Received: by 10.223.176.46 with SMTP id f43csp2043255wra; Thu, 25 Jan 2018 04:05:51 -0800 (PST) X-Google-Smtp-Source: AH8x224eQFQSc/qcRCydN8d3Wr37J3BsjrLbBypQXx1zanNR+90tKkXt9NwFvu1TFBtgCN0WPy6Z X-Received: by 2002:a17:902:2468:: with SMTP id m37-v6mr2001271plg.149.1516881951373; Thu, 25 Jan 2018 04:05:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516881951; cv=none; d=google.com; s=arc-20160816; b=jdyRDhBqq4X4vNEo9bZAYGuONumWGQojuuk123FmqF3bzjWfS4RcXqGMQK/8cZ9UtB 8pyAPfPummw2jpf5v2fQKQTh9MGG7n0TAZqklJ8LyHSEjpGAGNKL5ooAA0mq3TMPD8DG 6BcqrCL1b0prYguRLm0e/sBM8powkr+iN08OYcvEyVt8WrUt2fIgRGyCnyJvhiTkKXSH zQSFcE9aQ8AUuS8XtuuLcFFIxEqQgwXswPd+yRbuVzXIPU6TkxhcqIBvKGcBgxCj17Hd VbWvRxuXX0F+Fyu9nVKmajFTqJr1h6XuqvLwmAbvn0fl/fQUjrZIbX3RNvCLzUrOtlim heXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=pC/lMLETU7DwPbg1N8E2tVL+7C+jw/Ai/ejUZtHdkc0=; b=x2XVscbhg+YKPro+s/zjdarzrsdKLUintlpCv3RtemIfXzhaW/Tjl5AIf0Bth6Zr82 EThMdeaphvWIDGVz1ejKsm1Z+ry5tK/i4WJ7wJPK8zKU5zZ5H3aktHMwq3tzNKz3qi4J meIEEeTN06G6PXrjPiMHyDPOMcxNonE5sShTUQEswK0ubxdiJZCUCV0cXhVilExmkMcu uyB7Si4kluaHHQkE/Om1EGZElVnssaw+p4R5c7pV/pkvOIySUxcySn0jJKbOnrnyqBpd gSDZFQH5ShkhGfeOPnTJKH/HAoESAM2IUCCQ8L/NjAmCBj5Khw2VnzRS6WU2Wjxwylg1 gp7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=afPDfRNH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h13si1427725pgq.776.2018.01.25.04.05.36; Thu, 25 Jan 2018 04:05:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=afPDfRNH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751934AbeAYMER (ORCPT + 99 others); Thu, 25 Jan 2018 07:04:17 -0500 Received: from frisell.zx2c4.com ([192.95.5.64]:55825 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751796AbeAYMEQ (ORCPT ); Thu, 25 Jan 2018 07:04:16 -0500 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id c7e46545; Thu, 25 Jan 2018 11:51:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id; s=mail; bh=5MhXv8atRmqMnTwUc/kMowPtkg0 =; b=afPDfRNH+ijShFfV5Gd/aFUNNzAYivTijZaV5R02P2UaRt7fhQEyHlSY9CB Kfhph8kzQ6C0WSrmmbBWriVAOOWEAdPkZoqXbIO8Z8hTAkl0j1wJ68Dc30Blctsq 9DR+uhCD9tFYkajrDmsFIPTg5N4TzPWiOF4IaahxKTryEflxDVzIg3cXsAnerA7H VS+jDEg8LZwaWOF698t6gsPR4r3ImSeKZpjQZBqnv7jfkpdFBUSgX+gKZvq2LgWW r8KlrDvMkt2cyl5cvIXdSd1EcpQBcd9AHJtJVl+2tmKSVf3emtEbjeNIBVgvokv5 1o/fxFu0MEWPENIqVG711GG0hhQ== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id c44676f8 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Thu, 25 Jan 2018 11:51:03 +0000 (UTC) From: "Jason A. Donenfeld" To: gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Cc: "Jason A. Donenfeld" Subject: [PATCH] cpu: do not leak vulnerabilities to unprivileged users Date: Thu, 25 Jan 2018 13:04:01 +0100 Message-Id: <20180125120401.30596-1-Jason@zx2c4.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org While it's public information if the CPU in general has spectre/meltdown bugs, it probably shouldn't be as globally obvious to all unprivileged users whether or not the kernel is doing something to mitigate those bugs. While an attacker can obviously probe and try, there frequently is a trade-off attackers make of how much probing around they're willing to do versus the certainty of an attack working, in order to reduce detection. By making it loud and clear that the kernel _is_ vulnerable, we're simply aiding the trade-off calculations attackers have to make when choosing which vectors to target. So, this patch changes the permissions to 0400 to make the attacker's job slightly less easy. Signed-off-by: Jason A. Donenfeld --- drivers/base/cpu.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/base/cpu.c b/drivers/base/cpu.c index d99038487a0d..a3a8e008f957 100644 --- a/drivers/base/cpu.c +++ b/drivers/base/cpu.c @@ -531,9 +531,9 @@ ssize_t __weak cpu_show_spectre_v2(struct device *dev, return sprintf(buf, "Not affected\n"); } -static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL); -static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL); -static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL); +static DEVICE_ATTR(meltdown, 0400, cpu_show_meltdown, NULL); +static DEVICE_ATTR(spectre_v1, 0400, cpu_show_spectre_v1, NULL); +static DEVICE_ATTR(spectre_v2, 0400, cpu_show_spectre_v2, NULL); static struct attribute *cpu_root_vulnerabilities_attrs[] = { &dev_attr_meltdown.attr, -- 2.16.1