diff options
| author | Thomas Gleixner <[email protected]> | 2018-05-03 22:09:15 +0200 |
|---|---|---|
| committer | Thomas Gleixner <[email protected]> | 2018-05-05 00:51:43 +0200 |
| commit | 356e4bfff2c5489e016fdb925adbf12a1e3950ee (patch) | |
| tree | 27bfbcbf2c23c3d6cfa0219e93ccf35c2e14f5b3 /fs/proc/array.c | |
| parent | f9544b2b076ca90d887c5ae5d74fab4c21bb7c13 (diff) | |
prctl: Add force disable speculation
For certain use cases it is desired to enforce mitigations so they cannot
be undone afterwards. That's important for loader stubs which want to
prevent a child from disabling the mitigation again. Will also be used for
seccomp(). The extra state preserving of the prctl state for SSB is a
preparatory step for EBPF dymanic speculation control.
Signed-off-by: Thomas Gleixner <[email protected]>
Diffstat (limited to 'fs/proc/array.c')
| -rw-r--r-- | fs/proc/array.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/proc/array.c b/fs/proc/array.c index 303c155f9b04..d178a0236514 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c @@ -344,6 +344,9 @@ static inline void task_seccomp(struct seq_file *m, struct task_struct *p) case PR_SPEC_NOT_AFFECTED: seq_printf(m, "not vulnerable"); break; + case PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE: + seq_printf(m, "thread force mitigated"); + break; case PR_SPEC_PRCTL | PR_SPEC_DISABLE: seq_printf(m, "thread mitigated"); break; |