From patchwork Mon Apr 15 21:21:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 10901549 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7103D1390 for ; Mon, 15 Apr 2019 21:21:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C9EA288D2 for ; Mon, 15 Apr 2019 21:21:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3F1BA288D9; Mon, 15 Apr 2019 21:21:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BBDC7288D2 for ; Mon, 15 Apr 2019 21:21:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=WARjPZyineN5ge42UCOI7X9OYGyfZa1ZDxKRTgRqa7I=; b=RzbjKk74E0Clxw PPPV6ni4esTP0skqAFgzAQGpZ/8fICRLJoOmBAhRkhOeLfFKQxFa5xvRL+NZbZcYrUeUjteGVczaV 9UWrTMx/eMOL9y+5X35b7P0ETZgAMWoQnmr0Dw8xRW4QwPltyDWWenmDENiYC7xfD1F6trRj6Guth CfDLcbb4KFflJBWpFZIpC+rxAipS0cmVMFeo5vo80qLu6c/0OyjUALZFsWsKuR3TrBWJ6qotvtF3R cSkKAIwE/6PGOFdGESNcVzrN24lZaYoAXjaFig1HXQMX9gpbAVVMLhG8r9TSRCf4kBAEE/S6Jo+De JE5Ooj8q2/a9YZkMU9Tw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1hG92s-0000PM-BV; Mon, 15 Apr 2019 21:21:42 +0000 Received: from foss.arm.com ([217.140.101.70]) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1hG92p-0000Ne-TG for linux-arm-kernel@lists.infradead.org; Mon, 15 Apr 2019 21:21:41 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C348E374; Mon, 15 Apr 2019 14:21:35 -0700 (PDT) Received: from mammon-tx2.austin.arm.com (mammon-tx2.austin.arm.com [10.118.29.246]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 2F1723F68F; Mon, 15 Apr 2019 14:21:35 -0700 (PDT) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Subject: [v8 00/10] arm64: add system vulnerability sysfs entries Date: Mon, 15 Apr 2019 16:21:19 -0500 Message-Id: <20190415212129.1112-1-jeremy.linton@arm.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190415_142139_952709_D36E4768 X-CRM114-Status: GOOD ( 11.15 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: stefan.wahren@i2se.com, mlangsdo@redhat.com, suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, julien.thierry@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , Andre.Przywara@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Arm64 machines should be displaying a human readable vulnerability status to speculative execution attacks in /sys/devices/system/cpu/vulnerabilities This series enables that behavior by providing the expected functions. Those functions expose the cpu errata and feature states, as well as whether firmware is responding appropriately to display the overall machine status. This means that in a heterogeneous machine we will only claim the machine is mitigated or safe if we are confident all booted cores are safe or mitigated. v7->v8: Fix latent build break when KVM_INDIRECT_VECTORS is not set. Revert v7 ssbd tristate back to default safe bool. Since __ssb_safe should be reliable now, make overall print more dependent on it. Tweak ssbd message to indicate prctl support. v6->v7: Invert ssb white/black list logic so that we only mark cores in the whitelist not affected when the firmware fails to respond. Removed reviewed/tested tags for just patch 9 because of this. v5->v6: Invert meltdown logic to display that a core is safe rather than mitigated if the mitigation has been enabled on machines that are safe. This can happen when the mitigation was forced on via command line or KASLR. This means that in order to detect if kpti is enabled other methods must be used (look at dmesg) when the machine isn't itself susceptible to meltdown. Trivial whitespace tweaks. Jeremy Linton (6): arm64: Provide a command line to disable spectre_v2 mitigation arm64: add sysfs vulnerability show for meltdown arm64: Always enable spectrev2 vulnerability detection arm64: add sysfs vulnerability show for spectre v2 arm64: Always enable ssb vulnerability detection arm64: add sysfs vulnerability show for speculative store bypass Marc Zyngier (2): arm64: Advertise mitigation of Spectre-v2, or lack thereof arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Mian Yousaf Kaukab (2): arm64: add sysfs vulnerability show for spectre v1 arm64: enable generic CPU vulnerabilites support .../admin-guide/kernel-parameters.txt | 8 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cpufeature.h | 4 - arch/arm64/kernel/cpu_errata.c | 249 +++++++++++++----- arch/arm64/kernel/cpufeature.c | 58 +++- 5 files changed, 232 insertions(+), 88 deletions(-)