From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@suse.de>, Ingo Molnar <mingo@kernel.org>
Subject: [PATCH 4.14 53/95] x86/bugs: Expose /sys/../spec_store_bypass
Date: Mon, 21 May 2018 23:11:43 +0200 [thread overview]
Message-ID: <20180521210458.156477130@linuxfoundation.org> (raw)
In-Reply-To: <20180521210447.219380974@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
commit c456442cd3a59eeb1d60293c26cbe2ff2c4e42cf upstream
Add the sysfs file for the new vulerability. It does not do much except
show the words 'Vulnerable' for recent x86 cores.
Intel cores prior to family 6 are known not to be vulnerable, and so are
some Atoms and some Xeon Phi.
It assumes that older Cyrix, Centaur, etc. cores are immune.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
Documentation/ABI/testing/sysfs-devices-system-cpu | 1
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/kernel/cpu/bugs.c | 5 ++++
arch/x86/kernel/cpu/common.c | 23 +++++++++++++++++++++
drivers/base/cpu.c | 8 +++++++
include/linux/cpu.h | 2 +
6 files changed, 40 insertions(+)
--- a/Documentation/ABI/testing/sysfs-devices-system-cpu
+++ b/Documentation/ABI/testing/sysfs-devices-system-cpu
@@ -378,6 +378,7 @@ What: /sys/devices/system/cpu/vulnerabi
/sys/devices/system/cpu/vulnerabilities/meltdown
/sys/devices/system/cpu/vulnerabilities/spectre_v1
/sys/devices/system/cpu/vulnerabilities/spectre_v2
+ /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
Date: January 2018
Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
Description: Information about CPU vulnerabilities
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -360,5 +360,6 @@
#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
#define X86_BUG_SPECTRE_V1 X86_BUG(15) /* CPU is affected by Spectre variant 1 attack with conditional branches */
#define X86_BUG_SPECTRE_V2 X86_BUG(16) /* CPU is affected by Spectre variant 2 attack with indirect branches */
+#define X86_BUG_SPEC_STORE_BYPASS X86_BUG(17) /* CPU is affected by speculative store bypass attack */
#endif /* _ASM_X86_CPUFEATURES_H */
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -404,4 +404,9 @@ ssize_t cpu_show_spectre_v2(struct devic
{
return cpu_show_common(dev, attr, buf, X86_BUG_SPECTRE_V2);
}
+
+ssize_t cpu_show_spec_store_bypass(struct device *dev, struct device_attribute *attr, char *buf)
+{
+ return cpu_show_common(dev, attr, buf, X86_BUG_SPEC_STORE_BYPASS);
+}
#endif
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -894,10 +894,33 @@ static const __initconst struct x86_cpu_
{}
};
+static const __initconst struct x86_cpu_id cpu_no_spec_store_bypass[] = {
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_SILVERMONT1 },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_AIRMONT },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_SILVERMONT2 },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_MERRIFIELD },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_CORE_YONAH },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_XEON_PHI_KNL },
+ { X86_VENDOR_INTEL, 6, INTEL_FAM6_XEON_PHI_KNM },
+ { X86_VENDOR_CENTAUR, 5, },
+ { X86_VENDOR_INTEL, 5, },
+ { X86_VENDOR_NSC, 5, },
+ { X86_VENDOR_ANY, 4, },
+ {}
+};
+
static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
{
u64 ia32_cap = 0;
+ if (!x86_match_cpu(cpu_no_spec_store_bypass))
+ setup_force_cpu_bug(X86_BUG_SPEC_STORE_BYPASS);
+
if (x86_match_cpu(cpu_no_speculation))
return;
--- a/drivers/base/cpu.c
+++ b/drivers/base/cpu.c
@@ -521,14 +521,22 @@ ssize_t __weak cpu_show_spectre_v2(struc
return sprintf(buf, "Not affected\n");
}
+ssize_t __weak cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf)
+{
+ return sprintf(buf, "Not affected\n");
+}
+
static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
+static DEVICE_ATTR(spec_store_bypass, 0444, cpu_show_spec_store_bypass, NULL);
static struct attribute *cpu_root_vulnerabilities_attrs[] = {
&dev_attr_meltdown.attr,
&dev_attr_spectre_v1.attr,
&dev_attr_spectre_v2.attr,
+ &dev_attr_spec_store_bypass.attr,
NULL
};
--- a/include/linux/cpu.h
+++ b/include/linux/cpu.h
@@ -53,6 +53,8 @@ extern ssize_t cpu_show_spectre_v1(struc
struct device_attribute *attr, char *buf);
extern ssize_t cpu_show_spectre_v2(struct device *dev,
struct device_attribute *attr, char *buf);
+extern ssize_t cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf);
extern __printf(4, 5)
struct device *cpu_device_create(struct device *parent, void *drvdata,
next prev parent reply other threads:[~2018-05-21 21:11 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-21 21:10 [PATCH 4.14 00/95] 4.14.43-stable review Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 01/95] usbip: usbip_host: refine probe and disconnect debug msgs to be useful Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 02/95] usbip: usbip_host: delete device from busid_table after rebind Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 03/95] usbip: usbip_host: run rebind from exit when module is removed Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 04/95] usbip: usbip_host: fix NULL-ptr deref and use-after-free errors Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 05/95] usbip: usbip_host: fix bad unlock balance during stub_probe() Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 06/95] ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 07/95] ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 08/95] ALSA: control: fix a redundant-copy issue Greg Kroah-Hartman
2018-05-21 21:10 ` [PATCH 4.14 09/95] spi: pxa2xx: Allow 64-bit DMA Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 10/95] spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 11/95] spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 12/95] KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 13/95] KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 14/95] powerpc: Dont preempt_disable() in show_cpuinfo() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 15/95] vfio: ccw: fix cleanup if cp_prefetch fails Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 16/95] tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 17/95] tee: shm: fix use-after-free via temporarily dropped reference Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 18/95] netfilter: nf_tables: free set name in error path Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 19/95] netfilter: nf_tables: cant fail after linking rule into active rule list Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 20/95] netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 21/95] i2c: designware: fix poll-after-enable regression Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 22/95] powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 23/95] drm: Match sysfs name in link removal to link creation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 24/95] lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 25/95] radix tree: fix multi-order iteration race Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 26/95] mm: dont allow deferred pages with NEED_PER_CPU_KM Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 27/95] drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 28/95] s390/qdio: fix access to uninitialized qdio_q fields Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 29/95] s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 30/95] s390/qdio: dont release memory in qdio_setup_irq() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 31/95] s390: remove indirect branch from do_softirq_own_stack Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 32/95] x86/pkeys: Override pkey when moving away from PROT_EXEC Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 33/95] x86/pkeys: Do not special case protection key 0 Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 34/95] efi: Avoid potential crashes, fix the struct efi_pci_io_protocol_32 definition for mixed mode Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 35/95] ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 36/95] x86/mm: Drop TS_COMPAT on 64-bit exec() syscall Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 37/95] tick/broadcast: Use for_each_cpu() specially on UP kernels Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 38/95] ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 39/95] ARM: 8770/1: kprobes: Prohibit probing on optimized_callback Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 40/95] ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 41/95] Btrfs: fix xattr loss after power failure Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 42/95] Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 43/95] btrfs: property: Set incompat flag if lzo/zstd compression is set Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 44/95] btrfs: fix crash when trying to resume balance without the resume flag Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 45/95] btrfs: Split btrfs_del_delalloc_inode into 2 functions Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 46/95] btrfs: Fix delalloc inodes invalidation during transaction abort Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 47/95] btrfs: fix reading stale metadata blocks after degraded raid1 mounts Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 48/95] x86/nospec: Simplify alternative_msr_write() Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 49/95] x86/bugs: Concentrate bug detection into a separate function Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 50/95] x86/bugs: Concentrate bug reporting " Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 51/95] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 52/95] x86/bugs, KVM: Support the combination of guest and host IBRS Greg Kroah-Hartman
2018-05-21 21:11 ` Greg Kroah-Hartman [this message]
2018-05-21 21:11 ` [PATCH 4.14 54/95] x86/cpufeatures: Add X86_FEATURE_RDS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 55/95] x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 56/95] x86/bugs/intel: Set proper CPU features and setup RDS Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 57/95] x86/bugs: Whitelist allowed SPEC_CTRL MSR values Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 58/95] x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 59/95] x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 60/95] x86/speculation: Create spec-ctrl.h to avoid include hell Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 61/95] prctl: Add speculation control prctls Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 62/95] x86/process: Allow runtime control of Speculative Store Bypass Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 63/95] x86/speculation: Add prctl for Speculative Store Bypass mitigation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 64/95] nospec: Allow getting/setting on non-current task Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 65/95] proc: Provide details on speculation flaw mitigations Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 66/95] seccomp: Enable " Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 67/95] x86/bugs: Make boot modes __ro_after_init Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 68/95] prctl: Add force disable speculation Greg Kroah-Hartman
2018-05-21 21:11 ` [PATCH 4.14 69/95] seccomp: Use PR_SPEC_FORCE_DISABLE Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 70/95] seccomp: Add filter flag to opt-out of SSB mitigation Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 71/95] seccomp: Move speculation migitation control to arch code Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 72/95] x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 73/95] x86/bugs: Rename _RDS to _SSBD Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 74/95] proc: Use underscores for SSBD in status Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 75/95] Documentation/spec_ctrl: Do some minor cleanups Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 76/95] x86/bugs: Fix __ssb_select_mitigation() return type Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 77/95] x86/bugs: Make cpu_show_common() static Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 78/95] x86/bugs: Fix the parameters alignment and missing void Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 79/95] x86/cpu: Make alternative_msr_write work for 32-bit code Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 80/95] KVM: SVM: Move spec control call after restore of GS Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 81/95] x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 82/95] x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 83/95] x86/cpufeatures: Disentangle SSBD enumeration Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 84/95] x86/cpufeatures: Add FEATURE_ZEN Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 85/95] x86/speculation: Handle HT correctly on AMD Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 86/95] x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 87/95] x86/speculation: Add virtualized speculative store bypass disable support Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 88/95] x86/speculation: Rework speculative_store_bypass_update() Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 89/95] x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 90/95] x86/bugs: Expose x86_spec_ctrl_base directly Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 91/95] x86/bugs: Remove x86_spec_ctrl_set() Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 92/95] x86/bugs: Rework spec_ctrl base and mask logic Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 93/95] x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 94/95] KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Greg Kroah-Hartman
2018-05-21 21:12 ` [PATCH 4.14 95/95] x86/bugs: Rename SSBD_NO to SSB_NO Greg Kroah-Hartman
2018-05-22 2:26 ` [PATCH 4.14 00/95] 4.14.43-stable review kernelci.org bot
2018-05-22 11:03 ` Naresh Kamboju
2018-05-22 13:29 ` Guenter Roeck
2018-05-22 20:44 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180521210458.156477130@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=bp@suse.de \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).