Re: [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
On Fri, Dec 14, 2018 at 11:28:16AM +, Dave Martin wrote:
> On Fri, Dec 14, 2018 at 10:41:42AM +, Steven Price wrote:
> > On 14/12/2018 10:36, Will Deacon wrote:
> > > On Fri, Dec 14, 2018 at 10:34:31AM +, Steven Price wrote:
> > >> On 06/12/2018 23:44, Jeremy Linton wrote:
> > >>> From: Mian Yousaf Kaukab
> > >>>
> > >>> Return status based no ssbd_state and the arm64 SSBS feature.
> > >> ^^ on
> > >>
> > >>> Return string "Unknown" in case CONFIG_ARM64_SSBD is
> > >>> disabled or arch workaround2 is not available
> > >>> in the firmware.
> > >>>
> > >>> Signed-off-by: Mian Yousaf Kaukab
> > >>> [Added SSBS logic]
> > >>> Signed-off-by: Jeremy Linton
> > >>> ---
> > >>> arch/arm64/kernel/cpu_errata.c | 28
> > >>> 1 file changed, 28 insertions(+)
> > >>>
> > >>> diff --git a/arch/arm64/kernel/cpu_errata.c
> > >>> b/arch/arm64/kernel/cpu_errata.c
> > >>> index 6505c93d507e..8aeb5ca38db8 100644
> > >>> --- a/arch/arm64/kernel/cpu_errata.c
> > >>> +++ b/arch/arm64/kernel/cpu_errata.c
> > >>> @@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
> > >>> arm64_cpu_capabilities *entry,
> > >>> ssbd_state = ARM64_SSBD_UNKNOWN;
> > >>> return false;
> > >>>
> > >>> + /* machines with mixed mitigation requirements must not return
> > >>> this */
> > >>> case SMCCC_RET_NOT_REQUIRED:
> > >>> pr_info_once("%s mitigation not required\n",
> > >>> entry->desc);
> > >>> ssbd_state = ARM64_SSBD_MITIGATED;
> > >>> @@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev,
> > >>> struct device_attribute *attr,
> > >>> }
> > >>> }
> > >>>
> > >>> +ssize_t cpu_show_spec_store_bypass(struct device *dev,
> > >>> + struct device_attribute *attr, char *buf)
> > >>> +{
> > >>> + /*
> > >>> +* Two assumptions: First, get_ssbd_state() reflects the worse
> > >>> case
> > >>> +* for hetrogenous machines, and that if SSBS is supported its
> > >> SSBD
> > >>> +* supported by all cores.
> > >>> +*/
> > >>> + switch (arm64_get_ssbd_state()) {
> > >>> + case ARM64_SSBD_MITIGATED:
> > >>> + return sprintf(buf, "Not affected\n");
> > >>> +
> > >>> + case ARM64_SSBD_KERNEL:
> > >>> + case ARM64_SSBD_FORCE_ENABLE:
> > >>> + if (cpus_have_cap(ARM64_SSBS))
> > >>> + return sprintf(buf, "Not affected\n");
> > >>> + return sprintf(buf,
> > >>> + "Mitigation: Speculative Store Bypass
> > >>> disabled\n");
> > >>
> > >> NIT: To me this reads as the mitigation is disabled. Can we call it
> > >> "Speculative Store Bypass Disable" (with a capital 'D' and without the
> > >> 'd at the end)?
> > >
> > > Whilst I agree that the strings are reasonably confusing (especially when
> > > you pile on the double-negatives all the way up the stack!), we really
> > > have no choice but to follow x86's lead with these strings.
> > >
> > > I don't think it's worth forking the ABI in an attempt to make this
> > > clearer.
> >
> > Ah, sorry I hadn't checked the x86 string - yes we should match that.
>
> This is rather why I feel these strings are either a) useless or
> b) should be documented somewhere.
>
> Putting at least a skeleton document somewhere could be a good start,
> and would require little effort.
>
>
> What decisions do we expect userspace to make based on this information?
There's at least one tool that parses this stuff to tell you whether you
have/need the mitigations:
https://github.com/speed47/spectre-meltdown-checker
Will
Re: [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
On Fri, Dec 14, 2018 at 10:41:42AM +, Steven Price wrote:
> On 14/12/2018 10:36, Will Deacon wrote:
> > On Fri, Dec 14, 2018 at 10:34:31AM +, Steven Price wrote:
> >> On 06/12/2018 23:44, Jeremy Linton wrote:
> >>> From: Mian Yousaf Kaukab
> >>>
> >>> Return status based no ssbd_state and the arm64 SSBS feature.
> >> ^^ on
> >>
> >>> Return string "Unknown" in case CONFIG_ARM64_SSBD is
> >>> disabled or arch workaround2 is not available
> >>> in the firmware.
> >>>
> >>> Signed-off-by: Mian Yousaf Kaukab
> >>> [Added SSBS logic]
> >>> Signed-off-by: Jeremy Linton
> >>> ---
> >>> arch/arm64/kernel/cpu_errata.c | 28
> >>> 1 file changed, 28 insertions(+)
> >>>
> >>> diff --git a/arch/arm64/kernel/cpu_errata.c
> >>> b/arch/arm64/kernel/cpu_errata.c
> >>> index 6505c93d507e..8aeb5ca38db8 100644
> >>> --- a/arch/arm64/kernel/cpu_errata.c
> >>> +++ b/arch/arm64/kernel/cpu_errata.c
> >>> @@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
> >>> arm64_cpu_capabilities *entry,
> >>> ssbd_state = ARM64_SSBD_UNKNOWN;
> >>> return false;
> >>>
> >>> + /* machines with mixed mitigation requirements must not return this */
> >>> case SMCCC_RET_NOT_REQUIRED:
> >>> pr_info_once("%s mitigation not required\n", entry->desc);
> >>> ssbd_state = ARM64_SSBD_MITIGATED;
> >>> @@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev,
> >>> struct device_attribute *attr,
> >>> }
> >>> }
> >>>
> >>> +ssize_t cpu_show_spec_store_bypass(struct device *dev,
> >>> + struct device_attribute *attr, char *buf)
> >>> +{
> >>> + /*
> >>> + * Two assumptions: First, get_ssbd_state() reflects the worse case
> >>> + * for hetrogenous machines, and that if SSBS is supported its
> >> SSBD
> >>> + * supported by all cores.
> >>> + */
> >>> + switch (arm64_get_ssbd_state()) {
> >>> + case ARM64_SSBD_MITIGATED:
> >>> + return sprintf(buf, "Not affected\n");
> >>> +
> >>> + case ARM64_SSBD_KERNEL:
> >>> + case ARM64_SSBD_FORCE_ENABLE:
> >>> + if (cpus_have_cap(ARM64_SSBS))
> >>> + return sprintf(buf, "Not affected\n");
> >>> + return sprintf(buf,
> >>> + "Mitigation: Speculative Store Bypass disabled\n");
> >>
> >> NIT: To me this reads as the mitigation is disabled. Can we call it
> >> "Speculative Store Bypass Disable" (with a capital 'D' and without the
> >> 'd at the end)?
> >
> > Whilst I agree that the strings are reasonably confusing (especially when
> > you pile on the double-negatives all the way up the stack!), we really
> > have no choice but to follow x86's lead with these strings.
> >
> > I don't think it's worth forking the ABI in an attempt to make this clearer.
>
> Ah, sorry I hadn't checked the x86 string - yes we should match that.
This is rather why I feel these strings are either a) useless or
b) should be documented somewhere.
Putting at least a skeleton document somewhere could be a good start,
and would require little effort.
What decisions do we expect userspace to make based on this information?
Cheers
---Dave
Re: [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
On 14/12/2018 10:36, Will Deacon wrote:
> On Fri, Dec 14, 2018 at 10:34:31AM +, Steven Price wrote:
>> On 06/12/2018 23:44, Jeremy Linton wrote:
>>> From: Mian Yousaf Kaukab
>>>
>>> Return status based no ssbd_state and the arm64 SSBS feature.
>> ^^ on
>>
>>> Return string "Unknown" in case CONFIG_ARM64_SSBD is
>>> disabled or arch workaround2 is not available
>>> in the firmware.
>>>
>>> Signed-off-by: Mian Yousaf Kaukab
>>> [Added SSBS logic]
>>> Signed-off-by: Jeremy Linton
>>> ---
>>> arch/arm64/kernel/cpu_errata.c | 28
>>> 1 file changed, 28 insertions(+)
>>>
>>> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
>>> index 6505c93d507e..8aeb5ca38db8 100644
>>> --- a/arch/arm64/kernel/cpu_errata.c
>>> +++ b/arch/arm64/kernel/cpu_errata.c
>>> @@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
>>> arm64_cpu_capabilities *entry,
>>> ssbd_state = ARM64_SSBD_UNKNOWN;
>>> return false;
>>>
>>> + /* machines with mixed mitigation requirements must not return this */
>>> case SMCCC_RET_NOT_REQUIRED:
>>> pr_info_once("%s mitigation not required\n", entry->desc);
>>> ssbd_state = ARM64_SSBD_MITIGATED;
>>> @@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
>>> device_attribute *attr,
>>> }
>>> }
>>>
>>> +ssize_t cpu_show_spec_store_bypass(struct device *dev,
>>> + struct device_attribute *attr, char *buf)
>>> +{
>>> + /*
>>> +* Two assumptions: First, get_ssbd_state() reflects the worse case
>>> +* for hetrogenous machines, and that if SSBS is supported its
>> SSBD
>>> +* supported by all cores.
>>> +*/
>>> + switch (arm64_get_ssbd_state()) {
>>> + case ARM64_SSBD_MITIGATED:
>>> + return sprintf(buf, "Not affected\n");
>>> +
>>> + case ARM64_SSBD_KERNEL:
>>> + case ARM64_SSBD_FORCE_ENABLE:
>>> + if (cpus_have_cap(ARM64_SSBS))
>>> + return sprintf(buf, "Not affected\n");
>>> + return sprintf(buf,
>>> + "Mitigation: Speculative Store Bypass disabled\n");
>>
>> NIT: To me this reads as the mitigation is disabled. Can we call it
>> "Speculative Store Bypass Disable" (with a capital 'D' and without the
>> 'd at the end)?
>
> Whilst I agree that the strings are reasonably confusing (especially when
> you pile on the double-negatives all the way up the stack!), we really
> have no choice but to follow x86's lead with these strings.
>
> I don't think it's worth forking the ABI in an attempt to make this clearer.
Ah, sorry I hadn't checked the x86 string - yes we should match that.
Steve
> Will
>
> ___
> linux-arm-kernel mailing list
> linux-arm-ker...@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
>
Re: [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
On Fri, Dec 14, 2018 at 10:34:31AM +, Steven Price wrote:
> On 06/12/2018 23:44, Jeremy Linton wrote:
> > From: Mian Yousaf Kaukab
> >
> > Return status based no ssbd_state and the arm64 SSBS feature.
> ^^ on
>
> > Return string "Unknown" in case CONFIG_ARM64_SSBD is
> > disabled or arch workaround2 is not available
> > in the firmware.
> >
> > Signed-off-by: Mian Yousaf Kaukab
> > [Added SSBS logic]
> > Signed-off-by: Jeremy Linton
> > ---
> > arch/arm64/kernel/cpu_errata.c | 28
> > 1 file changed, 28 insertions(+)
> >
> > diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> > index 6505c93d507e..8aeb5ca38db8 100644
> > --- a/arch/arm64/kernel/cpu_errata.c
> > +++ b/arch/arm64/kernel/cpu_errata.c
> > @@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
> > arm64_cpu_capabilities *entry,
> > ssbd_state = ARM64_SSBD_UNKNOWN;
> > return false;
> >
> > + /* machines with mixed mitigation requirements must not return this */
> > case SMCCC_RET_NOT_REQUIRED:
> > pr_info_once("%s mitigation not required\n", entry->desc);
> > ssbd_state = ARM64_SSBD_MITIGATED;
> > @@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
> > device_attribute *attr,
> > }
> > }
> >
> > +ssize_t cpu_show_spec_store_bypass(struct device *dev,
> > + struct device_attribute *attr, char *buf)
> > +{
> > + /*
> > +* Two assumptions: First, get_ssbd_state() reflects the worse case
> > +* for hetrogenous machines, and that if SSBS is supported its
> SSBD
> > +* supported by all cores.
> > +*/
> > + switch (arm64_get_ssbd_state()) {
> > + case ARM64_SSBD_MITIGATED:
> > + return sprintf(buf, "Not affected\n");
> > +
> > + case ARM64_SSBD_KERNEL:
> > + case ARM64_SSBD_FORCE_ENABLE:
> > + if (cpus_have_cap(ARM64_SSBS))
> > + return sprintf(buf, "Not affected\n");
> > + return sprintf(buf,
> > + "Mitigation: Speculative Store Bypass disabled\n");
>
> NIT: To me this reads as the mitigation is disabled. Can we call it
> "Speculative Store Bypass Disable" (with a capital 'D' and without the
> 'd at the end)?
Whilst I agree that the strings are reasonably confusing (especially when
you pile on the double-negatives all the way up the stack!), we really
have no choice but to follow x86's lead with these strings.
I don't think it's worth forking the ABI in an attempt to make this clearer.
Will
Re: [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
On 06/12/2018 23:44, Jeremy Linton wrote:
> From: Mian Yousaf Kaukab
>
> Return status based no ssbd_state and the arm64 SSBS feature.
^^ on
> Return string "Unknown" in case CONFIG_ARM64_SSBD is
> disabled or arch workaround2 is not available
> in the firmware.
>
> Signed-off-by: Mian Yousaf Kaukab
> [Added SSBS logic]
> Signed-off-by: Jeremy Linton
> ---
> arch/arm64/kernel/cpu_errata.c | 28
> 1 file changed, 28 insertions(+)
>
> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> index 6505c93d507e..8aeb5ca38db8 100644
> --- a/arch/arm64/kernel/cpu_errata.c
> +++ b/arch/arm64/kernel/cpu_errata.c
> @@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
> arm64_cpu_capabilities *entry,
> ssbd_state = ARM64_SSBD_UNKNOWN;
> return false;
>
> + /* machines with mixed mitigation requirements must not return this */
> case SMCCC_RET_NOT_REQUIRED:
> pr_info_once("%s mitigation not required\n", entry->desc);
> ssbd_state = ARM64_SSBD_MITIGATED;
> @@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
> device_attribute *attr,
> }
> }
>
> +ssize_t cpu_show_spec_store_bypass(struct device *dev,
> + struct device_attribute *attr, char *buf)
> +{
> + /*
> + * Two assumptions: First, get_ssbd_state() reflects the worse case
> + * for hetrogenous machines, and that if SSBS is supported its
SSBD
> + * supported by all cores.
> + */
> + switch (arm64_get_ssbd_state()) {
> + case ARM64_SSBD_MITIGATED:
> + return sprintf(buf, "Not affected\n");
> +
> + case ARM64_SSBD_KERNEL:
> + case ARM64_SSBD_FORCE_ENABLE:
> + if (cpus_have_cap(ARM64_SSBS))
> + return sprintf(buf, "Not affected\n");
> + return sprintf(buf,
> + "Mitigation: Speculative Store Bypass disabled\n");
NIT: To me this reads as the mitigation is disabled. Can we call it
"Speculative Store Bypass Disable" (with a capital 'D' and without the
'd at the end)?
Steve
> +
> + case ARM64_SSBD_FORCE_DISABLE:
> + return sprintf(buf, "Vulnerable\n");
> +
> + default: /* ARM64_SSBD_UNKNOWN*/
> + return sprintf(buf, "Unknown\n");
> + }
> +}
> +
> #endif
>
[PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
From: Mian Yousaf Kaukab
Return status based no ssbd_state and the arm64 SSBS feature.
Return string "Unknown" in case CONFIG_ARM64_SSBD is
disabled or arch workaround2 is not available
in the firmware.
Signed-off-by: Mian Yousaf Kaukab
[Added SSBS logic]
Signed-off-by: Jeremy Linton
---
arch/arm64/kernel/cpu_errata.c | 28
1 file changed, 28 insertions(+)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 6505c93d507e..8aeb5ca38db8 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
arm64_cpu_capabilities *entry,
ssbd_state = ARM64_SSBD_UNKNOWN;
return false;
+ /* machines with mixed mitigation requirements must not return this */
case SMCCC_RET_NOT_REQUIRED:
pr_info_once("%s mitigation not required\n", entry->desc);
ssbd_state = ARM64_SSBD_MITIGATED;
@@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
device_attribute *attr,
}
}
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf)
+{
+ /*
+* Two assumptions: First, get_ssbd_state() reflects the worse case
+* for hetrogenous machines, and that if SSBS is supported its
+* supported by all cores.
+*/
+ switch (arm64_get_ssbd_state()) {
+ case ARM64_SSBD_MITIGATED:
+ return sprintf(buf, "Not affected\n");
+
+ case ARM64_SSBD_KERNEL:
+ case ARM64_SSBD_FORCE_ENABLE:
+ if (cpus_have_cap(ARM64_SSBS))
+ return sprintf(buf, "Not affected\n");
+ return sprintf(buf,
+ "Mitigation: Speculative Store Bypass disabled\n");
+
+ case ARM64_SSBD_FORCE_DISABLE:
+ return sprintf(buf, "Vulnerable\n");
+
+ default: /* ARM64_SSBD_UNKNOWN*/
+ return sprintf(buf, "Unknown\n");
+ }
+}
+
#endif
--
2.17.2
[PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
From: Mian Yousaf Kaukab
Return status based no ssbd_state and the arm64 SSBS feature.
Return string "Unknown" in case CONFIG_ARM64_SSBD is
disabled or arch workaround2 is not available
in the firmware.
Signed-off-by: Mian Yousaf Kaukab
[Added SSBS logic]
Signed-off-by: Jeremy Linton
---
arch/arm64/kernel/cpu_errata.c | 28
1 file changed, 28 insertions(+)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 6505c93d507e..8aeb5ca38db8 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -423,6 +423,7 @@ static bool has_ssbd_mitigation(const struct
arm64_cpu_capabilities *entry,
ssbd_state = ARM64_SSBD_UNKNOWN;
return false;
+ /* machines with mixed mitigation requirements must not return this */
case SMCCC_RET_NOT_REQUIRED:
pr_info_once("%s mitigation not required\n", entry->desc);
ssbd_state = ARM64_SSBD_MITIGATED;
@@ -828,4 +829,31 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
device_attribute *attr,
}
}
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf)
+{
+ /*
+* Two assumptions: First, get_ssbd_state() reflects the worse case
+* for hetrogenous machines, and that if SSBS is supported its
+* supported by all cores.
+*/
+ switch (arm64_get_ssbd_state()) {
+ case ARM64_SSBD_MITIGATED:
+ return sprintf(buf, "Not affected\n");
+
+ case ARM64_SSBD_KERNEL:
+ case ARM64_SSBD_FORCE_ENABLE:
+ if (cpus_have_cap(ARM64_SSBS))
+ return sprintf(buf, "Not affected\n");
+ return sprintf(buf,
+ "Mitigation: Speculative Store Bypass disabled\n");
+
+ case ARM64_SSBD_FORCE_DISABLE:
+ return sprintf(buf, "Vulnerable\n");
+
+ default: /* ARM64_SSBD_UNKNOWN*/
+ return sprintf(buf, "Unknown\n");
+ }
+}
+
#endif
--
2.17.2
[PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
Return status based no ssbd_state. Return string "Unknown" in case
CONFIG_ARM64_SSBD is disabled or arch workaround2 is not available
in the firmware.
Signed-off-by: Mian Yousaf Kaukab
---
arch/arm64/kernel/cpu_errata.c | 20
1 file changed, 20 insertions(+)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 8469d3be7b15..8b60aa30a3fa 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -744,4 +744,24 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
device_attribute *attr,
return sprintf(buf, "Not affected\n");
}
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf)
+{
+ switch (arm64_get_ssbd_state()) {
+ case ARM64_SSBD_MITIGATED:
+ return sprintf(buf, "Not affected\n");
+
+ case ARM64_SSBD_KERNEL:
+ case ARM64_SSBD_FORCE_ENABLE:
+ return sprintf(buf,
+ "Mitigation: Speculative Store Bypass disabled");
+
+ case ARM64_SSBD_FORCE_DISABLE:
+ return sprintf(buf, "Vulnerable\n");
+
+ default: /* ARM64_SSBD_UNKNOWN*/
+ return sprintf(buf, "Unknown\n");
+ }
+}
+
#endif
--
2.11.0
[PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass
Return status based no ssbd_state. Return string "Unknown" in case
CONFIG_ARM64_SSBD is disabled or arch workaround2 is not available
in the firmware.
Signed-off-by: Mian Yousaf Kaukab
---
arch/arm64/kernel/cpu_errata.c | 20
1 file changed, 20 insertions(+)
diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index 8469d3be7b15..8b60aa30a3fa 100644
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -744,4 +744,24 @@ ssize_t cpu_show_spectre_v2(struct device *dev, struct
device_attribute *attr,
return sprintf(buf, "Not affected\n");
}
+ssize_t cpu_show_spec_store_bypass(struct device *dev,
+ struct device_attribute *attr, char *buf)
+{
+ switch (arm64_get_ssbd_state()) {
+ case ARM64_SSBD_MITIGATED:
+ return sprintf(buf, "Not affected\n");
+
+ case ARM64_SSBD_KERNEL:
+ case ARM64_SSBD_FORCE_ENABLE:
+ return sprintf(buf,
+ "Mitigation: Speculative Store Bypass disabled");
+
+ case ARM64_SSBD_FORCE_DISABLE:
+ return sprintf(buf, "Vulnerable\n");
+
+ default: /* ARM64_SSBD_UNKNOWN*/
+ return sprintf(buf, "Unknown\n");
+ }
+}
+
#endif
--
2.11.0
