From patchwork Wed Feb 27 01:05:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 159245 Delivered-To: patch@linaro.org Received: by 2002:a02:5cc1:0:0:0:0:0 with SMTP id w62csp3851379jad; Tue, 26 Feb 2019 17:05:59 -0800 (PST) X-Google-Smtp-Source: AHgI3IaSsWNk8YT/Ppj+pNfVAqO86TxxFIKNgwKmXzHlPhJSZawuuW5EkMFTQDNCTZfXBmPc4prN X-Received: by 2002:a17:902:74cb:: with SMTP id f11mr29614924plt.180.1551229559854; Tue, 26 Feb 2019 17:05:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551229559; cv=none; d=google.com; s=arc-20160816; b=Xg/Xj6lR5FxVcqN0UE8UM6E+8UQCUmu6/zxREW1HwpfIKXe/W7Y3Rmpgwkg8fNdw/U SKGNf5dO89Dh7k/xBIbW4IxGmLhN3kj9Klv0fbB7x8MFFte7/fP6i9Ff3bPlZx0Vpsqp bDdiSDPEo/UUM42CeiWzBlr4juMziwoz84Zn6+U4iXpyQA6hmcPw4lT4FYEK0pk7TblS PjlG0x9Ln1aN5zoaK92yxrPJt0FX14OH1y+eVpUhLkTM+DjLLCWivwIlBHeYbR7mgi7N Q2VKzifXsPkr/upglGAzEDBLJ9pxqbffk3Vb1FOZMHFFh7y76wygEIfKmvDHhFquLaq4 y23Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=GDPkzOPedJ2QedHhaO55vlvqBwNNsxiTlzZi0eIXmrU=; b=RyIBzsf5D2BF9m/WLba9xCbCC2w3U6P2gtlp0oWvjnGhnYeifKhO2h5azZw10kiGkl 6kK2isNKurAk7r5aTbVfaqyh07D+wjIx8Pbno5OAHY4pTxwbh4v3FomOay8WA+RxDGx2 qOd9qfxZckGctJ0nhH18GoUvoXLnMrLEoP5CVclDNDcILbuSyonIdCkk6QJSUSrfkxlo VOWzNUbdcNtuq9Qa98fZMARa4Pmz8alA5XKAYs+0EShqpvj5ZKeyOStcizXLlW7ygIzA /zADAIKD6Cx/+iYUo42wmF7Migt9t6BPfpbY049xi32VY2a2LH8MjfFlOjjoOgDHte8h sJ+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k69si3376112pgd.135.2019.02.26.17.05.58; Tue, 26 Feb 2019 17:05:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729467AbfB0BF5 (ORCPT + 31 others); Tue, 26 Feb 2019 20:05:57 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:55570 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728766AbfB0BF5 (ORCPT ); Tue, 26 Feb 2019 20:05:57 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A3C6480D; Tue, 26 Feb 2019 17:05:56 -0800 (PST) Received: from beelzebub.austin.arm.com (beelzebub.austin.arm.com [10.118.12.119]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 100243F5C1; Tue, 26 Feb 2019 17:05:56 -0800 (PST) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton Subject: [PATCH v5 00/10] arm64: add system vulnerability sysfs entries Date: Tue, 26 Feb 2019 19:05:34 -0600 Message-Id: <20190227010544.597579-1-jeremy.linton@arm.com> X-Mailer: git-send-email 2.17.2 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Arm64 machines should be displaying a human readable vulnerability status to speculative execution attacks in /sys/devices/system/cpu/vulnerabilities This series enables that behavior by providing the expected functions. Those functions expose the cpu errata and feature states, as well as whether firmware is responding appropriately to display the overall machine status. This means that in a heterogeneous machine we will only claim the machine is mitigated or safe if we are confident all booted cores are safe or mitigated. v4->v5: Revert the changes to remove the CONFIG_EXPERT hidden options, but leave the detection paths building without #ifdef wrappers. Also remove the CONFIG_GENERIC_CPU_VULNERABILITIES #ifdefs as we are 'select'ing the option in the Kconfig. This allows us to keep all three variations of the CONFIG/enable/disable paths without a lot of (CONFIG_X || CONFIG_Y) checks. Various bits/pieces moved between the patches in an attempt to keep similar features/changes together. v3->v4: Drop the patch which selectivly exports sysfs entries Remove the CONFIG_EXPERT hidden options which allowed the kernel to be built without the vulnerability detection code. Pick Marc Z's patches which invert the white/black lists for spectrev2 and clean up the firmware detection logic. Document the existing kpti controls Add a nospectre_v2 option to boot time disable the mitigation v2->v3: Remove "Unknown" states, replace with further blacklists and default vulnerable/not affected states. Add the ability for an arch port to selectively export sysfs vulnerabilities. v1->v2: Add "Unknown" state to ABI/testing docs. Minor tweaks. Jeremy Linton (6): arm64: Provide a command line to disable spectre_v2 mitigation arm64: add sysfs vulnerability show for meltdown arm64: Always enable spectrev2 vulnerability detection arm64: add sysfs vulnerability show for spectre v2 arm64: Always enable ssb vulnerability detection arm64: add sysfs vulnerability show for speculative store bypass Marc Zyngier (2): arm64: Advertise mitigation of Spectre-v2, or lack thereof arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Mian Yousaf Kaukab (2): arm64: add sysfs vulnerability show for spectre v1 arm64: enable generic CPU vulnerabilites support .../admin-guide/kernel-parameters.txt | 8 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cpufeature.h | 4 - arch/arm64/kernel/cpu_errata.c | 239 +++++++++++++----- arch/arm64/kernel/cpufeature.c | 47 +++- 5 files changed, 216 insertions(+), 83 deletions(-) -- 2.20.1 Tested-by: Stefan Wahren