From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx2.suse.de ([195.135.220.15]) by Galois.linutronix.de with esmtps (TLS1.0:DHE_RSA_CAMELLIA_256_CBC_SHA1:256) (Exim 4.80) (envelope-from ) id 1f8onD-00047D-Fl for speck@linutronix.de; Wed, 18 Apr 2018 17:14:45 +0200 Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id ECB32ACBC for ; Wed, 18 Apr 2018 15:14:37 +0000 (UTC) Date: Wed, 18 Apr 2018 17:14:33 +0200 From: Borislav Petkov Subject: [MODERATED] Re: [patch 1/8] [PATCH v1.3.1 1/7] Linux Patch 1 Message-ID: <20180418151433.GB4290@pd.tnic> References: <20180418141547.90010610F0@crypto-ml.lab.linutronix.de> MIME-Version: 1.0 In-Reply-To: <20180418141547.90010610F0@crypto-ml.lab.linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable To: speck@linutronix.de List-ID: Lemme paste my comments from last time, now that the whole encrypted mail thing and glue around it works. :) On Thu, Apr 12, 2018 at 10:26:50PM -0400, speck for konrad.wilk_at_oracle.com= wrote: > x86/mdd: Expose the /sys/../md and BUG_MD >=20 > It does not do much except show the words 'Vulnerable'. >=20 > It assumes that Cyrix, Old Intel CPUs are immune to this. >=20 > Signed-off-by: Konrad Rzeszutek Wilk > --- > v3: Remove AMD > s/md/mdd/ > --- > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/kernel/cpu/bugs.c | 8 ++++++++ > arch/x86/kernel/cpu/common.c | 17 +++++++++++++++++ > drivers/base/cpu.c | 8 ++++++++ > include/linux/cpu.h | 2 ++ > 5 files changed, 36 insertions(+) >=20 > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf= eatures.h > index d554c11e01ff..4393c10fcc6f 100644 > --- a/arch/x86/include/asm/cpufeatures.h > +++ b/arch/x86/include/asm/cpufeatures.h > @@ -362,5 +362,6 @@ > #define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown a= ttack and needs kernel page table isolation */ > #define X86_BUG_SPECTRE_V1 X86_BUG(15) /* CPU is affected by Spectre vari= ant 1 attack with conditional branches */ > #define X86_BUG_SPECTRE_V2 X86_BUG(16) /* CPU is affected by Spectre vari= ant 2 attack with indirect branches */ > +#define X86_BUG_CPU_MD X86_BUG(17) /* CPU is affected by memory disambig= uation. */ > =20 > #endif /* _ASM_X86_CPUFEATURES_H */ > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index bfca937bdcc3..79dfc80c4b9c 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -340,4 +340,12 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct= device_attribute *attr, c > boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", > spectre_v2_module_string()); > } > + > +ssize_t cpu_show_md(struct device *dev, struct device_attribute *attr, cha= r *buf) > +{ > + if (!boot_cpu_has_bug(X86_BUG_CPU_MD)) > + return sprintf(buf, "Not affected\n"); > + > + return sprintf(buf, "Vulnerable\n"); > +} I guess those can be unified into a single function at some point - otherwise we'll have one set per CPU bug and that could become unwieldy at some point. > #endif > diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c > index 348cf4821240..4cd1c95e21b2 100644 > --- a/arch/x86/kernel/cpu/common.c > +++ b/arch/x86/kernel/cpu/common.c > @@ -935,6 +935,21 @@ static bool __init cpu_vulnerable_to_meltdown(struct c= puinfo_x86 *c) > return true; > } > =20 > +static const __initconst struct x86_cpu_id cpu_no_md[] =3D { > + { X86_VENDOR_CENTAUR, 5 }, > + { X86_VENDOR_INTEL, 5 }, > + { X86_VENDOR_NSC, 5 }, > + { X86_VENDOR_ANY, 4 }, > + {} > +}; > + > +static bool __init cpu_vulnerable_to_md(struct cpuinfo_x86 *c) > +{ > + if (x86_match_cpu(cpu_no_md)) > + return false; > + > + return true; > +} This too could be merged with cpu_vulnerable_to_meltdown() and made into a common cpu_set_bug_bits() or so which goes through all those x86_x86_id matching structures. --=20 Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imend=C3=B6rffer, Jane Smithard, Graham Norton, HR= B 21284 (AG N=C3=BCrnberg) --=20