From patchwork Wed Jan 9 23:55:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Linton X-Patchwork-Id: 10754989 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6853E13B5 for ; Wed, 9 Jan 2019 23:56:00 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 504C928C6F for ; Wed, 9 Jan 2019 23:56:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 43AF329289; Wed, 9 Jan 2019 23:56:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 2EDE328C6F for ; Wed, 9 Jan 2019 23:55:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=QQ8jZwbPdQlxJF64zS3EsrdQJYHdXTyQCfv2z9E9Gz4=; b=Nxq calIMqeAH1pimspKFpEaRFHDinUA1WGSzqejQFabR9zOMFgBOFZuE8qtmK78Broh/qNdemGpn/9V8 HR7Ru/59lAO9cOhGZHDHsxvwqV9+9Pt0MhxS0DMHoZUCjjWC0/p75ChUKuroKmwwKV9QcMHM5wBWQ pDKhZ6bsh8MDBxVerDp7DIUou4ljhCGoeWBYR94eR0uDwEMw/Md48fCWWiv0cgN0bGOX3iGy5fLCc 6yFES+vSBuufprechJtd5avXQ+NPmDNW0C5zcfhHmuLuNNgJ7SFHw3NrckMo/Vfv0rYrJF2/J5yXY 671wy08DG5nCVsEicrM546JLIUGqllA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ghNhS-0005yD-BP; Wed, 09 Jan 2019 23:55:54 +0000 Received: from foss.arm.com ([217.140.101.70]) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1ghNhP-0005xE-2t for linux-arm-kernel@lists.infradead.org; Wed, 09 Jan 2019 23:55:52 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 27E7CA78; Wed, 9 Jan 2019 15:55:48 -0800 (PST) Received: from beelzebub.austin.arm.com (beelzebub.austin.arm.com [10.118.12.119]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 7F47F3F5AF; Wed, 9 Jan 2019 15:55:47 -0800 (PST) From: Jeremy Linton To: linux-arm-kernel@lists.infradead.org Subject: [PATCH v3 0/7] arm64: add system vulnerability sysfs entries Date: Wed, 9 Jan 2019 17:55:37 -0600 Message-Id: <20190109235544.2992426-1-jeremy.linton@arm.com> X-Mailer: git-send-email 2.17.2 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190109_155551_132455_BA3012B8 X-CRM114-Status: UNSURE ( 6.36 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: stefan.wahren@i2se.com, mlangsdo@redhat.com, suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, julien.thierry@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton , steven.price@arm.com, ykaukab@suse.de, dave.martin@arm.com, shankerd@codeaurora.org MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Arm64 machines should be displaying a human readable vulnerability status to speculative execution attacks in /sys/devices/system/cpu/vulnerabilities This series enables that behavior by providing the expected functions. Those functions expose the cpu errata and feature states, as well as whether firmware is responding appropriately to display the overall machine status. This means that in a heterogeneous machine we will only claim the machine is mitigated or safe if we are confident all booted cores are safe or mitigated. v2->v3: Remove "Unknown" states, replace with further blacklists and default vulnerable/no affected states. Add the ability for an arch port to selectively export sysfs vulnerabilities. v1->v2: Add "Unknown" state to ABI/testing docs. Minor tweaks. Jeremy Linton (4): sysfs/cpu: Allow individual architectures to select vulnerabilities arm64: add sysfs vulnerability show for meltdown arm64: add sysfs vulnerability show for spectre v2 arm64: add sysfs vulnerability show for speculative store bypass Mian Yousaf Kaukab (3): arm64: add sysfs vulnerability show for spectre v1 arm64: kpti: move check for non-vulnerable CPUs to a function arm64: enable generic CPU vulnerabilites support arch/arm64/Kconfig | 1 + arch/arm64/kernel/cpu_errata.c | 126 +++++++++++++++++++++++++++++++-- arch/arm64/kernel/cpufeature.c | 45 +++++++++--- drivers/base/cpu.c | 19 +++++ include/linux/cpu.h | 7 ++ 5 files changed, 185 insertions(+), 13 deletions(-)