buf_printf(&s, ", ");
  64 +
  65 +               if (thread_priv)
  66 +                       seq_buf_printf(&s, "L1D private per thread");
  67 +
  68 +               seq_buf_printf(&s, "\n");
  69 +
  70 +               return s.len;
  71 +       }
  72 +
  73 +       if (!security_ftr_enabled(SEC_FTR_L1D_FLUSH_HV) &&
  74 +           !security_ftr_enabled(SEC_FTR_L1D_FLUSH_PR))
  75 +               return sprintf(buf, "Not affected\n");
  76
  77         return sprintf(buf, "Vulnerable\n");
  78  }