linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 23:25:07 +00:00

History

Gustavo L. F. Walbon 4e706af3cd powerpc/security: Fix wrong message when RFI Flush is disable The issue was showing "Mitigation" message via sysfs whatever the state of "RFI Flush", but it should show "Vulnerable" when it is disabled. If you have "L1D private" feature enabled and not "RFI Flush" you are vulnerable to meltdown attacks. "RFI Flush" is the key feature to mitigate the meltdown whatever the "L1D private" state. SEC_FTR_L1D_THREAD_PRIV is a feature for Power9 only. So the message should be as the truth table shows: CPU \| L1D private \| RFI Flush \| sysfs ----\|-------------\|-----------\|------------------------------------- P9 \| False \| False \| Vulnerable P9 \| False \| True \| Mitigation: RFI Flush P9 \| True \| False \| Vulnerable: L1D private per thread P9 \| True \| True \| Mitigation: RFI Flush, L1D private per thread P8 \| False \| False \| Vulnerable P8 \| False \| True \| Mitigation: RFI Flush Output before this fix: # cat /sys/devices/system/cpu/vulnerabilities/meltdown Mitigation: RFI Flush, L1D private per thread # echo 0 > /sys/kernel/debug/powerpc/rfi_flush # cat /sys/devices/system/cpu/vulnerabilities/meltdown Mitigation: L1D private per thread Output after fix: # cat /sys/devices/system/cpu/vulnerabilities/meltdown Mitigation: RFI Flush, L1D private per thread # echo 0 > /sys/kernel/debug/powerpc/rfi_flush # cat /sys/devices/system/cpu/vulnerabilities/meltdown Vulnerable: L1D private per thread Signed-off-by: Gustavo L. F. Walbon <gwalbon@linux.ibm.com> Signed-off-by: Mauro S. M. Rodrigues <maurosr@linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20190502210907.42375-1-gwalbon@linux.ibm.com		2019-11-13 16:58:02 +11:00
..
boot	kbuild: remove ar-option and KBUILD_ARFLAGS	2019-10-01 09:20:33 +09:00
configs	powerpc/configs: Rename foo_basic_defconfig to foo_base.config	2019-10-28 21:54:16 +11:00
crypto	powerpc/crypto: Add cond_resched() in crc-vpmsum self-test	2019-11-13 16:58:02 +11:00
include	Merge branch 'topic/secureboot' into next	2019-11-13 16:55:50 +11:00
kernel	powerpc/security: Fix wrong message when RFI Flush is disable	2019-11-13 16:58:02 +11:00
kvm	powerpc/kvm: Fix kvmppc_vcore->in_guest value in kvmhv_switch_to_host	2019-10-09 17:16:59 +11:00
lib	powerpc/memcpy: Fix stack corruption for smaller sizes	2019-09-12 09:27:00 +10:00
math-emu
mm	powerpc: Don't flush caches when adding memory	2019-11-07 23:35:41 +11:00
net
oprofile
perf	powerpc/perf: fix imc allocation failure handling	2019-08-20 21:22:20 +10:00
platforms	powerpc/pseries/cmm: Simulation mode	2019-11-13 16:58:02 +11:00
purgatory
sysdev	KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag	2019-09-24 12:46:26 +10:00
tools	powerpc/tools: Don't quote $objdump in scripts	2019-10-30 22:55:12 +11:00
xmon	powerpc/xmon: Restrict when kernel is locked down	2019-10-28 21:54:15 +11:00
Kbuild
Kconfig	Merge branch 'topic/secureboot' into next	2019-11-13 16:55:50 +11:00
Kconfig.debug
Makefile	powerpc/configs: Rename foo_basic_defconfig to foo_base.config	2019-10-28 21:54:16 +11:00
Makefile.postlink	kbuild: add $(BASH) to run scripts with bash-extension	2019-09-04 22:54:13 +09:00