spectre.c 1.5 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. #include <linux/bpf.h>
  3. #include <linux/cpu.h>
  4. #include <linux/device.h>
  5. #include <asm/spectre.h>
  6. static bool _unprivileged_ebpf_enabled(void)
  7. {
  8. #ifdef CONFIG_BPF_SYSCALL
  9. return !sysctl_unprivileged_bpf_disabled;
  10. #else
  11. return false;
  12. #endif
  13. }
  14. ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
  15. char *buf)
  16. {
  17. return sprintf(buf, "Mitigation: __user pointer sanitization\n");
  18. }
  19. static unsigned int spectre_v2_state;
  20. static unsigned int spectre_v2_methods;
  21. void spectre_v2_update_state(unsigned int state, unsigned int method)
  22. {
  23. if (state > spectre_v2_state)
  24. spectre_v2_state = state;
  25. spectre_v2_methods |= method;
  26. }
  27. ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
  28. char *buf)
  29. {
  30. const char *method;
  31. if (spectre_v2_state == SPECTRE_UNAFFECTED)
  32. return sprintf(buf, "%s\n", "Not affected");
  33. if (spectre_v2_state != SPECTRE_MITIGATED)
  34. return sprintf(buf, "%s\n", "Vulnerable");
  35. if (_unprivileged_ebpf_enabled())
  36. return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");
  37. switch (spectre_v2_methods) {
  38. case SPECTRE_V2_METHOD_BPIALL:
  39. method = "Branch predictor hardening";
  40. break;
  41. case SPECTRE_V2_METHOD_ICIALLU:
  42. method = "I-cache invalidation";
  43. break;
  44. case SPECTRE_V2_METHOD_SMC:
  45. case SPECTRE_V2_METHOD_HVC:
  46. method = "Firmware call";
  47. break;
  48. case SPECTRE_V2_METHOD_LOOP8:
  49. method = "History overwrite";
  50. break;
  51. default:
  52. method = "Multiple mitigations";
  53. break;
  54. }
  55. return sprintf(buf, "Mitigation: %s\n", method);
  56. }