Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d1cfdd50 authored by Russell King (Oracle)'s avatar Russell King (Oracle) Committed by Greg Kroah-Hartman
Browse files

ARM: include unprivileged BPF status in Spectre V2 reporting 



commit 25875aa71dfefd1959f07e626c4d285b88b27ac2 upstream.

The mitigations for Spectre-BHB are only applied when an exception
is taken, but when unprivileged BPF is enabled, userspace can
load BPF programs that can be used to exploit the problem.

When unprivileged BPF is enabled, report the vulnerable status via
the spectre_v2 sysfs file.

Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 920f7970

arch/arm/kernel/spectre.c

+13 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0-only

#include <linux/bpf.h>

#include <linux/cpu.h>

#include <linux/device.h>



#include <asm/spectre.h>



static bool _unprivileged_ebpf_enabled(void)

{

#ifdef CONFIG_BPF_SYSCALL

	return !sysctl_unprivileged_bpf_disabled;

#else

	return false

#endif

}



ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,

			    char *buf)

{
@@ -31,6 +41,9 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, 
	if (spectre_v2_state != SPECTRE_MITIGATED)

		return sprintf(buf, "%s\n", "Vulnerable");



	if (_unprivileged_ebpf_enabled())

		return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");



	switch (spectre_v2_methods) {

	case SPECTRE_V2_METHOD_BPIALL:

		method = "Branch predictor hardening";