1f02cab2bSRussell King (Oracle) // SPDX-License-Identifier: GPL-2.0-only
2842f2d49SRussell King (Oracle) #include <linux/bpf.h>
3f02cab2bSRussell King (Oracle) #include <linux/cpu.h>
4f02cab2bSRussell King (Oracle) #include <linux/device.h>
5f02cab2bSRussell King (Oracle)
6f02cab2bSRussell King (Oracle) #include <asm/spectre.h>
7f02cab2bSRussell King (Oracle)
_unprivileged_ebpf_enabled(void)8842f2d49SRussell King (Oracle) static bool _unprivileged_ebpf_enabled(void)
9842f2d49SRussell King (Oracle) {
10842f2d49SRussell King (Oracle) #ifdef CONFIG_BPF_SYSCALL
11842f2d49SRussell King (Oracle) return !sysctl_unprivileged_bpf_disabled;
12842f2d49SRussell King (Oracle) #else
13*49062ec3SEmmanuel Gil Peyrot return false;
14842f2d49SRussell King (Oracle) #endif
15842f2d49SRussell King (Oracle) }
16842f2d49SRussell King (Oracle)
cpu_show_spectre_v1(struct device * dev,struct device_attribute * attr,char * buf)17f02cab2bSRussell King (Oracle) ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
18f02cab2bSRussell King (Oracle) char *buf)
19f02cab2bSRussell King (Oracle) {
20f02cab2bSRussell King (Oracle) return sprintf(buf, "Mitigation: __user pointer sanitization\n");
21f02cab2bSRussell King (Oracle) }
22f02cab2bSRussell King (Oracle)
23f02cab2bSRussell King (Oracle) static unsigned int spectre_v2_state;
24f02cab2bSRussell King (Oracle) static unsigned int spectre_v2_methods;
25f02cab2bSRussell King (Oracle)
spectre_v2_update_state(unsigned int state,unsigned int method)26f02cab2bSRussell King (Oracle) void spectre_v2_update_state(unsigned int state, unsigned int method)
27f02cab2bSRussell King (Oracle) {
28f02cab2bSRussell King (Oracle) if (state > spectre_v2_state)
29f02cab2bSRussell King (Oracle) spectre_v2_state = state;
30f02cab2bSRussell King (Oracle) spectre_v2_methods |= method;
31f02cab2bSRussell King (Oracle) }
32f02cab2bSRussell King (Oracle)
cpu_show_spectre_v2(struct device * dev,struct device_attribute * attr,char * buf)33f02cab2bSRussell King (Oracle) ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
34f02cab2bSRussell King (Oracle) char *buf)
35f02cab2bSRussell King (Oracle) {
36f02cab2bSRussell King (Oracle) const char *method;
37f02cab2bSRussell King (Oracle)
38f02cab2bSRussell King (Oracle) if (spectre_v2_state == SPECTRE_UNAFFECTED)
39f02cab2bSRussell King (Oracle) return sprintf(buf, "%s\n", "Not affected");
40f02cab2bSRussell King (Oracle)
41f02cab2bSRussell King (Oracle) if (spectre_v2_state != SPECTRE_MITIGATED)
42f02cab2bSRussell King (Oracle) return sprintf(buf, "%s\n", "Vulnerable");
43f02cab2bSRussell King (Oracle)
44842f2d49SRussell King (Oracle) if (_unprivileged_ebpf_enabled())
45842f2d49SRussell King (Oracle) return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");
46842f2d49SRussell King (Oracle)
47f02cab2bSRussell King (Oracle) switch (spectre_v2_methods) {
48f02cab2bSRussell King (Oracle) case SPECTRE_V2_METHOD_BPIALL:
49f02cab2bSRussell King (Oracle) method = "Branch predictor hardening";
50f02cab2bSRussell King (Oracle) break;
51f02cab2bSRussell King (Oracle)
52f02cab2bSRussell King (Oracle) case SPECTRE_V2_METHOD_ICIALLU:
53f02cab2bSRussell King (Oracle) method = "I-cache invalidation";
54f02cab2bSRussell King (Oracle) break;
55f02cab2bSRussell King (Oracle)
56f02cab2bSRussell King (Oracle) case SPECTRE_V2_METHOD_SMC:
57f02cab2bSRussell King (Oracle) case SPECTRE_V2_METHOD_HVC:
58f02cab2bSRussell King (Oracle) method = "Firmware call";
59f02cab2bSRussell King (Oracle) break;
60f02cab2bSRussell King (Oracle)
6157654884SRussell King (Oracle) case SPECTRE_V2_METHOD_LOOP8:
6257654884SRussell King (Oracle) method = "History overwrite";
6357654884SRussell King (Oracle) break;
6457654884SRussell King (Oracle)
65f02cab2bSRussell King (Oracle) default:
66f02cab2bSRussell King (Oracle) method = "Multiple mitigations";
67f02cab2bSRussell King (Oracle) break;
68f02cab2bSRussell King (Oracle) }
69f02cab2bSRussell King (Oracle)
70f02cab2bSRussell King (Oracle) return sprintf(buf, "Mitigation: %s\n", method);
71f02cab2bSRussell King (Oracle) }
72