Received: by 10.223.176.46 with SMTP id f43csp898869wra;
        Fri, 26 Jan 2018 08:36:33 -0800 (PST)
X-Google-Smtp-Source: AH8x226Piq1lC/fJBckNXyzPSJVY9Yn586sP+wCBqYfJgbGqi4CvL1KfFSLf1akQt7f6tHK+K7/W
X-Received: by 2002:a17:902:9a8b:: with SMTP id w11-v6mr8898538plp.118.1516984593382;
        Fri, 26 Jan 2018 08:36:33 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516984593; cv=none;
        d=google.com; s=arc-20160816;
        b=YUsoyaGUHNLqcnH92s8HZ42J0/zMB06A/rad7dtU+eQvtyO7oiZ56iihYdv+CfWXB7
         cfOK4Dwdg+WO+M6A8mDskmOjLaZbG2LtxctgPeaYw9dO5DEhdiZFcWDRw7mjP9neTTid
         N25uxN+iKZsR4CRjBA0LESATRKVL26nsYzrICYegsFQG2QmSkOQXuvew8Tgi6+7xaYGc
         QXb9g9N5fCngVWMuYkO4lXF747UcciAt2r4ZGpmu7c0aPVLWhTxQhXPPH7/9dUDfg9wj
         ocq/24kVaQvftW3ceSndQ+OF2bov1VxcDwE533fRyCJGWo/Xeo1dOoHZk8k/JZS4MV6s
         M8FA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=/LzefzJCsLcyYMyl+qBsYcIPLRGrjJQWQDIKR2OD4J0=;
        b=H/ZbeQLcITWUfiJPgZNpRfZdyOWHY9bV47QIBt8N95vJQywhuycX1+4GW5Ouqw34kw
         0aGHVJ0rahYG7u2+LCLslxdmCj5e61mW5bQA7f6tzgPPfTBVS5lmlqrJewLgrzX9/GdV
         ibz+IQWuy3ERwYg4zjqUIoNyXkT2nnQac+6X2FLKmuoTr8RNLB3QLj5zemgOm7/HPRhE
         EvEPhi+gHQh4r9Ge8lwIim2Dy1NxsTzO9vKo7inZtHlkk834gz4i4tgHPz8fbSrk9xrr
         uYxUFhL0qteBI6pNjiG4NIernt4jKoDJN704FNiqpzfUK0SefYucLqnUGQtyEJ1GrnP4
         laSg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g13si3198592pgr.20.2018.01.26.08.36.19;
        Fri, 26 Jan 2018 08:36:33 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752511AbeAZQfK (ORCPT <rfc822;justmaker@gmail.com> + 99 others);
        Fri, 26 Jan 2018 11:35:10 -0500
Received: from mail.linuxfoundation.org ([140.211.169.12]:51638 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751476AbeAZQfI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jan 2018 11:35:08 -0500
Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90])
        by mail.linuxfoundation.org (Postfix) with ESMTPSA id A5E7EFD4;
        Fri, 26 Jan 2018 16:35:05 +0000 (UTC)
Date:   Fri, 26 Jan 2018 17:35:04 +0100
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     Andrea Arcangeli <aarcange@redhat.com>
Cc:     Thomas Gleixner <tglx@linutronix.de>,
        LKML <linux-kernel@vger.kernel.org>,
        Linus Torvalds <torvalds@linuxfoundation.org>,
        Ingo Molnar <mingo@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Dave Hansen <dave.hansen@intel.com>,
        Will Deacon <will.deacon@arm.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Waiman Long <longman@redhat.com>
Subject: Re: [patch V2 1/2] sysfs/cpu: Add vulnerability folder
Message-ID: <20180126163504.GA19313@kroah.com>
References: <20180107214759.387300853@linutronix.de>
 <20180107214913.096657732@linutronix.de>
 <20180126162331.GB5230@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180126162331.GB5230@redhat.com>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jan 26, 2018 at 05:23:31PM +0100, Andrea Arcangeli wrote:
> Hello,
> 
> On Sun, Jan 07, 2018 at 10:48:00PM +0100, Thomas Gleixner wrote:
> > +static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL);
> > +static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL);
> > +static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL);
> 
> This sysfs feature implemented as above is weakening kernel security,
> it should be 0400 above.

See the patch from Jason A. Donenfeld <Jason@zx2c4.com> to do just that:
	Subject: [PATCH] cpu: do not leak vulnerabilities to unprivileged users
	Message-Id: <20180125120401.30596-1-Jason@zx2c4.com>

I'll be queueing it up for 4.16-rc1 and backport it everywhere.

thanks,

greg k-h