From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x224Au4w5bHSWEjFuG0xDGJPa+wrWnPL0yNKpf7XuWHe+gE7lONH/CnuUnEZPdUEfoRajcg2C ARC-Seal: i=1; a=rsa-sha256; t=1516813055; cv=none; d=google.com; s=arc-20160816; b=GXdCTf4B6P0Au34pfbSCfyaiy92QoNxytHQkXl4SYI0cF1GDHkCVESLIibvHMuneZk 55f395/GRC8fqJMGwaiMmBWhE0TnViOhMC+VQKxOTUhktKQl8gBIM9TyPpGd+k1htQ7J X7L/znCThr+WXqo0FJGZQGOZYzi+nj0ubypRhhcMhbdg4nJuvL3+BSruYMwke0UnKoDQ mDSZE9WuZ3zf+qmwF6R01xmrC2UtOR/pGNXTYsVNgfQle0k7YyTcvFzDcWWrHR4FXTrr hX892ZYdwMwlGFJLU7YX6wQCr4Icqpu3huD9E+j0gTdbl9GtliCIF+3y9GBZ3tX5P7Uf LcEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from :dkim-signature:arc-authentication-results; bh=r6WgxJRcPns4j7XeX/sM46Z+YsZTtcBYA71+sSdDni0=; b=j2XQcCukoizCPYcRZWNyEQoJMSjPy+E8QD3klDf9S602TOjFupFjTwXO8V2g5Ud0Lf hdjXOIcvC0rwgSjdPz8+KI0agQhASk7o3kM1hEkH5j1qczlQw+9C3LvD0IjbHI7FoxOZ mb/z1xXFucCEj7rCH8NTvaoUy01pN3xdntYWrJcLC7gjL7h6qlBoQNswQL41vDmo4FqN 1SOY3NXLll0VbwpSTr9GNuM5BMoF7Z5vr1gN8oBlr5MvYaAbI0QfKNy8V7M263rWax+8 m+RDjHfnwTm1u5TpgvmJleX3YdmyS3TE7aRMlJFMZkLteFY8cLEA3F9Anl8fZgrnx1c+ 2GHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=pxQ4AMDZ; spf=pass (google.com: domain of prvs=55583cd03=dwmw@amazon.com designates 207.171.184.29 as permitted sender) smtp.mailfrom=prvs=55583cd03=dwmw@amazon.com; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=pxQ4AMDZ; spf=pass (google.com: domain of prvs=55583cd03=dwmw@amazon.com designates 207.171.184.29 as permitted sender) smtp.mailfrom=prvs=55583cd03=dwmw@amazon.com; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk X-IronPort-AV: E=Sophos;i="5.46,408,1511827200"; d="scan'208";a="589559286" From: David Woodhouse To: arjan@linux.intel.com, tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dave.hansen@intel.com, gnomes@lxorguk.ukuu.org.uk Subject: [PATCH v3 5/6] x86/pti: Do not enable PTI on processors which are not vulnerable to Meltdown Date: Wed, 24 Jan 2018 16:57:04 +0000 Message-Id: <1516813025-10794-6-git-send-email-dwmw@amazon.co.uk> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk> References: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk> X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1590493766352787258?= X-GMAIL-MSGID: =?utf-8?q?1590493766352787258?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: Some old Atoms, anything in family 5 or 4, and newer CPUs when they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO bit set, are not vulnerable. Roll the AMD exemption into the x86_match_cpu() table too. Based on suggestions from Dave Hansen and Alan Cox. Signed-off-by: David Woodhouse --- arch/x86/kernel/cpu/common.c | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index e5d66e9..3bc8a1f 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -47,6 +47,8 @@ #include #include #include +#include +#include #ifdef CONFIG_X86_LOCAL_APIC #include @@ -853,6 +855,35 @@ static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c) #endif } +static const __initdata struct x86_cpu_id cpu_no_meltdown[] = { + { X86_VENDOR_AMD }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_ANY, 5 }, + { X86_VENDOR_ANY, 4 }, + {} +}; + +static bool __init early_cpu_vulnerable_meltdown(struct cpuinfo_x86 *c) +{ + u64 ia32_cap = 0; + + if (x86_match_cpu(cpu_no_meltdown)) + return false; + + if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES)) + rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap); + + /* Rogue Data Cache Load? No! */ + if (ia32_cap & ARCH_CAP_RDCL_NO) + return false; + + return true; +} + /* * Do minimum CPU detection early. * Fields really needed: vendor, cpuid_level, family, model, mask, @@ -900,9 +931,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) setup_force_cpu_cap(X86_FEATURE_ALWAYS); - if (c->x86_vendor != X86_VENDOR_AMD) + if (early_cpu_vulnerable_meltdown(c)) setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); - setup_force_cpu_bug(X86_BUG_SPECTRE_V1); setup_force_cpu_bug(X86_BUG_SPECTRE_V2); -- 2.7.4