Use the name associated with the attack which needs page table isolation for mitigation. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> --- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/mm/pti.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -341,6 +341,6 @@ #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */ #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */ -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */ +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */ #endif /* _ASM_X86_CPUFEATURES_H */ --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -56,13 +56,13 @@ static void __init pti_print_if_insecure(const char *reason) { - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } static void __init pti_print_if_secure(const char *reason) { - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v } autosel: - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) return; enable: setup_force_cpu_cap(X86_FEATURE_PTI);
On 1/5/2018 8:10 AM, Thomas Gleixner wrote: > Use the name associated with the attack which needs page table isolation > for mitigation. > > Signed-off-by: Thomas Gleixner <tglx@linutronix.de> > --- > arch/x86/include/asm/cpufeatures.h | 2 +- > arch/x86/mm/pti.c | 6 +++--- > 2 files changed, 4 insertions(+), 4 deletions(-) Don't you need to update the value in arch/x86/kernel/cpu/common.c, also? Thanks, Tom > > --- a/arch/x86/include/asm/cpufeatures.h > +++ b/arch/x86/include/asm/cpufeatures.h > @@ -341,6 +341,6 @@ > #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ > #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */ > #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */ > -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */ > +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */ > > #endif /* _ASM_X86_CPUFEATURES_H */ > --- a/arch/x86/mm/pti.c > +++ b/arch/x86/mm/pti.c > @@ -56,13 +56,13 @@ > > static void __init pti_print_if_insecure(const char *reason) > { > - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > pr_info("%s\n", reason); > } > > static void __init pti_print_if_secure(const char *reason) > { > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > pr_info("%s\n", reason); > } > > @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v > } > > autosel: > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > return; > enable: > setup_force_cpu_cap(X86_FEATURE_PTI); >
On Fri, 5 Jan 2018, Tom Lendacky wrote: > On 1/5/2018 8:10 AM, Thomas Gleixner wrote: > > Use the name associated with the attack which needs page table isolation > > for mitigation. > > > > Signed-off-by: Thomas Gleixner <tglx@linutronix.de> > > --- > > arch/x86/include/asm/cpufeatures.h | 2 +- > > arch/x86/mm/pti.c | 6 +++--- > > 2 files changed, 4 insertions(+), 4 deletions(-) > > Don't you need to update the value in arch/x86/kernel/cpu/common.c, also? Indeed. I'm sure I wanted to :) > Thanks, > Tom > > > > > --- a/arch/x86/include/asm/cpufeatures.h > > +++ b/arch/x86/include/asm/cpufeatures.h > > @@ -341,6 +341,6 @@ > > #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ > > #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */ > > #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */ > > -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */ > > +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */ > > > > #endif /* _ASM_X86_CPUFEATURES_H */ > > --- a/arch/x86/mm/pti.c > > +++ b/arch/x86/mm/pti.c > > @@ -56,13 +56,13 @@ > > > > static void __init pti_print_if_insecure(const char *reason) > > { > > - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > > + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > > pr_info("%s\n", reason); > > } > > > > static void __init pti_print_if_secure(const char *reason) > > { > > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > > pr_info("%s\n", reason); > > } > > > > @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v > > } > > > > autosel: > > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) > > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) > > return; > > enable: > > setup_force_cpu_cap(X86_FEATURE_PTI); > > >
Subject: x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN From: Thomas Gleixner <tglx@linutronix.de> Date: Fri, 05 Jan 2018 15:05:27 +0100 Use the name associated with the particular attack which needs page table isolation for mitigation. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> --- V2: This time quilt refreshed ... --- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/kernel/cpu/common.c | 2 +- arch/x86/mm/pti.c | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -341,6 +341,6 @@ #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */ #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */ -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */ +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */ #endif /* _ASM_X86_CPUFEATURES_H */ --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -900,7 +900,7 @@ static void __init early_identify_cpu(st setup_force_cpu_cap(X86_FEATURE_ALWAYS); if (c->x86_vendor != X86_VENDOR_AMD) - setup_force_cpu_bug(X86_BUG_CPU_INSECURE); + setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); fpu__init_system(c); --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -56,13 +56,13 @@ static void __init pti_print_if_insecure(const char *reason) { - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } static void __init pti_print_if_secure(const char *reason) { - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v } autosel: - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) return; enable: setup_force_cpu_cap(X86_FEATURE_PTI);
[-- Attachment #1: Type: text/plain, Size: 526 bytes --] On Fri, 2018-01-05 at 15:27 +0100, Thomas Gleixner wrote: > Subject: x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN > From: Thomas Gleixner <tglx@linutronix.de> > Date: Fri, 05 Jan 2018 15:05:27 +0100 > > Use the name associated with the particular attack which needs page > table > isolation for mitigation. > > Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: David Woodhouse <dwmw@amazon.co.uk> I'll add the SPECTRE_V[12] and do X86_FEATURE_RETPOLINE based on top of that, as discussed. [-- Attachment #2: smime.p7s --] [-- Type: application/x-pkcs7-signature, Size: 5210 bytes --]
Commit-ID: de791821c295cc61419a06fe5562288417d1bc58 Gitweb: https://git.kernel.org/tip/de791821c295cc61419a06fe5562288417d1bc58 Author: Thomas Gleixner <tglx@linutronix.de> AuthorDate: Fri, 5 Jan 2018 15:27:34 +0100 Committer: Thomas Gleixner <tglx@linutronix.de> CommitDate: Fri, 5 Jan 2018 15:34:43 +0100 x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN Use the name associated with the particular attack which needs page table isolation for mitigation. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: David Woodhouse <dwmw@amazon.co.uk> Cc: Alan Cox <gnomes@lxorguk.ukuu.org.uk> Cc: Jiri Koshina <jikos@kernel.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Tim Chen <tim.c.chen@linux.intel.com> Cc: Andi Lutomirski <luto@amacapital.net> Cc: Andi Kleen <ak@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Paul Turner <pjt@google.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Greg KH <gregkh@linux-foundation.org> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Kees Cook <keescook@google.com> Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801051525300.1724@nanos --- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/kernel/cpu/common.c | 2 +- arch/x86/mm/pti.c | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 07cdd17..21ac898 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -341,6 +341,6 @@ #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */ #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */ -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */ +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */ #endif /* _ASM_X86_CPUFEATURES_H */ diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index b1be494..2d3bd22 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -900,7 +900,7 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) setup_force_cpu_cap(X86_FEATURE_ALWAYS); if (c->x86_vendor != X86_VENDOR_AMD) - setup_force_cpu_bug(X86_BUG_CPU_INSECURE); + setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); fpu__init_system(c); diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c index 2da28ba..43d4a4a 100644 --- a/arch/x86/mm/pti.c +++ b/arch/x86/mm/pti.c @@ -56,13 +56,13 @@ static void __init pti_print_if_insecure(const char *reason) { - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } static void __init pti_print_if_secure(const char *reason) { - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) pr_info("%s\n", reason); } @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(void) } autosel: - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE)) + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN)) return; enable: setup_force_cpu_cap(X86_FEATURE_PTI);