mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-01 22:54:01 +00:00
arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting
The mitigations for Spectre-BHB are only applied when an exception is taken from user-space. The mitigation status is reported via the spectre_v2 sysfs vulnerabilities file. When unprivileged eBPF is enabled the mitigation in the exception vectors can be avoided by an eBPF program. When unprivileged eBPF is enabled, print a warning and report vulnerable via the sysfs vulnerabilities file. Acked-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com>
This commit is contained in:
parent
228a26b912
commit
58c9a5060c
1 changed files with 26 additions and 0 deletions
|
@ -18,6 +18,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <linux/arm-smccc.h>
|
#include <linux/arm-smccc.h>
|
||||||
|
#include <linux/bpf.h>
|
||||||
#include <linux/cpu.h>
|
#include <linux/cpu.h>
|
||||||
#include <linux/device.h>
|
#include <linux/device.h>
|
||||||
#include <linux/nospec.h>
|
#include <linux/nospec.h>
|
||||||
|
@ -111,6 +112,15 @@ static const char *get_bhb_affected_string(enum mitigation_state bhb_state)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool _unprivileged_ebpf_enabled(void)
|
||||||
|
{
|
||||||
|
#ifdef CONFIG_BPF_SYSCALL
|
||||||
|
return !sysctl_unprivileged_bpf_disabled;
|
||||||
|
#else
|
||||||
|
return false;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
|
ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
|
||||||
char *buf)
|
char *buf)
|
||||||
{
|
{
|
||||||
|
@ -130,6 +140,9 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
|
||||||
v2_str = "CSV2";
|
v2_str = "CSV2";
|
||||||
fallthrough;
|
fallthrough;
|
||||||
case SPECTRE_MITIGATED:
|
case SPECTRE_MITIGATED:
|
||||||
|
if (bhb_state == SPECTRE_MITIGATED && _unprivileged_ebpf_enabled())
|
||||||
|
return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");
|
||||||
|
|
||||||
return sprintf(buf, "Mitigation: %s%s\n", v2_str, bhb_str);
|
return sprintf(buf, "Mitigation: %s%s\n", v2_str, bhb_str);
|
||||||
case SPECTRE_VULNERABLE:
|
case SPECTRE_VULNERABLE:
|
||||||
fallthrough;
|
fallthrough;
|
||||||
|
@ -1125,3 +1138,16 @@ void __init spectre_bhb_patch_clearbhb(struct alt_instr *alt,
|
||||||
*updptr++ = cpu_to_le32(aarch64_insn_gen_nop());
|
*updptr++ = cpu_to_le32(aarch64_insn_gen_nop());
|
||||||
*updptr++ = cpu_to_le32(aarch64_insn_gen_nop());
|
*updptr++ = cpu_to_le32(aarch64_insn_gen_nop());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef CONFIG_BPF_SYSCALL
|
||||||
|
#define EBPF_WARN "Unprivileged eBPF is enabled, data leaks possible via Spectre v2 BHB attacks!\n"
|
||||||
|
void unpriv_ebpf_notify(int new_state)
|
||||||
|
{
|
||||||
|
if (spectre_v2_state == SPECTRE_VULNERABLE ||
|
||||||
|
spectre_bhb_state != SPECTRE_MITIGATED)
|
||||||
|
return;
|
||||||
|
|
||||||
|
if (!new_state)
|
||||||
|
pr_err("WARNING: %s", EBPF_WARN);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
Loading…
Reference in a new issue