Received: by 10.223.176.46 with SMTP id f43csp898869wra; Fri, 26 Jan 2018 08:36:33 -0800 (PST) X-Google-Smtp-Source: AH8x226Piq1lC/fJBckNXyzPSJVY9Yn586sP+wCBqYfJgbGqi4CvL1KfFSLf1akQt7f6tHK+K7/W X-Received: by 2002:a17:902:9a8b:: with SMTP id w11-v6mr8898538plp.118.1516984593382; Fri, 26 Jan 2018 08:36:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516984593; cv=none; d=google.com; s=arc-20160816; b=YUsoyaGUHNLqcnH92s8HZ42J0/zMB06A/rad7dtU+eQvtyO7oiZ56iihYdv+CfWXB7 cfOK4Dwdg+WO+M6A8mDskmOjLaZbG2LtxctgPeaYw9dO5DEhdiZFcWDRw7mjP9neTTid N25uxN+iKZsR4CRjBA0LESATRKVL26nsYzrICYegsFQG2QmSkOQXuvew8Tgi6+7xaYGc QXb9g9N5fCngVWMuYkO4lXF747UcciAt2r4ZGpmu7c0aPVLWhTxQhXPPH7/9dUDfg9wj ocq/24kVaQvftW3ceSndQ+OF2bov1VxcDwE533fRyCJGWo/Xeo1dOoHZk8k/JZS4MV6s M8FA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=/LzefzJCsLcyYMyl+qBsYcIPLRGrjJQWQDIKR2OD4J0=; b=H/ZbeQLcITWUfiJPgZNpRfZdyOWHY9bV47QIBt8N95vJQywhuycX1+4GW5Ouqw34kw 0aGHVJ0rahYG7u2+LCLslxdmCj5e61mW5bQA7f6tzgPPfTBVS5lmlqrJewLgrzX9/GdV ibz+IQWuy3ERwYg4zjqUIoNyXkT2nnQac+6X2FLKmuoTr8RNLB3QLj5zemgOm7/HPRhE EvEPhi+gHQh4r9Ge8lwIim2Dy1NxsTzO9vKo7inZtHlkk834gz4i4tgHPz8fbSrk9xrr uYxUFhL0qteBI6pNjiG4NIernt4jKoDJN704FNiqpzfUK0SefYucLqnUGQtyEJ1GrnP4 laSg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g13si3198592pgr.20.2018.01.26.08.36.19; Fri, 26 Jan 2018 08:36:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752511AbeAZQfK (ORCPT + 99 others); Fri, 26 Jan 2018 11:35:10 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:51638 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751476AbeAZQfI (ORCPT ); Fri, 26 Jan 2018 11:35:08 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id A5E7EFD4; Fri, 26 Jan 2018 16:35:05 +0000 (UTC) Date: Fri, 26 Jan 2018 17:35:04 +0100 From: Greg Kroah-Hartman To: Andrea Arcangeli Cc: Thomas Gleixner , LKML , Linus Torvalds , Ingo Molnar , Peter Zijlstra , Borislav Petkov , David Woodhouse , Dave Hansen , Will Deacon , Josh Poimboeuf , Waiman Long Subject: Re: [patch V2 1/2] sysfs/cpu: Add vulnerability folder Message-ID: <20180126163504.GA19313@kroah.com> References: <20180107214759.387300853@linutronix.de> <20180107214913.096657732@linutronix.de> <20180126162331.GB5230@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180126162331.GB5230@redhat.com> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 26, 2018 at 05:23:31PM +0100, Andrea Arcangeli wrote: > Hello, > > On Sun, Jan 07, 2018 at 10:48:00PM +0100, Thomas Gleixner wrote: > > +static DEVICE_ATTR(meltdown, 0444, cpu_show_meltdown, NULL); > > +static DEVICE_ATTR(spectre_v1, 0444, cpu_show_spectre_v1, NULL); > > +static DEVICE_ATTR(spectre_v2, 0444, cpu_show_spectre_v2, NULL); > > This sysfs feature implemented as above is weakening kernel security, > it should be 0400 above. See the patch from Jason A. Donenfeld to do just that: Subject: [PATCH] cpu: do not leak vulnerabilities to unprivileged users Message-Id: <20180125120401.30596-1-Jason@zx2c4.com> I'll be queueing it up for 4.16-rc1 and backport it everywhere. thanks, greg k-h