From: Gustavo Walbon <gwalbon@linux.ibm.com>
To: benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au
Cc: mikey@neuling.org, jkosina@suse.cz, linux-kernel@vger.kernel.org,
diana.craciun@nxp.com, gustavowalbon@gmail.com,
jpoimboe@redhat.com, leitao@debian.org, tglx@linutronix.de,
linuxppc-dev@lists.ozlabs.org
Subject: [PATCH] powerpc: Set right value of Speculation_Store_Bypass in /proc/<pid>/status
Date: Fri, 16 Aug 2019 11:30:48 -0300 [thread overview]
Message-ID: <20190816143048.11458-1-gwalbon@linux.ibm.com> (raw)
The issue has showed the value of status of Speculation_Store_Bypass in the
/proc/<pid>/status as `unknown` for PowerPC systems.
The patch fix the checking of the mitigation status of Speculation, and
can be reported as "not vulnerable", "globally mitigated" or "vulnerable".
Link: https://github.com/linuxppc/issues/issues/255
Signed-off-by: Gustavo Walbon <gwalbon@linux.ibm.com>
---
arch/powerpc/kernel/security.c | 25 ++++++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c
index e1c9cf079503..754ae4238d4e 100644
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -14,7 +14,7 @@
#include <asm/debugfs.h>
#include <asm/security_features.h>
#include <asm/setup.h>
-
+#include <linux/prctl.h>
unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT;
@@ -339,6 +339,29 @@ ssize_t cpu_show_spec_store_bypass(struct device *dev, struct device_attribute *
return sprintf(buf, "Vulnerable\n");
}
+static int ssb_prctl_get(struct task_struct *task)
+{
+ if (stf_barrier) {
+ if (stf_enabled_flush_types == STF_BARRIER_NONE)
+ return PR_SPEC_NOT_AFFECTED;
+ else
+ return PR_SPEC_DISABLE;
+ } else
+ return PR_SPEC_DISABLE_NOEXEC;
+
+ return -EINVAL;
+}
+
+int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which)
+{
+ switch (which) {
+ case PR_SPEC_STORE_BYPASS:
+ return ssb_prctl_get(task);
+ default:
+ return -ENODEV;
+ }
+}
+
#ifdef CONFIG_DEBUG_FS
static int stf_barrier_set(void *data, u64 val)
{
--
2.19.1
reply other threads:[~2019-08-16 14:34 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190816143048.11458-1-gwalbon@linux.ibm.com \
--to=gwalbon@linux.ibm.com \
--cc=benh@kernel.crashing.org \
--cc=diana.craciun@nxp.com \
--cc=gustavowalbon@gmail.com \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=leitao@debian.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mikey@neuling.org \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).