From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751203AbdL0IsN (ORCPT ); Wed, 27 Dec 2017 03:48:13 -0500 Received: from mga11.intel.com ([192.55.52.93]:42261 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750947AbdL0IsM (ORCPT ); Wed, 27 Dec 2017 03:48:12 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,464,1508828400"; d="scan'208";a="15839630" Subject: Re: [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors To: Tom Lendacky , x86@kernel.org References: <20171227054354.20369.94587.stgit@tlendack-t1.amdoffice.net> Cc: linux-kernel@vger.kernel.org, Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Thomas Gleixner , Borislav Petkov From: Dave Hansen Message-ID: <4ecfab84-ae81-2e00-9004-8d0ccf863f76@linux.intel.com> Date: Wed, 27 Dec 2017 00:48:09 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: <20171227054354.20369.94587.stgit@tlendack-t1.amdoffice.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/26/2017 09:43 PM, Tom Lendacky wrote: > --- a/arch/x86/kernel/cpu/common.c > +++ b/arch/x86/kernel/cpu/common.c > @@ -923,8 +923,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) > > setup_force_cpu_cap(X86_FEATURE_ALWAYS); > > - /* Assume for now that ALL x86 CPUs are insecure */ > - setup_force_cpu_bug(X86_BUG_CPU_INSECURE); > + if (c->x86_vendor != X86_VENDOR_AMD) > + setup_force_cpu_bug(X86_BUG_CPU_INSECURE); Does this disable it in a way that it can be turned back on via the kernel command-line? This is a rather wide class of issues and I would rather not just hard-code it in a way that we say one vendor has never and will never be affected.