From: Jeremy Linton <jeremy.linton@arm.com> To: linux-arm-kernel@lists.infradead.org Cc: catalin.marinas@arm.com, will.deacon@arm.com, marc.zyngier@arm.com, suzuki.poulose@arm.com, dave.martin@arm.com, shankerd@codeaurora.org, mark.rutland@arm.com, linux-kernel@vger.kernel.org, ykaukab@suse.de, Jeremy Linton <jeremy.linton@arm.com> Subject: [PATCH 1/6] arm64: kpti: move check for non-vulnerable CPUs to a function Date: Thu, 6 Dec 2018 17:44:03 -0600 [thread overview] Message-ID: <20181206234408.1287689-2-jeremy.linton@arm.com> (raw) In-Reply-To: <20181206234408.1287689-1-jeremy.linton@arm.com> From: Mian Yousaf Kaukab <ykaukab@suse.de> Add is_meltdown_safe() which is a whitelist of known safe cores. Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de> [Moved location of function] Signed-off-by: Jeremy Linton <jeremy.linton@arm.com> --- arch/arm64/kernel/cpufeature.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index aec5ecb85737..242898395f68 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -908,8 +908,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope) #ifdef CONFIG_UNMAP_KERNEL_AT_EL0 static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ -static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, - int scope) +static bool is_cpu_meltdown_safe(void) { /* List of CPUs that are not vulnerable and don't need KPTI */ static const struct midr_range kpti_safe_list[] = { @@ -917,6 +916,16 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), { /* sentinel */ } }; + /* Don't force KPTI for CPUs that are not vulnerable */ + if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) + return true; + + return false; +} + +static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, + int scope) +{ char const *str = "command line option"; /* @@ -940,8 +949,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) return true; - /* Don't force KPTI for CPUs that are not vulnerable */ - if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) + if (is_cpu_meltdown_safe()) return false; /* Defer to CPU feature registers */ -- 2.17.2
WARNING: multiple messages have this Message-ID (diff)
From: Jeremy Linton <jeremy.linton@arm.com> To: linux-arm-kernel@lists.infradead.org Cc: mark.rutland@arm.com, suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, Jeremy Linton <jeremy.linton@arm.com>, ykaukab@suse.de, dave.martin@arm.com, shankerd@codeaurora.org Subject: [PATCH 1/6] arm64: kpti: move check for non-vulnerable CPUs to a function Date: Thu, 6 Dec 2018 17:44:03 -0600 [thread overview] Message-ID: <20181206234408.1287689-2-jeremy.linton@arm.com> (raw) In-Reply-To: <20181206234408.1287689-1-jeremy.linton@arm.com> From: Mian Yousaf Kaukab <ykaukab@suse.de> Add is_meltdown_safe() which is a whitelist of known safe cores. Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de> [Moved location of function] Signed-off-by: Jeremy Linton <jeremy.linton@arm.com> --- arch/arm64/kernel/cpufeature.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index aec5ecb85737..242898395f68 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -908,8 +908,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope) #ifdef CONFIG_UNMAP_KERNEL_AT_EL0 static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ -static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, - int scope) +static bool is_cpu_meltdown_safe(void) { /* List of CPUs that are not vulnerable and don't need KPTI */ static const struct midr_range kpti_safe_list[] = { @@ -917,6 +916,16 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, MIDR_ALL_VERSIONS(MIDR_BRCM_VULCAN), { /* sentinel */ } }; + /* Don't force KPTI for CPUs that are not vulnerable */ + if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) + return true; + + return false; +} + +static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, + int scope) +{ char const *str = "command line option"; /* @@ -940,8 +949,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) return true; - /* Don't force KPTI for CPUs that are not vulnerable */ - if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) + if (is_cpu_meltdown_safe()) return false; /* Defer to CPU feature registers */ -- 2.17.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2018-12-06 23:44 UTC|newest] Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-12-06 23:44 [PATCH 0/6] add system vulnerability sysfs entries Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton [this message] 2018-12-06 23:44 ` [PATCH 1/6] arm64: kpti: move check for non-vulnerable CPUs to a function Jeremy Linton 2018-12-13 9:13 ` Julien Thierry 2018-12-13 9:13 ` Julien Thierry 2018-12-12 14:36 ` Jeremy Linton 2018-12-12 14:36 ` Jeremy Linton 2018-12-06 23:44 ` [PATCH 2/6] arm64: add sysfs vulnerability show for meltdown Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-13 9:23 ` Julien Thierry 2018-12-13 9:23 ` Julien Thierry 2018-12-13 10:46 ` Julien Thierry 2018-12-13 10:46 ` Julien Thierry 2018-12-12 14:49 ` Jeremy Linton 2018-12-12 14:49 ` Jeremy Linton 2018-12-14 8:55 ` Julien Thierry 2018-12-14 8:55 ` Julien Thierry 2018-12-06 23:44 ` [PATCH 3/6] arm64: add sysfs vulnerability show for spectre v1 Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-06 23:44 ` [PATCH 4/6] arm64: add sysfs vulnerability show for spectre v2 Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-13 11:09 ` Julien Thierry 2018-12-13 11:09 ` Julien Thierry 2019-01-02 22:19 ` Jeremy Linton 2019-01-02 22:19 ` Jeremy Linton 2018-12-06 23:44 ` [PATCH 5/6] arm64: add sysfs vulnerability show for speculative store bypass Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-14 10:34 ` Steven Price 2018-12-14 10:34 ` Steven Price 2018-12-14 10:36 ` Will Deacon 2018-12-14 10:36 ` Will Deacon 2018-12-14 10:41 ` Steven Price 2018-12-14 10:41 ` Steven Price 2018-12-14 11:28 ` Dave Martin 2018-12-14 11:28 ` Dave Martin 2018-12-14 11:33 ` Will Deacon 2018-12-14 11:33 ` Will Deacon 2018-12-06 23:44 ` [PATCH 6/6] arm64: enable generic CPU vulnerabilites support Jeremy Linton 2018-12-06 23:44 ` Jeremy Linton 2018-12-13 12:07 ` [PATCH 0/6] add system vulnerability sysfs entries Dave Martin 2018-12-13 12:07 ` Dave Martin 2018-12-12 15:48 ` Jeremy Linton 2018-12-12 15:48 ` Jeremy Linton 2018-12-13 19:26 ` Dave Martin 2018-12-13 19:26 ` Dave Martin -- strict thread matches above, loose matches on Subject: below -- 2018-08-07 18:14 [PATCH 0/6] arm64: add support for generic cpu vulnerabilities Mian Yousaf Kaukab 2018-08-07 18:14 ` [PATCH 1/6] arm64: kpti: move check for non-vulnerable CPUs to a function Mian Yousaf Kaukab 2018-08-07 18:14 ` Mian Yousaf Kaukab
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181206234408.1287689-2-jeremy.linton@arm.com \ --to=jeremy.linton@arm.com \ --cc=catalin.marinas@arm.com \ --cc=dave.martin@arm.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=marc.zyngier@arm.com \ --cc=mark.rutland@arm.com \ --cc=shankerd@codeaurora.org \ --cc=suzuki.poulose@arm.com \ --cc=will.deacon@arm.com \ --cc=ykaukab@suse.de \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.