• Michael Ellerman's avatar
    powerpc/security: Fix spectre_v2 reporting · f16b7c77
    Michael Ellerman authored
    commit 92edf8df0ff2ae86cc632eeca0e651fd8431d40d upstream.
    
    When I updated the spectre_v2 reporting to handle software count cache
    flush I got the logic wrong when there's no software count cache
    enabled at all.
    
    The result is that on systems with the software count cache flush
    disabled we print:
    
      Mitigation: Indirect branch cache disabled, Software count cache flush
    
    Which correctly indicates that the count cache is disabled, but
    incorrectly says the software count cache flush is enabled.
    
    The root of the problem is that we are trying to handle all
    combinations of options. But we know now that we only expect to see
    the software count cache flush enabled if the other options are false.
    
    So split the two cases, which simplifies the logic and fixes the bug.
    We were also missing a space before "(hardware accelerated)".
    
    The result is we see one of:
    
      Mitigation: Indirect branch serialisation (kernel only)
      Mitigation: Indirect branch cache disabled
      Mitigation: Software count cache flush
      Mitigation: Software count cache flush (hardware accelerated)
    
    Fixes: ee13cb24 ("powerpc/64s: Add support for software count cache flush")
    Cc: stable@vger.kernel.org # v4.19+
    Signed-off-by: 's avatarMichael Ellerman <mpe@ellerman.id.au>
    Reviewed-by: 's avatarMichael Neuling <mikey@neuling.org>
    Reviewed-by: 's avatarDiana Craciun <diana.craciun@nxp.com>
    Signed-off-by: 's avatarMichael Ellerman <mpe@ellerman.id.au>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    f16b7c77
security.c 10.2 KB