prctl: Add force disable speculation

commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee upstream For certain use cases it is desired to enforce mitigations so they cannot be undone afterwards. That's important for loader stubs which want to prevent a child from disabling the mitigation again. Will also be used for seccomp(). The extra state preserving of the prctl state for SSB is a preparatory step for EBPF dymanic speculation control. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Thomas Gleixner <tglx@linutronix.de> 2018-05-03 22:09:15 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-22 18:54:04 +0200
commit: 20d036a2e223a5c4327bcf432ef995f59f51d1d1 (patch)
tree: 4d79c308f3c9af554bdcef4a8afe4e004b8476a7 /fs/proc
parent: c024722ffecd484fcb35ad61e822c214b6913196 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/proc/array.c b/fs/proc/array.c
index a171e4e88e5e..b3dce4c335cd 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -356,6 +356,9 @@ static inline void task_seccomp(struct seq_file *m, struct task_struct *p)
 	case PR_SPEC_NOT_AFFECTED:
 		seq_printf(m, "not vulnerable");
 		break;
+	case PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE:
+		seq_printf(m, "thread force mitigated");
+		break;
 	case PR_SPEC_PRCTL | PR_SPEC_DISABLE:
 		seq_printf(m, "thread mitigated");
 		break;
author	Thomas Gleixner <tglx@linutronix.de>	2018-05-03 22:09:15 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-05-22 18:54:04 +0200
commit	20d036a2e223a5c4327bcf432ef995f59f51d1d1 (patch)
tree	4d79c308f3c9af554bdcef4a8afe4e004b8476a7 /fs/proc
parent	c024722ffecd484fcb35ad61e822c214b6913196 (diff)