[PATCH] selftests/powerpc: Add test of mitigation patching

[PATCH] selftests/powerpc: Add test of mitigation patching

[Michael Ellerman]

We recently discovered some of our mitigation patching was not safe
against other CPUs running concurrently.

Add a test which enable/disables all mitigations in a tight loop while
also running some stress load. On an unpatched system this almost always
leads to an oops and panic/reboot, but we also check if the kernel
becomes tainted in case we have a non-fatal oops.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
---
 .../selftests/powerpc/security/Makefile       |  2 +
 .../powerpc/security/mitigation-patching.sh   | 75 +++++++++++++++++++
 2 files changed, 77 insertions(+)
 create mode 100755 tools/testing/selftests/powerpc/security/mitigation-patching.sh

diff --git a/tools/testing/selftests/powerpc/security/Makefile b/tools/testing/selftests/powerpc/security/Makefile
index 844d18cd5f93..7488315fd847 100644
--- a/tools/testing/selftests/powerpc/security/Makefile
+++ b/tools/testing/selftests/powerpc/security/Makefile
@@ -1,6 +1,8 @@
 # SPDX-License-Identifier: GPL-2.0+
 
 TEST_GEN_PROGS := rfi_flush entry_flush uaccess_flush spectre_v2
+TEST_PROGS := mitigation-patching.sh
+
 top_srcdir = ../../../../..
 
 CFLAGS += -I../../../../../usr/include
diff --git a/tools/testing/selftests/powerpc/security/mitigation-patching.sh b/tools/testing/selftests/powerpc/security/mitigation-patching.sh
new file mode 100755
index 000000000000..00197acb7ff1
--- /dev/null
+++ b/tools/testing/selftests/powerpc/security/mitigation-patching.sh
@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+TIMEOUT=10
+
+function do_one
+{
+    local mitigation="$1"
+    local orig
+    local start
+    local now
+
+    orig=$(cat "$mitigation")
+
+    start=$EPOCHSECONDS
+    now=$start
+
+    while [[ $((now-start)) -lt "$TIMEOUT" ]]
+    do
+        echo 0 > "$mitigation"
+        echo 1 > "$mitigation"
+
+        now=$EPOCHSECONDS
+    done
+
+    echo "$orig" > "$mitigation"
+}
+
+rc=0
+cd /sys/kernel/debug/powerpc || rc=1
+if [[ "$rc" -ne 0 ]]; then
+    echo "Error: couldn't cd to /sys/kernel/debug/powerpc" >&2
+    exit 1
+fi
+
+tainted=$(cat /proc/sys/kernel/tainted)
+if [[ "$tainted" -ne 0 ]]; then
+    echo "Error: kernel already tainted!" >&2
+    exit 1
+fi
+
+mitigations="barrier_nospec stf_barrier count_cache_flush rfi_flush entry_flush uaccess_flush"
+
+for m in $mitigations
+do
+    do_one "$m" &
+done
+
+echo "Spawned threads enabling/disabling mitigations ..."
+
+if stress-ng > /dev/null 2>&1; then
+    stress="stress-ng"
+elif stress > /dev/null 2>&1; then
+    stress="stress"
+else
+    stress=""
+fi
+
+if [[ -n "$stress" ]]; then
+    "$stress" -m "$(nproc)" -t "$TIMEOUT" &
+    echo "Spawned VM stressors ..."
+fi
+
+echo "Waiting for timeout ..."
+wait
+
+tainted=$(cat /proc/sys/kernel/tainted)
+if [[ "$tainted" -ne 0 ]]; then
+    echo "Error: kernel became tainted!" >&2
+    exit 1
+fi
+
+echo "OK"
+exit 0
-- 
2.25.1

Re: [PATCH] selftests/powerpc: Add test of mitigation patching

[Michael Ellerman]

On Fri, 7 May 2021 16:42:25 +1000, Michael Ellerman wrote:
> We recently discovered some of our mitigation patching was not safe
> against other CPUs running concurrently.
> 
> Add a test which enable/disables all mitigations in a tight loop while
> also running some stress load. On an unpatched system this almost always
> leads to an oops and panic/reboot, but we also check if the kernel
> becomes tainted in case we have a non-fatal oops.

Applied to powerpc/next.

[1/1] selftests/powerpc: Add test of mitigation patching
      https://git.kernel.org/powerpc/c/34f7f79827ec4db30cff9001dfba19f496473e8d

cheers