Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/arch/arm/kernel/spectre.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) #include <linux/bpf.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3) #include <linux/cpu.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4) #include <linux/device.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6) #include <asm/spectre.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) static bool _unprivileged_ebpf_enabled(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) #ifdef CONFIG_BPF_SYSCALL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) 	return !sysctl_unprivileged_bpf_disabled;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) 	return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) 			    char *buf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) 	return sprintf(buf, "Mitigation: __user pointer sanitization\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) static unsigned int spectre_v2_state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) static unsigned int spectre_v2_methods;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) void spectre_v2_update_state(unsigned int state, unsigned int method)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) 	if (state > spectre_v2_state)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) 		spectre_v2_state = state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) 	spectre_v2_methods |= method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) 			    char *buf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) 	const char *method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) 	if (spectre_v2_state == SPECTRE_UNAFFECTED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) 		return sprintf(buf, "%s\n", "Not affected");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) 	if (spectre_v2_state != SPECTRE_MITIGATED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) 		return sprintf(buf, "%s\n", "Vulnerable");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) 	if (_unprivileged_ebpf_enabled())
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) 		return sprintf(buf, "Vulnerable: Unprivileged eBPF enabled\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) 	switch (spectre_v2_methods) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) 	case SPECTRE_V2_METHOD_BPIALL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) 		method = "Branch predictor hardening";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) 	case SPECTRE_V2_METHOD_ICIALLU:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) 		method = "I-cache invalidation";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) 	case SPECTRE_V2_METHOD_SMC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) 	case SPECTRE_V2_METHOD_HVC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 		method = "Firmware call";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 	case SPECTRE_V2_METHOD_LOOP8:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) 		method = "History overwrite";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) 	default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) 		method = "Multiple mitigations";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) 	return sprintf(buf, "Mitigation: %s\n", method);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.