News: 0001490389

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

RISC-V Enabling Generic CPU Vulnerabilities Reporting

([RISC-V] 5 Hours Ago RISC-V CPU Vulnerabilities Reporting)


While RISC-V processors don't need to worry about Meltdown and Spectre or have any other severe CPU vulnerabilities at the moment, with the upcoming Linux 6.12 kernel the RISC-V code is set to enable the generic CPU vulnerabilities support.

The generic CPU vulnerabilities support reports the various vulnerabilities and whether the running system/CPU is affected by the vulnerabilities and if so the mitigation status. This is conveniently exposed under /sys/devices/system/cpu/vulnerabilities across x86/x86_64, ARM, AArch64, and other architectures. But so far hasn't been exposed under RISC-V.

As RISC-V adoption rises there will likely be more security researchers poking at RISC-V processors in looking for security vulnerabilities. There's been some hardware/implementation specific ones already like [1]the recent GhostWrite vulnerability . So with time it's pretty inevitable that some security issues for RISC-V needing software mitigations will come to light.

Plus enabling the generic CPU vulnerabilities support now will at least make it clear to users that they are not affected by the current batch of CPU vulnerabilities. "Not affected" will be conveyed to the users when running Linux 5.12+ with the current vulnerabilities exposed under this generic CPU vulnerability reporting.

The [2]patch has made it into RISC-V's "for-next" Git branch this week and thus destined for the upcoming Linux 6.12 merge window barring any last minute change of course.



[1] https://www.phoronix.com/news/GhostWrite-Vulnerability-RISC-V

[2] https://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git/commit/?h=for-next&id=0e3f3649d44bf1b388a7613ade14c29cbdedf075



Pyth0n

ayumu

* gxam wonders if all these globals are really necessary
<Knghtbrd> most of them at the moment yes
<Knghtbrd> we REALLY need to clean them up at some point
<Knghtbrd> gxam: the globals will have to go away as we migrate towards
modularity and madness (ie, libtool)