From patchwork Mon Apr 15 21:21:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 162270 Delivered-To: patch@linaro.org Received: by 2002:a02:c6d8:0:0:0:0:0 with SMTP id r24csp3418040jan; Mon, 15 Apr 2019 14:21:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqyBUqbj7ZG9ZtOn0fUUbk2hswsYSB2ml9mAwQrDb+uGhw5oPUSisw0WZtTzfXqv+opnB72e X-Received: by 2002:a62:e50a:: with SMTP id n10mr78097280pff.55.1555363298031; Mon, 15 Apr 2019 14:21:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555363298; cv=none; d=google.com; s=arc-20160816; b=fBRqhAZuMAs/3ex3wUjYU47XudloHFi7uw+x2aWCidktwCYVoxZWXJDz9+l5kQWWy+ +2IAL9Eq3N+9tmIJ/QltlzosVQ0qkUGYnDyNhl8yKkIjOfol+aUGMk/H4gxPJ2AO48wy Ocb+zb3BlOSQcZ/uDyt7Qc8RdzezhveUWaWlAqwZVJi/E3ri4PTF4SX8tXn1l/mr3tcp nnORWRrWfg9BruqYeebEQa8RGCjY2eOR2tKAQTUTNKIB5detAxOV2EFXdAIr1QwVJq4p rKAAqPMMGwztx3knBPpJE6Ni+jODTSspVtQyvYy7JTUwQ26NpynyrxEVsgDQUDaJDfAH DbWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=p5Hi0rM+ijolwjqUW5ddtpEocOc2EeFRs3fjhGGEiF4=; b=haPq0aeVTqFFF8JipnZhCDCliLCACPxFmxZsesWZ6h1ECgci7myoe0/L7+5CdnUyHF FNHArIwZkzzHezMHThLpl4noeFLtaemBf1KWTodedccrPOijRwFB/z7F7hFlr9SnBCpE 3PEp5jGys8V2be6eUoSc/3OqBCmVNXSlV0mf+J/7vTO16CkOGRSIyXaacYVjR6Tf5DXf N8zmRioJYLjp0hSAFTV9TL2RZKbN2zUftE16JliwWPr7BJ5NWBO//oNf1qdT8PALsOdP VQEGXOqo9KmmWsikpL4GJ0ffMRJald4SKNtPxDCLtAEsfNHY2WLmX7rQ4dV/Mmai8zCv Ajrw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v5si44997477pgb.83.2019.04.15.14.21.37; Mon, 15 Apr 2019 14:21:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727982AbfDOVVg (ORCPT + 30 others); Mon, 15 Apr 2019 17:21:36 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:42860 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726041AbfDOVVg (ORCPT ); Mon, 15 Apr 2019 17:21:36 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C348E374; Mon, 15 Apr 2019 14:21:35 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 2F1723F68F; Mon, 15 Apr 2019 14:21:35 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2se.com, Andre.Przywara@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton Subject: [v8 00/10] arm64: add system vulnerability sysfs entries Date: Mon, 15 Apr 2019 16:21:19 -0500 Message-Id: <20190415212129.1112-1-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Arm64 machines should be displaying a human readable vulnerability status to speculative execution attacks in /sys/devices/system/cpu/vulnerabilities This series enables that behavior by providing the expected functions. Those functions expose the cpu errata and feature states, as well as whether firmware is responding appropriately to display the overall machine status. This means that in a heterogeneous machine we will only claim the machine is mitigated or safe if we are confident all booted cores are safe or mitigated. v7->v8: Fix latent build break when KVM_INDIRECT_VECTORS is not set. Revert v7 ssbd tristate back to default safe bool. Since __ssb_safe should be reliable now, make overall print more dependent on it. Tweak ssbd message to indicate prctl support. v6->v7: Invert ssb white/black list logic so that we only mark cores in the whitelist not affected when the firmware fails to respond. Removed reviewed/tested tags for just patch 9 because of this. v5->v6: Invert meltdown logic to display that a core is safe rather than mitigated if the mitigation has been enabled on machines that are safe. This can happen when the mitigation was forced on via command line or KASLR. This means that in order to detect if kpti is enabled other methods must be used (look at dmesg) when the machine isn't itself susceptible to meltdown. Trivial whitespace tweaks. Jeremy Linton (6): arm64: Provide a command line to disable spectre_v2 mitigation arm64: add sysfs vulnerability show for meltdown arm64: Always enable spectrev2 vulnerability detection arm64: add sysfs vulnerability show for spectre v2 arm64: Always enable ssb vulnerability detection arm64: add sysfs vulnerability show for speculative store bypass Marc Zyngier (2): arm64: Advertise mitigation of Spectre-v2, or lack thereof arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Mian Yousaf Kaukab (2): arm64: add sysfs vulnerability show for spectre v1 arm64: enable generic CPU vulnerabilites support .../admin-guide/kernel-parameters.txt | 8 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cpufeature.h | 4 - arch/arm64/kernel/cpu_errata.c | 249 +++++++++++++----- arch/arm64/kernel/cpufeature.c | 58 +++- 5 files changed, 232 insertions(+), 88 deletions(-) -- 2.20.1