| Message ID | 20200728155039.401445-1-cascardo@canonical.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | selftests/powerpc: return skip code for spectre_v2 | expand |
On Tue, 28 Jul 2020 12:50:39 -0300, Thadeu Lima de Souza Cascardo wrote: > When running under older versions of qemu of under newer versions with old > machine types, some security features will not be reported to the guest. > This will lead the guest OS to consider itself Vulnerable to spectre_v2. > > So, spectre_v2 test fails in such cases when the host is mitigated and miss > predictions cannot be detected as expected by the test. > > [...] Applied to powerpc/next. [1/1] selftests/powerpc: Return skip code for spectre_v2 https://git.kernel.org/powerpc/c/f3054ffd71b5afd44832b2207e6e90267e1cd2d1 cheers
diff --git a/tools/testing/selftests/powerpc/security/spectre_v2.c b/tools/testing/selftests/powerpc/security/spectre_v2.c index 8c6b982af2a8..d5445bfd63ed 100644 --- a/tools/testing/selftests/powerpc/security/spectre_v2.c +++ b/tools/testing/selftests/powerpc/security/spectre_v2.c @@ -183,6 +183,14 @@ int spectre_v2_test(void) if (miss_percent > 15) { printf("Branch misses > 15%% unexpected in this configuration!\n"); printf("Possible mis-match between reported & actual mitigation\n"); + /* Such a mismatch may be caused by a guest system + * reporting as vulnerable when the host is mitigated. + * Return skip code to avoid detecting this as an + * error. We are not vulnerable and reporting otherwise, + * so missing such a mismatch is safe. + */ + if (state == VULNERABLE) + return 4; return 1; } break;
When running under older versions of qemu of under newer versions with old machine types, some security features will not be reported to the guest. This will lead the guest OS to consider itself Vulnerable to spectre_v2. So, spectre_v2 test fails in such cases when the host is mitigated and miss predictions cannot be detected as expected by the test. Make it return the skip code instead, for this particular case. We don't want to miss the case when the test fails and the system reports as mitigated or not affected. But it is not a problem to miss failures when the system reports as Vulnerable. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> --- tools/testing/selftests/powerpc/security/spectre_v2.c | 8 ++++++++ 1 file changed, 8 insertions(+)