Received: by 2002:ac0:aed5:0:0:0:0:0 with SMTP id t21csp643915imb; Fri, 1 Mar 2019 10:02:50 -0800 (PST) X-Google-Smtp-Source: AHgI3IYQwCDcs79NSedAgPeHWh9nceOj1H6gDgdPRUNg9Ra9lPQAEpFQ590VBya89QqyijHA2nki X-Received: by 2002:a62:1854:: with SMTP id 81mr6740899pfy.223.1551463370183; Fri, 01 Mar 2019 10:02:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551463370; cv=none; d=google.com; s=arc-20160816; b=qT9cP1wxqR1W8x9xxaef6um8cByFAWgegA4vSEvHicJJ++q9QtDi4pjEiNfAdkvCOg bHMe2nJxmt1JForDpFHD0DvGYR1m8ygq+5YzKsrHxzKgmOtmH4KE6s4PsOZwCBMjVYwC 04xCmTTkfO3oJ/f8UiYGzz02SqwRwxEjtdGSo2KaxWCvVGbrg37ePgDreBFRx2EZiBIC yvHq2tx1VMGepa5itXY8fnztqflAjRZuM6txnxjqofLXqzNrRmpzn6HqTxpetskAMcDK /TvSvwfBrb+LN9XlBCpvLDSrdHtSLgMrfubMxH6oiEIPxxBu0L63Ou5w0ISDjq+KKyPE 3EiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=2OWlEiEtTtJby1tBkibsOxv31bnvPL7qI7ELhm/Zwdw=; b=ZRO4TBeSygJIELcQ7BrPOc9jL7UO9Vv29p9qASMtfIbSWs54lQcWVrSMO4m8XedPGJ hcHV13/SFEHo38y/bm9KVdy3nea4/1m+/kuBkrNNn8MW8HX0dCMgB6Ouj8wn5WjoYgH+ bejsgWNZSFGUQds47I7eutMuOLPlx9P/EEN7Zg/n+lq3XrDwAU00EU7DXSwOA/MQm8nO UliwFveU6IMvnqk4lhPDq4IyVlC1PRnZqGPsV63zSloe82g5lM+iq3mx8t6bi21hN80F 2yeKtuXIVE0esSAGoyLO7KljkuWm/G+KPgapoBoU0UDBemYkuGtZEVIUwvFKHU/FpYJ6 hISg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w12si21254884pld.183.2019.03.01.10.02.33; Fri, 01 Mar 2019 10:02:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389363AbfCARPW (ORCPT + 99 others); Fri, 1 Mar 2019 12:15:22 -0500 Received: from foss.arm.com ([217.140.101.70]:39394 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728531AbfCARPW (ORCPT ); Fri, 1 Mar 2019 12:15:22 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0254780D; Fri, 1 Mar 2019 09:15:22 -0800 (PST) Received: from arrakis.emea.arm.com (arrakis.cambridge.arm.com [10.1.196.78]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E330F3F575; Fri, 1 Mar 2019 09:15:19 -0800 (PST) Date: Fri, 1 Mar 2019 17:15:17 +0000 From: Catalin Marinas To: Jeremy Linton Cc: Andre Przywara , linux-arm-kernel@lists.infradead.org, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, Dave.Martin@arm.com, shankerd@codeaurora.org, julien.thierry@arm.com, mlangsdo@redhat.com, stefan.wahren@i2e.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH v5 03/10] arm64: add sysfs vulnerability show for meltdown Message-ID: <20190301171517.GB130541@arrakis.emea.arm.com> References: <20190227010544.597579-1-jeremy.linton@arm.com> <20190227010544.597579-4-jeremy.linton@arm.com> <9cfb9cff-6a26-fff7-9374-82eea0f63a21@arm.com> <20190301162050.GB28687@arrakis.emea.arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 01, 2019 at 10:53:50AM -0600, Jeremy Linton wrote: > On 3/1/19 10:20 AM, Catalin Marinas wrote: > > On Fri, Mar 01, 2019 at 10:12:09AM -0600, Jeremy Linton wrote: > > > On 3/1/19 1:11 AM, Andre Przywara wrote: > > > > On 2/26/19 7:05 PM, Jeremy Linton wrote: > > > > > +ssize_t cpu_show_meltdown(struct device *dev, struct > > > > > device_attribute *attr, > > > > > +??????? char *buf) > > > > > +{ > > > > > +??? if (arm64_kernel_unmapped_at_el0()) > > > > > +??????? return sprintf(buf, "Mitigation: KPTI\n"); > > > > > + > > > > > +??? if (__meltdown_safe) > > > > > +??????? return sprintf(buf, "Not affected\n"); > > > > > > > > Shall those two checks be swapped? So it doesn't report about a KPTI > > > > mitigation if the CPU is safe, but we enable KPTI because of KASLR > > > > having enabled it? Or is that a different knob? > > > > > > Hmmm, I think having it this way reflects the fact that the machine is > > > mitigated independent of whether it needed it. The force on case is similar. > > > The machine may not have needed the mitigation but it was forced on. > > > > So is this patchset about showing vulnerabilities _and_ mitigations or > > just one of them? > > Well, I don't think there is a way to express a mitigated but not vulnerable > state in the current ABI. This set is mostly just to bring us in line with > the current ABI expectations. Looking at the ABI doc, it states: "Not affected" CPU is not affected by the vulnerability "Vulnerable" CPU is affected and no mitigation in effect "Mitigation: $M" CPU is affected and mitigation $M is in effect So, yes, we don't have mitigated but not vulnerable. Therefore I think we should stick to "not affected" and swap the lines above as per Andre's comment. This file is about Meltdown vulnerability and mitigation, not KASLR hardening. -- Catalin