From patchwork Tue Apr 3 11:09:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 132732 Delivered-To: patch@linaro.org Received: by 10.46.84.29 with SMTP id i29csp3666550ljb; Tue, 3 Apr 2018 04:10:41 -0700 (PDT) X-Google-Smtp-Source: AIpwx49QMB32rlW9CEneYgHq1rPqeOXZbXdgVQwbe/xLLUDUnrhR2YolJmq3UVxo2cOiwIfdzxsq X-Received: by 10.101.82.69 with SMTP id q5mr8835228pgp.358.1522753841766; Tue, 03 Apr 2018 04:10:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522753841; cv=none; d=google.com; s=arc-20160816; b=tOCt7+xuipmchL0bPBWOVryYFfsZNBF57GKg8wbEfDXwMuBlmuzlMSWDTQzlH1iAus 0i9+oglRaXoEMMpqBT/NxTLktF/JFnEHOJDceJIo29FbRiWVQtvMmXP1Q9vEj3rAryle RReZkPywXKucCDm23N5fXdvy2p3FUVtynBbWTWhsGd0Pk9Puc8vxof+8XYjc+wBBKeBH mlMVSjQXi/GC9HfXylFGx0VMoLSB188dGgcow+EV+c7bBRwuP6e4W/DTKv6VpQ77pi3G ld3jjshIl8mAyCY1BWUTVjR3OWFDHtM8yhHs6nIvN2s33bRxCqWiU8IbtyK57+vQUpyI d3wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=yHRO5QQlmbJ8rBeu01Hh0vrI6SmPPMBcx+jqTXECNRg=; b=OX02Fh9aZUz2qnDC/gmqs81N7EUrwGy+oU+Ezzrf7SrsNxmRZpSa743bBJUkfWDjIH bEkvTjXuhAJxEpwxnPiHwpFv/8irk7BLDYtTGf6+YCxZaeTCDoDWVo/iSHEYBOlLKwOS UfJYFL9ZPj90+sGxcUeV/qb9/8K32USTn1lrmJ4poEFlA8mS56doHALohzb47PjsgR1R XGnWY8d/F3e1I/pscXY337+GujxIog7CbHkZXLJomSFH9+KP4nljOcLiOdp/UEW9Fvs6 MrcJNCPCvf+HlHIYQJLUyt7ZF7N7CbHpb3HztFMy5hmXxNYRL48a8rAMarCWa9wYOhug XiaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q9-v6si295691plr.273.2018.04.03.04.10.41; Tue, 03 Apr 2018 04:10:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755162AbeDCLKj (ORCPT + 11 others); Tue, 3 Apr 2018 07:10:39 -0400 Received: from foss.arm.com ([217.140.101.70]:59406 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755487AbeDCLK3 (ORCPT ); Tue, 3 Apr 2018 07:10:29 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A06001435; Tue, 3 Apr 2018 04:10:29 -0700 (PDT) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 6FCCB3F587; Tue, 3 Apr 2018 04:10:28 -0700 (PDT) From: Mark Rutland To: stable@vger.kernel.org Cc: mark.brown@linaro.org, ard.biesheuvel@linaro.org, marc.zyngier@arm.com, will.deacon@arm.com Subject: [PATCH v4.9.y 22/27] arm64: Turn on KPTI only on CPUs that need it Date: Tue, 3 Apr 2018 12:09:18 +0100 Message-Id: <20180403110923.43575-23-mark.rutland@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180403110923.43575-1-mark.rutland@arm.com> References: <20180403110923.43575-1-mark.rutland@arm.com> Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Jayachandran C commit 0ba2e29c7fc1 upstream. Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in unmap_kernel_at_el0(). These CPUs are not vulnerable to CVE-2017-5754 and do not need KPTI when KASLR is off. Acked-by: Will Deacon Signed-off-by: Jayachandran C Signed-off-by: Catalin Marinas Signed-off-by: Will Deacon Signed-off-by: Alex Shi [v4.9 backport] Signed-off-by: Mark Rutland [v4.9 backport] --- arch/arm64/kernel/cpufeature.c | 7 +++++++ 1 file changed, 7 insertions(+) -- 2.11.0 diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 2d7c7796cce1..6015a3cac930 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -766,6 +766,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) return true; + /* Don't force KPTI for CPUs that are not vulnerable */ + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) { + case MIDR_CAVIUM_THUNDERX2: + case MIDR_BRCM_VULCAN: + return false; + } + /* Defer to CPU feature registers */ return !cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_CSV3_SHIFT);