Re: [PATCH v3 1/7] sysfs/cpu: Allow individual architectures to select vulnerabilities

From: Greg KH
Date: Fri Jan 18 2019 - 10:46:43 EST

Next message: Guo Ren: "Re: [PATCH] arch/csky/mm/fault.c: Remove duplicate header"
Previous message: Jagan Teki: "Re: [PATCH v5 07/17] drm/sun4i: sun6i_mipi_dsi: Refactor vertical video start delay"
Next in thread: Jeremy Linton: "Re: [PATCH v3 1/7] sysfs/cpu: Allow individual architectures to select vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 14, 2019 at 10:02:21AM +0000, Suzuki K Poulose wrote:
>
>
> On 09/01/2019 23:55, Jeremy Linton wrote:
> > As suggested on the list, https://lkml.org/lkml/2019/1/4/282, there are
> > a number of cases where its useful for a system to avoid exporting a
> > sysfs entry for a given vulnerability. This set adds an architecture
> > specific callback which returns the bitmap of vulnerabilities the
> > architecture would like to advertise.
> >
> > Signed-off-by: Jeremy Linton <jeremy.linton@xxxxxxx>
> > Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> > Cc: Rafael J. Wysocki <rafael@xxxxxxxxxx>
> > Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> > Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> > Cc: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
> > Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> > Cc: Waiman Long <longman@xxxxxxxxxx>
> > Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx>
> > Cc: Jiri Kosina <jkosina@xxxxxxx>
> > ---
> > drivers/base/cpu.c | 19 +++++++++++++++++++
> > include/linux/cpu.h | 7 +++++++
> > 2 files changed, 26 insertions(+)
> >
> > diff --git a/drivers/base/cpu.c b/drivers/base/cpu.c
> > index eb9443d5bae1..35f6dfb24cd6 100644
> > --- a/drivers/base/cpu.c
> > +++ b/drivers/base/cpu.c
> > @@ -561,6 +561,11 @@ static struct attribute *cpu_root_vulnerabilities_attrs[] = {
> > NULL
> > };
> > +uint __weak arch_supported_vuln_attr_fields(void)
> > +{
> > + return VULN_MELTDOWN|VULN_SPECTREV1|VULN_SPECTREV2|VULN_SSB|VULN_L1TF;
> > +}
> > +
> > static const struct attribute_group cpu_root_vulnerabilities_group = {
> > .name = "vulnerabilities",
> > .attrs = cpu_root_vulnerabilities_attrs,
> > @@ -568,6 +573,20 @@ static const struct attribute_group cpu_root_vulnerabilities_group = {
> > static void __init cpu_register_vulnerabilities(void)
> > {
> > + int fld;
> > + int max_fields = ARRAY_SIZE(cpu_root_vulnerabilities_attrs) - 1;
> > + struct attribute **hd = cpu_root_vulnerabilities_attrs;
> > + uint enabled_fields = arch_supported_vuln_attr_fields();
> > +
> > + /* only enable entries requested by the arch code */
> > + for (fld = 0; fld < max_fields; fld++) {
> > + if (enabled_fields & 1 << fld) {
> > + *hd = cpu_root_vulnerabilities_attrs[fld];
> > + hd++;
> > + }
> > + }
> > + *hd = NULL;
> > +
>
> nit: Could we use "is_visible" callback in the attribute group to check this
> dynamically ?

You should, that is what it is there for.

thanks,

greg k-h

Next message: Guo Ren: "Re: [PATCH] arch/csky/mm/fault.c: Remove duplicate header"
Previous message: Jagan Teki: "Re: [PATCH v5 07/17] drm/sun4i: sun6i_mipi_dsi: Refactor vertical video start delay"
Next in thread: Jeremy Linton: "Re: [PATCH v3 1/7] sysfs/cpu: Allow individual architectures to select vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]