On Wed, 2023-05-17 at 17:49 +1000, Michael Ellerman wrote:
> Nageswara reported that /proc/self/status was showing "vulnerable"
> for
> the Speculation_Store_Bypass feature on Power10, eg:
>
> $ grep Speculation_Store_Bypass: /proc/self/status
> Speculation_Store_Bypass: vulnerable
>
> But at the same time the sysfs files, and lscpu, were showing "Not
> affected".
>
> This turns out to simply be a bug in the reporting of the
> Speculation_Store_Bypass, aka. PR_SPEC_STORE_BYPASS, case.
>
> When SEC_FTR_STF_BARRIER was added, so that firmware could
> communicate
> the vulnerability was not present, the code in ssb_prctl_get() was
> not
> updated to check the new flag.
>
> So add the check for SEC_FTR_STF_BARRIER being disabled. Rather than
> adding the new check to the existing if block and expanding the
> comment
> to cover both cases, rewrite the three cases to be separate so they
> can
> be commented separately for clarity.
>
> Fixes: 84ed26fd00c5 ("powerpc/security: Add a security feature for
> STF barrier")
> Cc: sta...@vger.kernel.org # v5.14+
> Reported-by: Nageswara R Sastry <rnsas...@linux.ibm.com>
> Signed-off-by: Michael Ellerman <m...@ellerman.id.au>
Reviewed-by: Russell Currey <rus...@russell.cc>
