From: Jeremy Linton <jeremy.linton@arm.com> To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, dave.martin@arm.com, shankerd@codeaurora.org, mark.rutland@arm.com, linux-kernel@vger.kernel.org, ykaukab@suse.de, julien.thierry@arm.com, mlangsdo@redhat.com, steven.price@arm.com, Jeremy Linton <jeremy.linton@arm.com> Subject: [PATCH v2 6/7] arm64: add sysfs vulnerability show for speculative store bypass Date: Wed, 2 Jan 2019 18:49:20 -0600 [thread overview] Message-ID: <20190103004921.1928921-7-jeremy.linton@arm.com> (raw) In-Reply-To: <20190103004921.1928921-1-jeremy.linton@arm.com> From: Mian Yousaf Kaukab <ykaukab@suse.de> Return status based on ssbd_state and the arm64 SSBS feature. Return string "Unknown" in case CONFIG_ARM64_SSBD is disabled or arch workaround2 is not available in the firmware. Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de> [Added SSBS logic] Signed-off-by: Jeremy Linton <jeremy.linton@arm.com> --- arch/arm64/kernel/cpu_errata.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 96a55accefa9..c962b5856c87 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -420,6 +420,7 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, ssbd_state = ARM64_SSBD_UNKNOWN; return false; + /* machines with mixed mitigation requirements must not return this */ case SMCCC_RET_NOT_REQUIRED: pr_info_once("%s mitigation not required\n", entry->desc); ssbd_state = ARM64_SSBD_MITIGATED; @@ -810,4 +811,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, } } +ssize_t cpu_show_spec_store_bypass(struct device *dev, + struct device_attribute *attr, char *buf) +{ + /* + * Two assumptions: First, get_ssbd_state() reflects the worse case + * for hetrogenous machines, and that if SSBS is supported its + * supported by all cores. + */ + switch (arm64_get_ssbd_state()) { + case ARM64_SSBD_MITIGATED: + return sprintf(buf, "Not affected\n"); + + case ARM64_SSBD_KERNEL: + case ARM64_SSBD_FORCE_ENABLE: + if (cpus_have_cap(ARM64_SSBS)) + return sprintf(buf, "Not affected\n"); + return sprintf(buf, + "Mitigation: Speculative Store Bypass disabled\n"); + + case ARM64_SSBD_FORCE_DISABLE: + return sprintf(buf, "Vulnerable\n"); + + default: /* ARM64_SSBD_UNKNOWN*/ + return sprintf(buf, "Unknown\n"); + } +} + #endif -- 2.17.2
WARNING: multiple messages have this Message-ID (diff)
From: Jeremy Linton <jeremy.linton@arm.com> To: linux-arm-kernel@lists.infradead.org Cc: mark.rutland@arm.com, mlangsdo@redhat.com, suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, julien.thierry@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton <jeremy.linton@arm.com>, steven.price@arm.com, ykaukab@suse.de, dave.martin@arm.com, shankerd@codeaurora.org Subject: [PATCH v2 6/7] arm64: add sysfs vulnerability show for speculative store bypass Date: Wed, 2 Jan 2019 18:49:20 -0600 [thread overview] Message-ID: <20190103004921.1928921-7-jeremy.linton@arm.com> (raw) In-Reply-To: <20190103004921.1928921-1-jeremy.linton@arm.com> From: Mian Yousaf Kaukab <ykaukab@suse.de> Return status based on ssbd_state and the arm64 SSBS feature. Return string "Unknown" in case CONFIG_ARM64_SSBD is disabled or arch workaround2 is not available in the firmware. Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de> [Added SSBS logic] Signed-off-by: Jeremy Linton <jeremy.linton@arm.com> --- arch/arm64/kernel/cpu_errata.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 96a55accefa9..c962b5856c87 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -420,6 +420,7 @@ static bool has_ssbd_mitigation(const struct arm64_cpu_capabilities *entry, ssbd_state = ARM64_SSBD_UNKNOWN; return false; + /* machines with mixed mitigation requirements must not return this */ case SMCCC_RET_NOT_REQUIRED: pr_info_once("%s mitigation not required\n", entry->desc); ssbd_state = ARM64_SSBD_MITIGATED; @@ -810,4 +811,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, } } +ssize_t cpu_show_spec_store_bypass(struct device *dev, + struct device_attribute *attr, char *buf) +{ + /* + * Two assumptions: First, get_ssbd_state() reflects the worse case + * for hetrogenous machines, and that if SSBS is supported its + * supported by all cores. + */ + switch (arm64_get_ssbd_state()) { + case ARM64_SSBD_MITIGATED: + return sprintf(buf, "Not affected\n"); + + case ARM64_SSBD_KERNEL: + case ARM64_SSBD_FORCE_ENABLE: + if (cpus_have_cap(ARM64_SSBS)) + return sprintf(buf, "Not affected\n"); + return sprintf(buf, + "Mitigation: Speculative Store Bypass disabled\n"); + + case ARM64_SSBD_FORCE_DISABLE: + return sprintf(buf, "Vulnerable\n"); + + default: /* ARM64_SSBD_UNKNOWN*/ + return sprintf(buf, "Unknown\n"); + } +} + #endif -- 2.17.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-01-03 0:49 UTC|newest] Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-01-03 0:49 [PATCH v2 0/7] add system vulnerability sysfs entries Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 0:49 ` [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 9:38 ` Greg Kroah-Hartman 2019-01-03 9:38 ` Greg Kroah-Hartman 2019-01-03 16:38 ` Jeremy Linton 2019-01-03 16:38 ` Jeremy Linton 2019-01-03 16:48 ` Greg Kroah-Hartman 2019-01-03 16:48 ` Greg Kroah-Hartman 2019-01-04 14:08 ` Dave Martin 2019-01-04 14:08 ` Dave Martin 2019-01-04 14:18 ` Greg Kroah-Hartman 2019-01-04 14:18 ` Greg Kroah-Hartman 2019-01-04 14:55 ` Will Deacon 2019-01-04 14:55 ` Will Deacon 2019-01-03 16:37 ` Dave Martin 2019-01-03 16:37 ` Dave Martin 2019-01-03 16:46 ` Jeremy Linton 2019-01-03 16:46 ` Jeremy Linton 2019-01-03 19:30 ` Stefan Wahren 2019-01-03 19:30 ` Stefan Wahren 2019-01-03 20:32 ` Jeremy Linton 2019-01-03 20:32 ` Jeremy Linton 2019-01-04 10:13 ` Will Deacon 2019-01-04 10:13 ` Will Deacon 2019-01-03 0:49 ` [PATCH v2 2/7] arm64: kpti: move check for non-vulnerable CPUs to a function Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 0:49 ` [PATCH v2 3/7] arm64: add sysfs vulnerability show for meltdown Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 0:49 ` [PATCH v2 4/7] arm64: add sysfs vulnerability show for spectre v1 Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 0:49 ` [PATCH v2 5/7] arm64: add sysfs vulnerability show for spectre v2 Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton [this message] 2019-01-03 0:49 ` [PATCH v2 6/7] arm64: add sysfs vulnerability show for speculative store bypass Jeremy Linton 2019-01-03 0:49 ` [PATCH v2 7/7] arm64: enable generic CPU vulnerabilites support Jeremy Linton 2019-01-03 0:49 ` Jeremy Linton
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190103004921.1928921-7-jeremy.linton@arm.com \ --to=jeremy.linton@arm.com \ --cc=catalin.marinas@arm.com \ --cc=dave.martin@arm.com \ --cc=julien.thierry@arm.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=marc.zyngier@arm.com \ --cc=mark.rutland@arm.com \ --cc=mlangsdo@redhat.com \ --cc=shankerd@codeaurora.org \ --cc=steven.price@arm.com \ --cc=suzuki.poulose@arm.com \ --cc=will.deacon@arm.com \ --cc=ykaukab@suse.de \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.