lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed,  9 Jan 2019 17:55:37 -0600
From:   Jeremy Linton <jeremy.linton@....com>
To:     linux-arm-kernel@...ts.infradead.org
Cc:     catalin.marinas@....com, will.deacon@....com, marc.zyngier@....com,
        suzuki.poulose@....com, dave.martin@....com,
        shankerd@...eaurora.org, linux-kernel@...r.kernel.org,
        ykaukab@...e.de, julien.thierry@....com, mlangsdo@...hat.com,
        steven.price@....com, stefan.wahren@...e.com,
        Jeremy Linton <jeremy.linton@....com>
Subject: [PATCH v3 0/7] arm64: add system vulnerability sysfs entries

Arm64 machines should be displaying a human readable
vulnerability status to speculative execution attacks in
/sys/devices/system/cpu/vulnerabilities 

This series enables that behavior by providing the expected
functions. Those functions expose the cpu errata and feature
states, as well as whether firmware is responding appropriately
to display the overall machine status. This means that in a
heterogeneous machine we will only claim the machine is mitigated
or safe if we are confident all booted cores are safe or
mitigated.

v2->v3:
	Remove "Unknown" states, replace with further blacklists
	       and default vulnerable/no affected states.
	Add the ability for an arch port to selectively export
	       sysfs vulnerabilities.

v1->v2:
	Add "Unknown" state to ABI/testing docs.
	Minor tweaks.
	
Jeremy Linton (4):
  sysfs/cpu: Allow individual architectures to select vulnerabilities
  arm64: add sysfs vulnerability show for meltdown
  arm64: add sysfs vulnerability show for spectre v2
  arm64: add sysfs vulnerability show for speculative store bypass

Mian Yousaf Kaukab (3):
  arm64: add sysfs vulnerability show for spectre v1
  arm64: kpti: move check for non-vulnerable CPUs to a function
  arm64: enable generic CPU vulnerabilites support

 arch/arm64/Kconfig             |   1 +
 arch/arm64/kernel/cpu_errata.c | 126 +++++++++++++++++++++++++++++++--
 arch/arm64/kernel/cpufeature.c |  45 +++++++++---
 drivers/base/cpu.c             |  19 +++++
 include/linux/cpu.h            |   7 ++
 5 files changed, 185 insertions(+), 13 deletions(-)

-- 
2.17.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ