Skip to content

Commit 92edf8d

Browse files
mpempe
committed
powerpc/security: Fix spectre_v2 reporting
When I updated the spectre_v2 reporting to handle software count cache flush I got the logic wrong when there's no software count cache enabled at all. The result is that on systems with the software count cache flush disabled we print: Mitigation: Indirect branch cache disabled, Software count cache flush Which correctly indicates that the count cache is disabled, but incorrectly says the software count cache flush is enabled. The root of the problem is that we are trying to handle all combinations of options. But we know now that we only expect to see the software count cache flush enabled if the other options are false. So split the two cases, which simplifies the logic and fixes the bug. We were also missing a space before "(hardware accelerated)". The result is we see one of: Mitigation: Indirect branch serialisation (kernel only) Mitigation: Indirect branch cache disabled Mitigation: Software count cache flush Mitigation: Software count cache flush (hardware accelerated) Fixes: ee13cb2 ("powerpc/64s: Add support for software count cache flush") Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Reviewed-by: Michael Neuling <mikey@neuling.org> Reviewed-by: Diana Craciun <diana.craciun@nxp.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
1 parent 8bc0868 commit 92edf8d

File tree

1 file changed

+8
-15
lines changed

1 file changed

+8
-15
lines changed

arch/powerpc/kernel/security.c

Lines changed: 8 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -190,29 +190,22 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr, c
190190
bcs = security_ftr_enabled(SEC_FTR_BCCTRL_SERIALISED);
191191
ccd = security_ftr_enabled(SEC_FTR_COUNT_CACHE_DISABLED);
192192

193-
if (bcs || ccd || count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
194-
bool comma = false;
193+
if (bcs || ccd) {
195194
seq_buf_printf(&s, "Mitigation: ");
196195

197-
if (bcs) {
196+
if (bcs)
198197
seq_buf_printf(&s, "Indirect branch serialisation (kernel only)");
199-
comma = true;
200-
}
201198

202-
if (ccd) {
203-
if (comma)
204-
seq_buf_printf(&s, ", ");
205-
seq_buf_printf(&s, "Indirect branch cache disabled");
206-
comma = true;
207-
}
208-
209-
if (comma)
199+
if (bcs && ccd)
210200
seq_buf_printf(&s, ", ");
211201

212-
seq_buf_printf(&s, "Software count cache flush");
202+
if (ccd)
203+
seq_buf_printf(&s, "Indirect branch cache disabled");
204+
} else if (count_cache_flush_type != COUNT_CACHE_FLUSH_NONE) {
205+
seq_buf_printf(&s, "Mitigation: Software count cache flush");
213206

214207
if (count_cache_flush_type == COUNT_CACHE_FLUSH_HW)
215-
seq_buf_printf(&s, "(hardware accelerated)");
208+
seq_buf_printf(&s, " (hardware accelerated)");
216209
} else if (btb_flush_enabled) {
217210
seq_buf_printf(&s, "Mitigation: Branch predictor state flush");
218211
} else {

0 commit comments

Comments
 (0)