selftests/powerpc: Add test of mitigation patching

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

We recently discovered some of our mitigation patching was not safe
against other CPUs running concurrently.

Add a test which enable/disables all mitigations in a tight loop while
also running some stress load. On an unpatched system this almost always
leads to an oops and panic/reboot, but we also check if the kernel
becomes tainted in case we have a non-fatal oops.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20210507064225.1556312-1-mpe@ellerman.id.au

Michael Ellerman 4 years ago 34f7f798 ca8cc369

+77

2 changed files

expand all

tools

testing

selftests

powerpc

security

Makefile

mitigation-patching.sh

tools/testing/selftests/powerpc/security/Makefile

··· 1 1 # SPDX-License-Identifier: GPL-2.0+ 2 2 3 3 TEST_GEN_PROGS := rfi_flush entry_flush uaccess_flush spectre_v2 4 + TEST_PROGS := mitigation-patching.sh 5 + 4 6 top_srcdir = ../../../../.. 5 7 6 8 CFLAGS += -I../../../../../usr/include

+75

tools/testing/selftests/powerpc/security/mitigation-patching.sh

··· 1 + #!/usr/bin/env bash 2 + 3 + set -euo pipefail 4 + 5 + TIMEOUT=10 6 + 7 + function do_one 8 + { 9 + local mitigation="$1" 10 + local orig 11 + local start 12 + local now 13 + 14 + orig=$(cat "$mitigation") 15 + 16 + start=$EPOCHSECONDS 17 + now=$start 18 + 19 + while [[ $((now-start)) -lt "$TIMEOUT" ]] 20 + do 21 + echo 0 > "$mitigation" 22 + echo 1 > "$mitigation" 23 + 24 + now=$EPOCHSECONDS 25 + done 26 + 27 + echo "$orig" > "$mitigation" 28 + } 29 + 30 + rc=0 31 + cd /sys/kernel/debug/powerpc || rc=1 32 + if [[ "$rc" -ne 0 ]]; then 33 + echo "Error: couldn't cd to /sys/kernel/debug/powerpc" >&2 34 + exit 1 35 + fi 36 + 37 + tainted=$(cat /proc/sys/kernel/tainted) 38 + if [[ "$tainted" -ne 0 ]]; then 39 + echo "Error: kernel already tainted!" >&2 40 + exit 1 41 + fi 42 + 43 + mitigations="barrier_nospec stf_barrier count_cache_flush rfi_flush entry_flush uaccess_flush" 44 + 45 + for m in $mitigations 46 + do 47 + do_one "$m" & 48 + done 49 + 50 + echo "Spawned threads enabling/disabling mitigations ..." 51 + 52 + if stress-ng > /dev/null 2>&1; then 53 + stress="stress-ng" 54 + elif stress > /dev/null 2>&1; then 55 + stress="stress" 56 + else 57 + stress="" 58 + fi 59 + 60 + if [[ -n "$stress" ]]; then 61 + "$stress" -m "$(nproc)" -t "$TIMEOUT" & 62 + echo "Spawned VM stressors ..." 63 + fi 64 + 65 + echo "Waiting for timeout ..." 66 + wait 67 + 68 + tainted=$(cat /proc/sys/kernel/tainted) 69 + if [[ "$tainted" -ne 0 ]]; then 70 + echo "Error: kernel became tainted!" >&2 71 + exit 1 72 + fi 73 + 74 + echo "OK" 75 + exit 0