Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp68660imu; Thu, 3 Jan 2019 14:15:01 -0800 (PST) X-Google-Smtp-Source: ALg8bN7PhKgFrnfiH9vAjm6u4TDRHsDFzNIsSO0uGMWVTde2PDGbFmeFpv5IRU9RJsjD2cfTbcn9 X-Received: by 2002:a17:902:1127:: with SMTP id d36mr47277256pla.299.1546553701909; Thu, 03 Jan 2019 14:15:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546553701; cv=none; d=google.com; s=arc-20160816; b=H5s7mu9DWOaNuL1qiWjSP/butwTSeB3xV2npmJhmVu0uDA9M3rgFu85HvY5RPkT4X1 A5VD7nBkJcirEj8e3w/T94fSks8KmI0+EhzVOClyDbwpshUyamjqKC0PpJHUvgtM0SHw nkbL8QNYRdpEy4UmSU4jCtZLH5q8vL77xYAQriNzoZ04Y8XTvA1sUHeAV2XC2XgkGdHo 45CH1tgb6+Dwa6RQyd2rhyBHQHuQcCLEpggKki3t7skHt3VwLDYtoa2voyweVDm9b/3a enPw7RvHO5f4eabzVMzq7JoblwSGMOUmJAKbL6oU6K/GM/IQa4rHVTCuSmLzpexvYrmX YtJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=Zp2vf+n2oJowHPOicD5mBZ+SMFnCyC54DQ6jjCWI8ac=; b=RJqpEycIeNrVhs0XBh1PdkFmne30lQ/1g7gx/aO64Wqp1Vr7AgaAjSIsuoZR2b5q44 eCIsLwiYDs+pzOm/vs99Iyu8DqyAub98JI6wtgPaIcd92F071paZ16k1SRcnp5vjlt10 0Smf33Ro3HGsqafwypPzcmFRyWxFZxTN1XfcoQRo1ikDYIbBhiQ/d/aRuxwMYnDzzaWn HRedPShohYP3M8xEVE1SiETZXaB1QtSk+qaNzBftVlLj0G2HcdOWEtdBRbGSxC5bkV0J k8L5/2J2b+ukrlKgMjqhtKXxA1gCwcgg/dhk/cfelOSZiPnkdXPawu7IpaDP3OWrDD33 sqyw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i16si52224493pgk.445.2019.01.03.14.14.38; Thu, 03 Jan 2019 14:15:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731521AbfACQhr (ORCPT + 99 others); Thu, 3 Jan 2019 11:37:47 -0500 Received: from foss.arm.com ([217.140.101.70]:52684 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729598AbfACQhr (ORCPT ); Thu, 3 Jan 2019 11:37:47 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9A77A15AD; Thu, 3 Jan 2019 08:37:46 -0800 (PST) Received: from e103592.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 38C763F5D4; Thu, 3 Jan 2019 08:37:43 -0800 (PST) Date: Thu, 3 Jan 2019 16:37:40 +0000 From: Dave Martin To: Jeremy Linton Cc: linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, mlangsdo@redhat.com, "Rafael J . Wysocki" , Konrad Rzeszutek Wilk , suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, Dave Hansen , julien.thierry@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, steven.price@arm.com, Peter Zijlstra , Borislav Petkov , David Woodhouse , Greg Kroah-Hartman , ykaukab@suse.de, Thomas Gleixner , shankerd@codeaurora.org Subject: Re: [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state Message-ID: <20190103163740.GC3529@e103592.cambridge.arm.com> References: <20190103004921.1928921-1-jeremy.linton@arm.com> <20190103004921.1928921-2-jeremy.linton@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190103004921.1928921-2-jeremy.linton@arm.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 02, 2019 at 06:49:15PM -0600, Jeremy Linton wrote: > There is a lot of variation in the Arm ecosystem. Because of this, > there exist possible cases where the kernel cannot authoritatively > determine if a machine is vulnerable. > > Rather than guess the vulnerability status in cases where > the mitigation is disabled or the firmware isn't responding > correctly, we need to display an "Unknown" state. > > Signed-off-by: Jeremy Linton > Cc: Thomas Gleixner > Cc: Greg Kroah-Hartman > Cc: Rafael J. Wysocki > Cc: Konrad Rzeszutek Wilk > Cc: Peter Zijlstra > Cc: Dave Hansen > Cc: Borislav Petkov > Cc: David Woodhouse > --- > Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/Documentation/ABI/testing/sysfs-devices-system-cpu b/Documentation/ABI/testing/sysfs-devices-system-cpu > index 9605dbd4b5b5..876103fddfa4 100644 > --- a/Documentation/ABI/testing/sysfs-devices-system-cpu > +++ b/Documentation/ABI/testing/sysfs-devices-system-cpu > @@ -495,6 +495,7 @@ Description: Information about CPU vulnerabilities > "Not affected" CPU is not affected by the vulnerability > "Vulnerable" CPU is affected and no mitigation in effect > "Mitigation: $M" CPU is affected and mitigation $M is in effect > + "Unknown" The kernel is unable to make a determination Do some of the "Unknown" cases arise from the vulnerability detection code being compiled out of the kernel? I wonder whether at least the detection support should be mandatory. sysfs is not very useful as a standard vulnerability reporting interface unless we make best efforts to always populate it with real information. Also, does "Unknown" convey anything beyond what is indicated by the sysfs entry being omitted altogether? Cheers ---Dave