queue-4.4/powerpc-64s-wire-up-cpu_show_spectre_v1.patch

   1 From foo@baz Mon 29 Apr 2019 11:38:37 AM CEST
   2 From: Michael Ellerman <mpe@ellerman.id.au>
   3 Date: Mon, 22 Apr 2019 00:20:03 +1000
   4 Subject: powerpc/64s: Wire up cpu_show_spectre_v1()
   5 To: stable@vger.kernel.org, gregkh@linuxfoundation.org
   6 Cc: linuxppc-dev@ozlabs.org, diana.craciun@nxp.com, msuchanek@suse.de, npiggin@gmail.com, christophe.leroy@c-s.fr
   7 Message-ID: <20190421142037.21881-19-mpe@ellerman.id.au>
   8
   9 From: Michael Ellerman <mpe@ellerman.id.au>
  10
  11 commit 56986016cb8cd9050e601831fe89f332b4e3c46e upstream.
  12
  13 Add a definition for cpu_show_spectre_v1() to override the generic
  14 version. Currently this just prints "Not affected" or "Vulnerable"
  15 based on the firmware flag.
  16
  17 Although the kernel does have array_index_nospec() in a few places, we
  18 haven't yet audited all the powerpc code to see where it's necessary,
  19 so for now we don't list that as a mitigation.
  20
  21 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
  22 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  23 ---
  24  arch/powerpc/kernel/security.c |    8 ++++++++
  25  1 file changed, 8 insertions(+)
  26
  27 --- a/arch/powerpc/kernel/security.c
  28 +++ b/arch/powerpc/kernel/security.c
  29 @@ -50,3 +50,11 @@ ssize_t cpu_show_meltdown(struct device
  30
  31         return sprintf(buf, "Vulnerable\n");
  32  }
  33 +
  34 +ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf)
  35 +{
  36 +       if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR))
  37 +               return sprintf(buf, "Not affected\n");
  38 +
  39 +       return sprintf(buf, "Vulnerable\n");
  40 +}