Message ID | 20190816143048.11458-1-gwalbon@linux.ibm.com (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | powerpc: Set right value of Speculation_Store_Bypass in /proc/<pid>/status | expand |
Context | Check | Description |
---|---|---|
snowpatch_ozlabs/apply_patch | success | Successfully applied on branch next (c9633332103e55bc73d80d07ead28b95a22a85a3) |
snowpatch_ozlabs/build-ppc64le | warning | Build succeeded but added 1 new sparse warnings |
snowpatch_ozlabs/build-ppc64be | warning | Build succeeded but added 1 new sparse warnings |
snowpatch_ozlabs/build-ppc64e | success | Build succeeded |
snowpatch_ozlabs/build-pmac32 | success | Build succeeded |
snowpatch_ozlabs/checkpatch | warning | total: 0 errors, 0 warnings, 2 checks, 37 lines checked |
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index e1c9cf079503..754ae4238d4e 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -14,7 +14,7 @@ #include <asm/debugfs.h> #include <asm/security_features.h> #include <asm/setup.h> - +#include <linux/prctl.h> unsigned long powerpc_security_features __read_mostly = SEC_FTR_DEFAULT; @@ -339,6 +339,29 @@ ssize_t cpu_show_spec_store_bypass(struct device *dev, struct device_attribute * return sprintf(buf, "Vulnerable\n"); } +static int ssb_prctl_get(struct task_struct *task) +{ + if (stf_barrier) { + if (stf_enabled_flush_types == STF_BARRIER_NONE) + return PR_SPEC_NOT_AFFECTED; + else + return PR_SPEC_DISABLE; + } else + return PR_SPEC_DISABLE_NOEXEC; + + return -EINVAL; +} + +int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which) +{ + switch (which) { + case PR_SPEC_STORE_BYPASS: + return ssb_prctl_get(task); + default: + return -ENODEV; + } +} + #ifdef CONFIG_DEBUG_FS static int stf_barrier_set(void *data, u64 val) {
The issue has showed the value of status of Speculation_Store_Bypass in the /proc/<pid>/status as `unknown` for PowerPC systems. The patch fix the checking of the mitigation status of Speculation, and can be reported as "not vulnerable", "globally mitigated" or "vulnerable". Link: https://github.com/linuxppc/issues/issues/255 Signed-off-by: Gustavo Walbon <gwalbon@linux.ibm.com> --- arch/powerpc/kernel/security.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-)