powerpc/64s: Wire up cpu_show_spectre_v1()

commit 56986016cb8cd9050e601831fe89f332b4e3c46e upstream. Add a definition for cpu_show_spectre_v1() to override the generic version. Currently this just prints "Not affected" or "Vulnerable" based on the firmware flag. Although the kernel does have array_index_nospec() in a few places, we haven't yet audited all the powerpc code to see where it's necessary, so for now we don't list that as a mitigation. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Michael Ellerman <mpe@ellerman.id.au> 2018-06-02 21:09:02 +1000
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-06-06 16:44:36 +0200
commit: ed50e032f7de992352d57e3dd9dd2f8a6a235e95 (patch)
tree: 7b51191c5f28c0181fb4d35f9c512385f14bb184 /arch/powerpc
parent: 76e0b304b38764497044fb064deafd79a0d92c14 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/arch/powerpc/kernel/security.c b/arch/powerpc/kernel/security.c
index 865db6f8bcca..0eace3cac818 100644
--- a/arch/powerpc/kernel/security.c
+++ b/arch/powerpc/kernel/security.c
@@ -50,3 +50,11 @@ ssize_t cpu_show_meltdown(struct device *dev, struct device_attribute *attr, cha
 
 	return sprintf(buf, "Vulnerable\n");
 }
+
+ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr, char *buf)
+{
+	if (!security_ftr_enabled(SEC_FTR_BNDS_CHK_SPEC_BAR))
+		return sprintf(buf, "Not affected\n");
+
+	return sprintf(buf, "Vulnerable\n");
+}
author	Michael Ellerman <mpe@ellerman.id.au>	2018-06-02 21:09:02 +1000
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-06-06 16:44:36 +0200
commit	ed50e032f7de992352d57e3dd9dd2f8a6a235e95 (patch)
tree	7b51191c5f28c0181fb4d35f9c512385f14bb184 /arch/powerpc
parent	76e0b304b38764497044fb064deafd79a0d92c14 (diff)