[patch 0/2] sysfs/cpu: Implement generic vulnerabilites directory

[patch 0/2] sysfs/cpu: Implement generic vulnerabilites directory

[Thomas Gleixner]

The meltdown/spectre vulnerabilities affect several architectures and
people are asking for a common way to figure out whether a system is
affected or not.

Create

   /sys/devices/system/cpu/vulnerabilites

and the files

   /sys/devices/system/cpu/vulnerabilites/meltdown
   /sys/devices/system/cpu/vulnerabilites/spectre_v1
   /sys/devices/system/cpu/vulnerabilites/spectre_v2

Add the x86 implementation which shows:

meltdown    Mitigation: PTI
spectre_v1  Vulnerable
sepctre_v1  Vulnerable
   
On an AMD CPU the output of meltdown is: Not affected.

If PTI is turned off and the CPU is affected of meltdown the output
becomes: Vulnerable

That series applies on top of

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86/pti

Thanks,

	tglx

[patch 1/2] sysfs/cpu: Add vulnerability folder

[Thomas Gleixner]

[-- Attachment #1: sysfs-cpu--Add-vulnerability-folder.patch --]
[-- Type: text/plain, Size: 3278 bytes --]

As the meltdown/spectre problem affects several CPU architectures, it makes
sense to have common way to express whether a system is affected by a
particular vulnerability or not. If affected the way to express the
mitigation should be common as well.

Create /sys/devices/system/cpu/vulnerabilities folder and files for
meltdown, spectre_v1 and spectre_v2.

Allow architextures to override the show function.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 drivers/base/Kconfig |    3 +++
 drivers/base/cpu.c   |   48 ++++++++++++++++++++++++++++++++++++++++++++++++
 include/linux/cpu.h  |    7 +++++++
 3 files changed, 58 insertions(+)

--- a/drivers/base/Kconfig
+++ b/drivers/base/Kconfig
@@ -235,6 +235,9 @@ config GENERIC_CPU_DEVICES
 config GENERIC_CPU_AUTOPROBE
 	bool
 
+config GENERIC_CPU_VULNERABILITIES
+	bool
+
 config SOC_BUS
 	bool
 	select GLOB
--- a/drivers/base/cpu.c
+++ b/drivers/base/cpu.c
@@ -501,10 +501,58 @@ static void __init cpu_dev_register_gene
 #endif
 }
 
+#ifdef CONFIG_GENERIC_CPU_VULNERABILITIES
+
+ssize_t __weak cpu_show_meltdown(struct device *dev,
+				 struct device_attribute *attr, char *buf)
+{
+	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+}
+
+ssize_t __weak cpu_show_spectre_v1(struct device *dev,
+				   struct device_attribute *attr, char *buf)
+{
+	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+}
+
+ssize_t __weak cpu_show_spectre_v2(struct device *dev,
+				   struct device_attribute *attr, char *buf)
+{
+	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+}
+
+static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
+static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
+static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
+
+static struct attribute *cpu_root_vulnerabilities_attrs[] = {
+	&dev_attr_meltdown.attr,
+	&dev_attr_spectre_v1.attr,
+	&dev_attr_spectre_v2.attr,
+	NULL
+};
+
+static const struct attribute_group cpu_root_vulnerabilities_group = {
+	.name  = "vulnerabilities",
+	.attrs = cpu_root_vulnerabilities_attrs,
+};
+
+static void __init cpu_register_vulnerabilities(void)
+{
+	if (sysfs_create_group(&cpu_subsys.dev_root->kobj,
+			       &cpu_root_vulnerabilities_group))
+		pr_err("Unable to register CPU vulnerabilities\n");
+}
+
+#else
+static inline void cpu_register_vulnerabilities(void) { }
+#endif
+
 void __init cpu_dev_init(void)
 {
 	if (subsys_system_register(&cpu_subsys, cpu_root_attr_groups))
 		panic("Failed to register CPU subsystem");
 
 	cpu_dev_register_generic();
+	cpu_register_vulnerabilities();
 }
--- a/include/linux/cpu.h
+++ b/include/linux/cpu.h
@@ -47,6 +47,13 @@ extern void cpu_remove_dev_attr(struct d
 extern int cpu_add_dev_attr_group(struct attribute_group *attrs);
 extern void cpu_remove_dev_attr_group(struct attribute_group *attrs);
 
+extern ssize_t cpu_show_meltdown(struct device *dev,
+				 struct device_attribute *attr, char *buf);
+extern ssize_t cpu_show_spectre_v1(struct device *dev,
+				   struct device_attribute *attr, char *buf);
+extern ssize_t cpu_show_spectre_v2(struct device *dev,
+				   struct device_attribute *attr, char *buf);
+
 extern __printf(4, 5)
 struct device *cpu_device_create(struct device *parent, void *drvdata,
 				 const struct attribute_group **groups,

[patch 2/2] x86/cpu: Implement CPU vulnerabilites sysfs functions

[Thomas Gleixner]

[-- Attachment #1: x86-cpu--Implement-CPU-vulnerabilites-sysfs-functions.patch --]
[-- Type: text/plain, Size: 1855 bytes --]

Implement the CPU vulnerabilty show functions for meltdown, spectre_v1 and
spectre_v2.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/Kconfig           |    1 +
 arch/x86/kernel/cpu/bugs.c |   29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -89,6 +89,7 @@ config X86
 	select GENERIC_CLOCKEVENTS_MIN_ADJUST
 	select GENERIC_CMOS_UPDATE
 	select GENERIC_CPU_AUTOPROBE
+	select GENERIC_CPU_VULNERABILITIES
 	select GENERIC_EARLY_IOREMAP
 	select GENERIC_FIND_FIRST_BIT
 	select GENERIC_IOMAP
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -10,6 +10,7 @@
  */
 #include <linux/init.h>
 #include <linux/utsname.h>
+#include <linux/cpu.h>
 #include <asm/bugs.h>
 #include <asm/processor.h>
 #include <asm/processor-flags.h>
@@ -60,3 +61,31 @@ void __init check_bugs(void)
 		set_memory_4k((unsigned long)__va(0), 1);
 #endif
 }
+
+#ifdef CONFIG_SYSFS
+ssize_t cpu_show_meltdown(struct device *dev,
+			  struct device_attribute *attr, char *buf)
+{
+	if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
+		return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+	if (boot_cpu_has(X86_FEATURE_PTI))
+		return snprintf(buf, PAGE_SIZE - 2, "Mitigation: PTI\n");
+	return snprintf(buf, PAGE_SIZE - 2, "Vulnerable\n");
+}
+
+ssize_t cpu_show_spectre_v1(struct device *dev,
+			    struct device_attribute *attr, char *buf)
+{
+	if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V1))
+		return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+	return snprintf(buf, PAGE_SIZE - 2, "Vulnerable\n");
+}
+
+ssize_t cpu_show_spectre_v2(struct device *dev,
+			    struct device_attribute *attr, char *buf)
+{
+	if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
+		return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
+	return snprintf(buf, PAGE_SIZE - 2, "Vulnerable\n");
+}
+#endif

Re: [patch 1/2] sysfs/cpu: Add vulnerability folder

[Greg Kroah-Hartman]

On Sun, Jan 07, 2018 at 09:57:50PM +0100, Thomas Gleixner wrote:
> As the meltdown/spectre problem affects several CPU architectures, it makes
> sense to have common way to express whether a system is affected by a
> particular vulnerability or not. If affected the way to express the
> mitigation should be common as well.
> 
> Create /sys/devices/system/cpu/vulnerabilities folder and files for
> meltdown, spectre_v1 and spectre_v2.

I like this, minor nits below:

> 
> Allow architextures to override the show function.
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
>  drivers/base/Kconfig |    3 +++
>  drivers/base/cpu.c   |   48 ++++++++++++++++++++++++++++++++++++++++++++++++
>  include/linux/cpu.h  |    7 +++++++
>  3 files changed, 58 insertions(+)

A Documentation/ABI/ update is needed for the new sysfs files.

> +#ifdef CONFIG_GENERIC_CPU_VULNERABILITIES
> +
> +ssize_t __weak cpu_show_meltdown(struct device *dev,
> +				 struct device_attribute *attr, char *buf)
> +{
> +	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");

sysfs is one-value-per-file, so you never need to care about the page
size, a simple sprintf() is fine.  No need to change if you don't want
to, your call.

> +}
> +
> +ssize_t __weak cpu_show_spectre_v1(struct device *dev,
> +				   struct device_attribute *attr, char *buf)
> +{
> +	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
> +}
> +
> +ssize_t __weak cpu_show_spectre_v2(struct device *dev,
> +				   struct device_attribute *attr, char *buf)
> +{
> +	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
> +}
> +
> +static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
> +static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
> +static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);

DEVICE_ATTR_RO() please.

Yeah, that does make the global symbols a bit different, meltdown_show()
and the like.  Hm, I guess this is ok, given that it's ment to be
overridden.

Oh, nevermind.  So, just a documentation update please, that can always
be an add-on patch if you promise to do it :)

thanks,

greg k-h

Re: [patch 1/2] sysfs/cpu: Add vulnerability folder

[Thomas Gleixner]

On Sun, 7 Jan 2018, Greg Kroah-Hartman wrote:
> >  drivers/base/Kconfig |    3 +++
> >  drivers/base/cpu.c   |   48 ++++++++++++++++++++++++++++++++++++++++++++++++
> >  include/linux/cpu.h  |    7 +++++++
> >  3 files changed, 58 insertions(+)
> 
> A Documentation/ABI/ update is needed for the new sysfs files.

Sure.

> > +#ifdef CONFIG_GENERIC_CPU_VULNERABILITIES
> > +
> > +ssize_t __weak cpu_show_meltdown(struct device *dev,
> > +				 struct device_attribute *attr, char *buf)
> > +{
> > +	return snprintf(buf, PAGE_SIZE - 2, "Not affected\n");
> 
> sysfs is one-value-per-file, so you never need to care about the page
> size, a simple sprintf() is fine.  No need to change if you don't want
> to, your call.

Done.

> > +static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
> 
> DEVICE_ATTR_RO() please.
> 
> Yeah, that does make the global symbols a bit different, meltdown_show()
> and the like.  Hm, I guess this is ok, given that it's ment to be
> overridden.

That and I expect that in the not so distant future we'll see write
functions as well.

> Oh, nevermind.  So, just a documentation update please, that can always
> be an add-on patch if you promise to do it :)

You should never make such offers. These promises land on that growth only
thingy, aka. todo list :)

Thanks,

	tglx