diff options
author | Otavio Salvador <otavio@ossystems.com.br> | 2022-05-19 11:02:10 -0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-19 11:02:10 -0300 |
commit | b7007e1d615b8d4b71c28ebf790c5164fc4491d5 (patch) | |
tree | 48c35f63dc1101d0d528b5d79c81849b99ca7c6d /arch/arm/kernel/spectre.c | |
parent | 38955ef654554c94f4d91bafb9ef5c5f41a4c0f6 (diff) | |
parent | 0e61b511dd8474280ba674590daa55f30433b7d4 (diff) |
Merge pull request #565 from philschenker/update-to-5.4.193__update-to-2.3.7__5.4-2.3.x-imx
Update Patchlevel on Branch 5.4-2.3.x-imx from 5.4.161->5.4.193
Diffstat (limited to 'arch/arm/kernel/spectre.c')
-rw-r--r-- | arch/arm/kernel/spectre.c | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/arch/arm/kernel/spectre.c b/arch/arm/kernel/spectre.c new file mode 100644 index 000000000000..0dcefc36fb7a --- /dev/null +++ b/arch/arm/kernel/spectre.c @@ -0,0 +1,71 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include <linux/bpf.h> +#include <linux/cpu.h> +#include <linux/device.h> + +#include <asm/spectre.h> + +static bool _unprivileged_ebpf_enabled(void) +{ +#ifdef CONFIG_BPF_SYSCALL + return !sysctl_unprivileged_bpf_disabled; +#else + return false; +#endif +} + +ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, + char *buf) +{ + return sprintf(buf, "Mitigation: __user pointer sanitization\n"); +} + +static unsigned int spectre_v2_state; +static unsigned int spectre_v2_methods; + +void spectre_v2_update_state(unsigned int state, unsigned int method) +{ + if (state > spectre_v2_state) + spectre_v2_state = state; + spectre_v2_methods |= method; +} + +ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, + char *buf) +{ + const char *method; + + if (spectre_v2_state == SPECTRE_UNAFFECTED) + return sprintf(buf, "%s\n", "Not affected"); + + if (spectre_v2_state != SPECTRE_MITIGATED) + return sprintf(buf, "%s\n", "Vulnerable"); + + if (_unprivileged_ebpf_enabled()) + return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n"); + + switch (spectre_v2_methods) { + case SPECTRE_V2_METHOD_BPIALL: + method = "Branch predictor hardening"; + break; + + case SPECTRE_V2_METHOD_ICIALLU: + method = "I-cache invalidation"; + break; + + case SPECTRE_V2_METHOD_SMC: + case SPECTRE_V2_METHOD_HVC: + method = "Firmware call"; + break; + + case SPECTRE_V2_METHOD_LOOP8: + method = "History overwrite"; + break; + + default: + method = "Multiple mitigations"; + break; + } + + return sprintf(buf, "Mitigation: %s\n", method); +} |