133 lines
3.9 KiB
Diff
133 lines
3.9 KiB
Diff
commit 97269d301797e23b75d0c7a5cb63ce280783f615
|
|
Author: Laurent Dufour <ldufour@linux.ibm.com>
|
|
Date: Thu Mar 4 14:51:38 2021 +0100
|
|
|
|
lpartstat: add -x option for the security flavor
|
|
|
|
This allows user to get the security flavor settings fer the LPAR.
|
|
|
|
The output is :
|
|
|
|
$ lparstat -x
|
|
Speculative Execution Mode : 1
|
|
|
|
Where the output number means
|
|
0 = Speculative execution fully enabled
|
|
1 = Speculative execution controls to mitigate user-to-kernel side-channel
|
|
attacks
|
|
2 = Speculative execution controls to mitigate user-to-kernel and
|
|
user-to-user side-channel attacks
|
|
|
|
In the case the running kernel is not exposing the security flavor in
|
|
/proc/powerpc/lparcfg, the output is:
|
|
|
|
$ lparstat -x
|
|
Speculative Execution Mode : -
|
|
|
|
Signed-off-by: Laurent Dufour <ldufour@linux.ibm.com>
|
|
Signed-off-by: Tyrel Datwyler <tyreld@linux.ibm.com>
|
|
|
|
diff --git a/src/lparstat.c b/src/lparstat.c
|
|
index 23e4b85..00922c4 100644
|
|
--- a/src/lparstat.c
|
|
+++ b/src/lparstat.c
|
|
@@ -42,6 +42,7 @@
|
|
|
|
static bool o_legacy = false;
|
|
static bool o_scaled = false;
|
|
+static bool o_security = false;
|
|
|
|
static int threads_per_cpu;
|
|
static int cpus_in_system;
|
|
@@ -1152,6 +1153,15 @@ void print_scaled_output(int interval, int count)
|
|
} while (--count > 0);
|
|
}
|
|
|
|
+static void print_security_flavor(void)
|
|
+{
|
|
+ char value[64];
|
|
+ char *descr;
|
|
+
|
|
+ get_sysdata("security_flavor", &descr, value);
|
|
+ fprintf(stdout, "%-45s: %s\n", descr, value);
|
|
+}
|
|
+
|
|
static void usage(void)
|
|
{
|
|
printf("Usage: lparstat [ options ]\n\tlparstat <interval> [ count ]\n\n"
|
|
@@ -1159,6 +1169,7 @@ static void usage(void)
|
|
"\t-h, --help Show this message and exit.\n"
|
|
"\t-V, --version \tDisplay lparstat version information.\n"
|
|
"\t-i Lists details on the LPAR configuration.\n"
|
|
+ "\t-x Print the security mode settings for the LPAR.\n"
|
|
"\t-E Print SPURR metrics.\n"
|
|
"\t-l, --legacy Print the report in legacy format.\n"
|
|
"interval The interval parameter specifies the amount of time between each report.\n"
|
|
@@ -1184,7 +1195,7 @@ int main(int argc, char *argv[])
|
|
exit(1);
|
|
}
|
|
|
|
- while ((c = getopt_long(argc, argv, "iEVhl",
|
|
+ while ((c = getopt_long(argc, argv, "iEVhlx",
|
|
long_opts, &opt_index)) != -1) {
|
|
switch(c) {
|
|
case 'i':
|
|
@@ -1199,6 +1210,9 @@ int main(int argc, char *argv[])
|
|
case 'V':
|
|
printf("lparstat - %s\n", VERSION);
|
|
return 0;
|
|
+ case 'x':
|
|
+ o_security = true;
|
|
+ break;
|
|
case 'h':
|
|
usage();
|
|
return 0;
|
|
@@ -1223,6 +1237,8 @@ int main(int argc, char *argv[])
|
|
|
|
if (i_option)
|
|
print_iflag_data();
|
|
+ else if (o_security)
|
|
+ print_security_flavor();
|
|
else if (o_scaled) {
|
|
print_scaled_output(interval, count);
|
|
close_cpu_sysfs_fds(threads_in_system);
|
|
diff --git a/src/lparstat.h b/src/lparstat.h
|
|
index 9b7117f..26ed4ba 100644
|
|
--- a/src/lparstat.h
|
|
+++ b/src/lparstat.h
|
|
@@ -302,6 +302,10 @@ struct sysentry system_data[] = {
|
|
.descr = "Idle CPU value - SPURR",
|
|
.get = &get_cpu_idle_spurr},
|
|
|
|
+ /* Security flavor */
|
|
+ {.name = "security_flavor",
|
|
+ .descr = "Speculative Execution Mode"},
|
|
+
|
|
{.name[0] = '\0'},
|
|
};
|
|
|
|
diff -up powerpc-utils-1.3.8/man/lparstat.8.me powerpc-utils-1.3.8/man/lparstat.8
|
|
--- powerpc-utils-1.3.8/man/lparstat.8.me 2021-04-20 15:49:18.305532697 +0200
|
|
+++ powerpc-utils-1.3.8/man/lparstat.8 2021-04-20 15:52:04.703021972 +0200
|
|
@@ -209,6 +209,20 @@ The variable memory capacity weight of t
|
|
.TP
|
|
.SH
|
|
.TP
|
|
+\fB\-x\fR
|
|
+Display the LPAR security flavor mode
|
|
+.RS
|
|
+.TP
|
|
+.B 0
|
|
+Speculative execution fully enabled
|
|
+.TP
|
|
+.B 1
|
|
+Speculative execution controls to mitigate user-to-kernel side-channel attacks
|
|
+.TP
|
|
+.B 2
|
|
+Speculative execution controls to mitigate user-to-kernel and user-to-user side-channel attacks
|
|
+.RE
|
|
+.TP
|
|
\fB\-E\fR
|
|
Display Scaled Processor Utilization Resource Register(SPURR) based CPU utilization.
|
|
.RS
|