diff options
| author | Michael Ellerman <mpe@ellerman.id.au> | 2018-03-27 23:01:52 +1100 |
|---|---|---|
| committer | Michael Ellerman <mpe@ellerman.id.au> | 2018-03-27 23:44:54 +1100 |
| commit | 56986016cb8cd9050e601831fe89f332b4e3c46e (patch) | |
| tree | d4009bb632424b4fa754f32ae95cce96bd88a07a /arch | |
| parent | 2e4a16161fcd324b1f9bf6cb6856529f7eaf0689 (diff) | |
powerpc/64s: Wire up cpu_show_spectre_v1()
Add a definition for cpu_show_spectre_v1() to override the generic
version. Currently this just prints "Not affected" or "Vulnerable"
based on the firmware flag.
Although the kernel does have array_index_nospec() in a few places, we
haven't yet audited all the powerpc code to see where it's necessary,
so for now we don't list that as a mitigation.
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/powerpc/kernel/security.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c index 865db6f8bcca..0eace3cac818 100644 --- a/arch/powerpc/kernel/security.c +++ b/arch/powerpc/kernel/security.c @@ -50,3 +50,11 @@ ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, cha return sprintf(buf, "Vulnerable\n"); } + +ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf) +{ + if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR)) + return sprintf(buf, "Not affected\n"); + + return sprintf(buf, "Vulnerable\n"); +} |