github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 13:37:36 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting

Browse Source 
commit 58c9a5060c upstream.

The mitigations for Spectre-BHB are only applied when an exception is
taken from user-space. The mitigation status is reported via the spectre_v2
sysfs vulnerabilities file.

When unprivileged eBPF is enabled the mitigation in the exception vectors
can be avoided by an eBPF program.

When unprivileged eBPF is enabled, print a warning and report vulnerable
via the sysfs vulnerabilities file.

Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
James Morse 2022-03-03 16:53:56 +00:00 committed by Greg Kroah-Hartman
parent 551717cf3b
commit b65b87e718
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
arch/arm64/kernel/proton-pack.c
View File

@ -18,6 +18,7 @@
*/ */
#include <linux/arm-smccc.h> #include <linux/arm-smccc.h>
#include <linux/bpf.h>
#include <linux/cpu.h> #include <linux/cpu.h>
#include <linux/device.h> #include <linux/device.h>
#include <linux/nospec.h> #include <linux/nospec.h>
@ -110,6 +111,15 @@ static const char *get_bhb_affected_string(enum mitigation_state bhb_state)
} }
} }
static bool _unprivileged_ebpf_enabled(void)
{
#ifdef CONFIG_BPF_SYSCALL
return !sysctl_unprivileged_bpf_disabled;
#else
return false;
#endif
}
ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
char *buf) char *buf)
{ {
@ -129,6 +139,9 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
v2_str = "CSV2"; v2_str = "CSV2";
fallthrough; fallthrough;
case SPECTRE_MITIGATED: case SPECTRE_MITIGATED:
if (bhb_state == SPECTRE_MITIGATED && _unprivileged_ebpf_enabled())
return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");
return sprintf(buf, "Mitigation: %s%s\n", v2_str, bhb_str); return sprintf(buf, "Mitigation: %s%s\n", v2_str, bhb_str);
case SPECTRE_VULNERABLE: case SPECTRE_VULNERABLE:
fallthrough; fallthrough;
@ -1108,3 +1121,16 @@ void noinstr spectre_bhb_patch_loop_iter(struct alt_instr *alt,
AARCH64_INSN_MOVEWIDE_ZERO); AARCH64_INSN_MOVEWIDE_ZERO);
*updptr++ = cpu_to_le32(insn); *updptr++ = cpu_to_le32(insn);
} }
#ifdef CONFIG_BPF_SYSCALL
#define EBPF_WARN "Unprivileged eBPF is enabled, data leaks possible via Spectre v2 BHB attacks!\n"
void unpriv_ebpf_notify(int new_state)
{
if (spectre_v2_state == SPECTRE_VULNERABLE ||
spectre_bhb_state != SPECTRE_MITIGATED)
return;
if (!new_state)
pr_err("WARNING: %s", EBPF_WARN);
}
#endif