diff options
author | Thomas Gleixner <tglx@linutronix.de> | 2018-07-14 02:36:41 -0700 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-07-25 10:18:27 +0200 |
commit | 3f9cb20f9126db1edb1fad78a0e94ff8e9ae94e2 (patch) | |
tree | cbe8e942b18049c93f0c70864156520f7b69ac5a /fs | |
parent | 0b1174054e0f4afd999c56ddecbbfb18f598f099 (diff) | |
download | linux-stable-3f9cb20f9126db1edb1fad78a0e94ff8e9ae94e2.tar.gz linux-stable-3f9cb20f9126db1edb1fad78a0e94ff8e9ae94e2.tar.bz2 linux-stable-3f9cb20f9126db1edb1fad78a0e94ff8e9ae94e2.zip |
prctl: Add force disable speculation
commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee upstream
For certain use cases it is desired to enforce mitigations so they cannot
be undone afterwards. That's important for loader stubs which want to
prevent a child from disabling the mitigation again. Will also be used for
seccomp(). The extra state preserving of the prctl state for SSB is a
preparatory step for EBPF dymanic speculation control.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu>
Reviewed-by: Matt Helsley (VMware) <matt.helsley@gmail.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Bo Gan <ganb@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/proc/array.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/proc/array.c b/fs/proc/array.c index bb48358b99a3..31414787c971 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c @@ -341,6 +341,9 @@ static inline void task_seccomp(struct seq_file *m, struct task_struct *p) case PR_SPEC_NOT_AFFECTED: seq_printf(m, "not vulnerable"); break; + case PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE: + seq_printf(m, "thread force mitigated"); + break; case PR_SPEC_PRCTL | PR_SPEC_DISABLE: seq_printf(m, "thread mitigated"); break; |