powerpc/pseries: export LPAR security flavor in lparcfg (6ce56e1a) · Commits · Mirrors / git.yoctoproject.org / linux-yocto

Commit 6ce56e1a authored Mar 05, 2021 by

Laurent Dufour Committed by Michael Ellerman Mar 26, 2021

powerpc/pseries: export LPAR security flavor in lparcfg



This is helpful to read the security flavor from inside the LPAR.

In /sys/kernel/debug/powerpc/security_features it can be seen if
mitigations are on or off but not the level set through the ASMI menu.
Furthermore, reporting it through /proc/powerpc/lparcfg allows an easy
processing by the lparstat command [1].

Export it like this in /proc/powerpc/lparcfg:

  $ grep security_flavor /proc/powerpc/lparcfg
  security_flavor=1

Value follows what is documented on the IBM support page [2]:

  0 Speculative execution fully enabled
  1 Speculative execution controls to mitigate user-to-kernel attacks
  2 Speculative execution controls to mitigate user-to-kernel and
    user-to-user side-channel attacks

[1] https://groups.google.com/g/powerpc-utils-devel/c/NaKXvdyl_UI/m/wa2stpIDAQAJ
[2] https://www.ibm.com/support/pages/node/715841

Signed-off-by: Laurent Dufour <ldufour@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20210305125554.5165-1-ldufour@linux.ibm.com

parent 90cbac0e

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 3eda59bc
· Aug 26, 2021

mentioned in commit 3eda59bc

mentioned in commit 3eda59bcee6eb49b73e634ea32f7b1dbdbfcb086

Toggle commit list

Please register or to comment