Part of this series was originally by Mian Yousaf Kaukab. Arm64 machines should be displaying a human readable vulnerability status to speculative execution attacks in /sys/devices/system/cpu/vulnerabilities
This series enables that behavior by providing the expected functions. Those functions expose the cpu errata and feature states, as well as whether firmware is responding appropriately to display the overall machine status. This means that in a heterogeneous machine we will only claim the machine is mitigated or safe if we are confident all booted cores are safe or mitigated. Otherwise, we will display unknown or unsafe depending on how much of the machine configuration can be assured. Jeremy Linton (2): arm64: add sysfs vulnerability show for meltdown arm64: add sysfs vulnerability show for spectre v2 Mian Yousaf Kaukab (4): arm64: kpti: move check for non-vulnerable CPUs to a function arm64: add sysfs vulnerability show for spectre v1 arm64: add sysfs vulnerability show for speculative store bypass arm64: enable generic CPU vulnerabilites support arch/arm64/Kconfig | 1 + arch/arm64/kernel/cpu_errata.c | 110 +++++++++++++++++++++++++++++++-- arch/arm64/kernel/cpufeature.c | 45 +++++++++++--- 3 files changed, 143 insertions(+), 13 deletions(-) -- 2.17.2