lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed,  2 Jan 2019 18:49:14 -0600
From:   Jeremy Linton <jeremy.linton@....com>
To:     linux-arm-kernel@...ts.infradead.org
Cc:     catalin.marinas@....com, will.deacon@....com, marc.zyngier@....com,
        suzuki.poulose@....com, dave.martin@....com,
        shankerd@...eaurora.org, mark.rutland@....com,
        linux-kernel@...r.kernel.org, ykaukab@...e.de,
        julien.thierry@....com, mlangsdo@...hat.com, steven.price@....com,
        Jeremy Linton <jeremy.linton@....com>
Subject: [PATCH v2 0/7] add system vulnerability sysfs entries

This series was originally by Mian Yousaf Kaukab.

Arm64 machines should be displaying a human readable
vulnerability status to speculative execution attacks in
/sys/devices/system/cpu/vulnerabilities 

This series enables that behavior by providing the expected
functions. Those functions expose the cpu errata and feature
states, as well as whether firmware is responding appropriately
to display the overall machine status. This means that in a
heterogeneous machine we will only claim the machine is mitigated
or safe if we are confident all booted cores are safe or
mitigated. Otherwise, we will display unknown or unsafe
depending on how much of the machine configuration can
be assured.

v1->v2:
	Add "Unknown" state to ABI/testing docs.
	Minor tweaks.
	
Jeremy Linton (3):
  sysfs/cpu: Add "Unknown" vulnerability state
  arm64: add sysfs vulnerability show for meltdown
  arm64: add sysfs vulnerability show for spectre v2

Mian Yousaf Kaukab (4):
  arm64: kpti: move check for non-vulnerable CPUs to a function
  arm64: add sysfs vulnerability show for spectre v1
  arm64: add sysfs vulnerability show for speculative store bypass
  arm64: enable generic CPU vulnerabilites support

 .../ABI/testing/sysfs-devices-system-cpu      |   1 +
 arch/arm64/Kconfig                            |   1 +
 arch/arm64/kernel/cpu_errata.c                | 107 +++++++++++++++++-
 arch/arm64/kernel/cpufeature.c                |  42 +++++--
 4 files changed, 138 insertions(+), 13 deletions(-)

-- 
2.17.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ