| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2018 03:03:34 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org, "David Woodhouse" <dwmw@...zon.co.uk>,
"Linus Torvalds" <torvalds@...uxfoundation.org>,
"Peter Zijlstra" <peterz@...radead.org>,
"Will Deacon" <will.deacon@....com>,
"Borislav Petkov" <bp@...en8.de>,
"Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
"Konrad Rzeszutek Wilk" <konrad.wilk@...cle.com>,
"Dave Hansen" <dave.hansen@...el.com>,
"Thomas Gleixner" <tglx@...utronix.de>
Subject: [PATCH 3.2 046/104] sysfs/cpu: Add vulnerability folder
3.2.101-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Thomas Gleixner <tglx@...utronix.de>
commit 87590ce6e373d1a5401f6539f0c59ef92dd924a9 upstream.
As the meltdown/spectre problem affects several CPU architectures, it makes
sense to have common way to express whether a system is affected by a
particular vulnerability or not. If affected the way to express the
mitigation should be common as well.
Create /sys/devices/system/cpu/vulnerabilities folder and files for
meltdown, spectre_v1 and spectre_v2.
Allow architectures to override the show function.
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Will Deacon <will.deacon@....com>
Cc: Dave Hansen <dave.hansen@...el.com>
Cc: Linus Torvalds <torvalds@...uxfoundation.org>
Cc: Borislav Petkov <bp@...en8.de>
Cc: David Woodhouse <dwmw@...zon.co.uk>
Link: https://lkml.kernel.org/r/20180107214913.096657732@linutronix.de
[bwh: Backported to 3.2: CPU device class is a sysdev_class, not a normal device
class]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
Documentation/ABI/testing/sysfs-devices-system-cpu | 16 ++++++++
drivers/base/Kconfig | 3 ++
drivers/base/cpu.c | 48 ++++++++++++++++++++++
include/linux/cpu.h | 7 ++++
4 files changed, 74 insertions(+)
--- a/Documentation/ABI/testing/sysfs-devices-system-cpu
+++ b/Documentation/ABI/testing/sysfs-devices-system-cpu
@@ -201,3 +201,19 @@ Description: Disable L3 cache indices
All AMD processors with L3 caches provide this functionality.
For details, see BKDGs at
http://developer.amd.com/documentation/guides/Pages/default.aspx
+
+What: /sys/devices/system/cpu/vulnerabilities
+ /sys/devices/system/cpu/vulnerabilities/meltdown
+ /sys/devices/system/cpu/vulnerabilities/spectre_v1
+ /sys/devices/system/cpu/vulnerabilities/spectre_v2
+Date: Januar 2018
+Contact: Linux kernel mailing list <linux-kernel@...r.kernel.org>
+Description: Information about CPU vulnerabilities
+
+ The files are named after the code names of CPU
+ vulnerabilities. The output of those files reflects the
+ state of the CPUs in the system. Possible output values:
+
+ "Not affected" CPU is not affected by the vulnerability
+ "Vulnerable" CPU is affected and no mitigation in effect
+ "Mitigation: $M" CPU is affetcted and mitigation $M is in effect
--- a/drivers/base/Kconfig
+++ b/drivers/base/Kconfig
@@ -172,6 +172,9 @@ config SYS_HYPERVISOR
bool
default n
+config GENERIC_CPU_VULNERABILITIES
+ bool
+
source "drivers/base/regmap/Kconfig"
endmenu
--- a/drivers/base/cpu.c
+++ b/drivers/base/cpu.c
@@ -247,6 +247,53 @@ struct sys_device *get_cpu_sysdev(unsign
}
EXPORT_SYMBOL_GPL(get_cpu_sysdev);
+#ifdef CONFIG_GENERIC_CPU_VULNERABILITIES
+
+ssize_t __weak cpu_show_meltdown(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf)
+{
+ return sprintf(buf, "Not affected\n");
+}
+
+ssize_t __weak cpu_show_spectre_v1(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf)
+{
+ return sprintf(buf, "Not affected\n");
+}
+
+ssize_t __weak cpu_show_spectre_v2(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf)
+{
+ return sprintf(buf, "Not affected\n");
+}
+
+static SYSDEV_CLASS_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
+static SYSDEV_CLASS_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
+static SYSDEV_CLASS_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
+
+static struct attribute *cpu_root_vulnerabilities_attrs[] = {
+ &attr_meltdown.attr,
+ &attr_spectre_v1.attr,
+ &attr_spectre_v2.attr,
+ NULL
+};
+
+static const struct attribute_group cpu_root_vulnerabilities_group = {
+ .name = "vulnerabilities",
+ .attrs = cpu_root_vulnerabilities_attrs,
+};
+
+static void __init cpu_register_vulnerabilities(void)
+{
+ if (sysfs_create_group(&cpu_sysdev_class.kset.kobj,
+ &cpu_root_vulnerabilities_group))
+ pr_err("Unable to register CPU vulnerabilities\n");
+}
+
+#else
+static inline void cpu_register_vulnerabilities(void) { }
+#endif
+
int __init cpu_dev_init(void)
{
int err;
@@ -256,6 +303,8 @@ int __init cpu_dev_init(void)
if (!err)
err = sched_create_sysfs_power_savings_entries(&cpu_sysdev_class);
#endif
+ if (!err)
+ cpu_register_vulnerabilities();
return err;
}
--- a/include/linux/cpu.h
+++ b/include/linux/cpu.h
@@ -36,6 +36,13 @@ extern void cpu_remove_sysdev_attr_group
extern int sched_create_sysfs_power_savings_entries(struct sysdev_class *cls);
+ssize_t cpu_show_meltdown(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf);
+ssize_t cpu_show_spectre_v1(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf);
+ssize_t cpu_show_spectre_v2(struct sysdev_class *class,
+ struct sysdev_class_attribute *attr, char *buf);
+
#ifdef CONFIG_HOTPLUG_CPU
extern void unregister_cpu(struct cpu *cpu);
extern ssize_t arch_cpu_probe(const char *, size_t);
Powered by blists - more mailing lists