From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Dave Hansen <dave.hansen@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Randy Dunlap <rdunlap@infradead.org>,
Kees Cook <keescook@chromium.org>,
Moritz Lipp <moritz.lipp@iaik.tugraz.at>,
Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
Michael Schwarz <michael.schwarz@iaik.tugraz.at>,
Richard Fellner <richard.fellner@student.tugraz.at>,
Andy Lutomirski <luto@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Hugh Dickins <hughd@google.com>
Subject: [PATCH 4.14 091/118] x86/Documentation: Add PTI description
Date: Mon, 15 Jan 2018 13:35:18 +0100 [thread overview]
Message-ID: <20180115123420.838167531@linuxfoundation.org> (raw)
In-Reply-To: <20180115123415.325497625@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Dave Hansen <dave.hansen@linux.intel.com>
commit 01c9b17bf673b05bb401b76ec763e9730ccf1376 upstream.
Add some details about how PTI works, what some of the downsides
are, and how to debug it when things go wrong.
Also document the kernel parameter: 'pti/nopti'.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Randy Dunlap <rdunlap@infradead.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Moritz Lipp <moritz.lipp@iaik.tugraz.at>
Cc: Daniel Gruss <daniel.gruss@iaik.tugraz.at>
Cc: Michael Schwarz <michael.schwarz@iaik.tugraz.at>
Cc: Richard Fellner <richard.fellner@student.tugraz.at>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Andi Lutomirsky <luto@kernel.org>
Link: https://lkml.kernel.org/r/20180105174436.1BC6FA2B@viggo.jf.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
Documentation/admin-guide/kernel-parameters.txt | 21 +-
Documentation/x86/pti.txt | 186 ++++++++++++++++++++++++
2 files changed, 200 insertions(+), 7 deletions(-)
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2685,8 +2685,6 @@
steal time is computed, but won't influence scheduler
behaviour
- nopti [X86-64] Disable kernel page table isolation
-
nolapic [X86-32,APIC] Do not enable or use the local APIC.
nolapic_timer [X86-32,APIC] Do not use the local APIC timer.
@@ -3255,11 +3253,20 @@
pt. [PARIDE]
See Documentation/blockdev/paride.txt.
- pti= [X86_64]
- Control user/kernel address space isolation:
- on - enable
- off - disable
- auto - default setting
+ pti= [X86_64] Control Page Table Isolation of user and
+ kernel address spaces. Disabling this feature
+ removes hardening, but improves performance of
+ system calls and interrupts.
+
+ on - unconditionally enable
+ off - unconditionally disable
+ auto - kernel detects whether your CPU model is
+ vulnerable to issues that PTI mitigates
+
+ Not specifying this option is equivalent to pti=auto.
+
+ nopti [X86_64]
+ Equivalent to pti=off
pty.legacy_count=
[KNL] Number of legacy pty's. Overwrites compiled-in
--- /dev/null
+++ b/Documentation/x86/pti.txt
@@ -0,0 +1,186 @@
+Overview
+========
+
+Page Table Isolation (pti, previously known as KAISER[1]) is a
+countermeasure against attacks on the shared user/kernel address
+space such as the "Meltdown" approach[2].
+
+To mitigate this class of attacks, we create an independent set of
+page tables for use only when running userspace applications. When
+the kernel is entered via syscalls, interrupts or exceptions, the
+page tables are switched to the full "kernel" copy. When the system
+switches back to user mode, the user copy is used again.
+
+The userspace page tables contain only a minimal amount of kernel
+data: only what is needed to enter/exit the kernel such as the
+entry/exit functions themselves and the interrupt descriptor table
+(IDT). There are a few strictly unnecessary things that get mapped
+such as the first C function when entering an interrupt (see
+comments in pti.c).
+
+This approach helps to ensure that side-channel attacks leveraging
+the paging structures do not function when PTI is enabled. It can be
+enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time.
+Once enabled at compile-time, it can be disabled at boot with the
+'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).
+
+Page Table Management
+=====================
+
+When PTI is enabled, the kernel manages two sets of page tables.
+The first set is very similar to the single set which is present in
+kernels without PTI. This includes a complete mapping of userspace
+that the kernel can use for things like copy_to_user().
+
+Although _complete_, the user portion of the kernel page tables is
+crippled by setting the NX bit in the top level. This ensures
+that any missed kernel->user CR3 switch will immediately crash
+userspace upon executing its first instruction.
+
+The userspace page tables map only the kernel data needed to enter
+and exit the kernel. This data is entirely contained in the 'struct
+cpu_entry_area' structure which is placed in the fixmap which gives
+each CPU's copy of the area a compile-time-fixed virtual address.
+
+For new userspace mappings, the kernel makes the entries in its
+page tables like normal. The only difference is when the kernel
+makes entries in the top (PGD) level. In addition to setting the
+entry in the main kernel PGD, a copy of the entry is made in the
+userspace page tables' PGD.
+
+This sharing at the PGD level also inherently shares all the lower
+layers of the page tables. This leaves a single, shared set of
+userspace page tables to manage. One PTE to lock, one set of
+accessed bits, dirty bits, etc...
+
+Overhead
+========
+
+Protection against side-channel attacks is important. But,
+this protection comes at a cost:
+
+1. Increased Memory Use
+ a. Each process now needs an order-1 PGD instead of order-0.
+ (Consumes an additional 4k per process).
+ b. The 'cpu_entry_area' structure must be 2MB in size and 2MB
+ aligned so that it can be mapped by setting a single PMD
+ entry. This consumes nearly 2MB of RAM once the kernel
+ is decompressed, but no space in the kernel image itself.
+
+2. Runtime Cost
+ a. CR3 manipulation to switch between the page table copies
+ must be done at interrupt, syscall, and exception entry
+ and exit (it can be skipped when the kernel is interrupted,
+ though.) Moves to CR3 are on the order of a hundred
+ cycles, and are required at every entry and exit.
+ b. A "trampoline" must be used for SYSCALL entry. This
+ trampoline depends on a smaller set of resources than the
+ non-PTI SYSCALL entry code, so requires mapping fewer
+ things into the userspace page tables. The downside is
+ that stacks must be switched at entry time.
+ d. Global pages are disabled for all kernel structures not
+ mapped into both kernel and userspace page tables. This
+ feature of the MMU allows different processes to share TLB
+ entries mapping the kernel. Losing the feature means more
+ TLB misses after a context switch. The actual loss of
+ performance is very small, however, never exceeding 1%.
+ d. Process Context IDentifiers (PCID) is a CPU feature that
+ allows us to skip flushing the entire TLB when switching page
+ tables by setting a special bit in CR3 when the page tables
+ are changed. This makes switching the page tables (at context
+ switch, or kernel entry/exit) cheaper. But, on systems with
+ PCID support, the context switch code must flush both the user
+ and kernel entries out of the TLB. The user PCID TLB flush is
+ deferred until the exit to userspace, minimizing the cost.
+ See intel.com/sdm for the gory PCID/INVPCID details.
+ e. The userspace page tables must be populated for each new
+ process. Even without PTI, the shared kernel mappings
+ are created by copying top-level (PGD) entries into each
+ new process. But, with PTI, there are now *two* kernel
+ mappings: one in the kernel page tables that maps everything
+ and one for the entry/exit structures. At fork(), we need to
+ copy both.
+ f. In addition to the fork()-time copying, there must also
+ be an update to the userspace PGD any time a set_pgd() is done
+ on a PGD used to map userspace. This ensures that the kernel
+ and userspace copies always map the same userspace
+ memory.
+ g. On systems without PCID support, each CR3 write flushes
+ the entire TLB. That means that each syscall, interrupt
+ or exception flushes the TLB.
+ h. INVPCID is a TLB-flushing instruction which allows flushing
+ of TLB entries for non-current PCIDs. Some systems support
+ PCIDs, but do not support INVPCID. On these systems, addresses
+ can only be flushed from the TLB for the current PCID. When
+ flushing a kernel address, we need to flush all PCIDs, so a
+ single kernel address flush will require a TLB-flushing CR3
+ write upon the next use of every PCID.
+
+Possible Future Work
+====================
+1. We can be more careful about not actually writing to CR3
+ unless its value is actually changed.
+2. Allow PTI to be enabled/disabled at runtime in addition to the
+ boot-time switching.
+
+Testing
+========
+
+To test stability of PTI, the following test procedure is recommended,
+ideally doing all of these in parallel:
+
+1. Set CONFIG_DEBUG_ENTRY=y
+2. Run several copies of all of the tools/testing/selftests/x86/ tests
+ (excluding MPX and protection_keys) in a loop on multiple CPUs for
+ several minutes. These tests frequently uncover corner cases in the
+ kernel entry code. In general, old kernels might cause these tests
+ themselves to crash, but they should never crash the kernel.
+3. Run the 'perf' tool in a mode (top or record) that generates many
+ frequent performance monitoring non-maskable interrupts (see "NMI"
+ in /proc/interrupts). This exercises the NMI entry/exit code which
+ is known to trigger bugs in code paths that did not expect to be
+ interrupted, including nested NMIs. Using "-c" boosts the rate of
+ NMIs, and using two -c with separate counters encourages nested NMIs
+ and less deterministic behavior.
+
+ while true; do perf record -c 10000 -e instructions,cycles -a sleep 10; done
+
+4. Launch a KVM virtual machine.
+5. Run 32-bit binaries on systems supporting the SYSCALL instruction.
+ This has been a lightly-tested code path and needs extra scrutiny.
+
+Debugging
+=========
+
+Bugs in PTI cause a few different signatures of crashes
+that are worth noting here.
+
+ * Failures of the selftests/x86 code. Usually a bug in one of the
+ more obscure corners of entry_64.S
+ * Crashes in early boot, especially around CPU bringup. Bugs
+ in the trampoline code or mappings cause these.
+ * Crashes at the first interrupt. Caused by bugs in entry_64.S,
+ like screwing up a page table switch. Also caused by
+ incorrectly mapping the IRQ handler entry code.
+ * Crashes at the first NMI. The NMI code is separate from main
+ interrupt handlers and can have bugs that do not affect
+ normal interrupts. Also caused by incorrectly mapping NMI
+ code. NMIs that interrupt the entry code must be very
+ careful and can be the cause of crashes that show up when
+ running perf.
+ * Kernel crashes at the first exit to userspace. entry_64.S
+ bugs, or failing to map some of the exit code.
+ * Crashes at first interrupt that interrupts userspace. The paths
+ in entry_64.S that return to userspace are sometimes separate
+ from the ones that return to the kernel.
+ * Double faults: overflowing the kernel stack because of page
+ faults upon page faults. Caused by touching non-pti-mapped
+ data in the entry code, or forgetting to switch to kernel
+ CR3 before calling into C functions which are not pti-mapped.
+ * Userspace segfaults early in boot, sometimes manifesting
+ as mount(8) failing to mount the rootfs. These have
+ tended to be TLB invalidation issues. Usually invalidating
+ the wrong PCID, or otherwise missing an invalidation.
+
+1. https://gruss.cc/files/kaiser.pdf
+2. https://meltdownattack.com/meltdown.pdf
next prev parent reply other threads:[~2018-01-15 12:52 UTC|newest]
Thread overview: 139+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-15 12:33 [PATCH 4.14 000/118] 4.14.14-stable review Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 001/118] dm bufio: fix shrinker scans when (nr_to_scan < retain_target) Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 002/118] KVM: Fix stack-out-of-bounds read in write_mmio Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 003/118] can: vxcan: improve handling of missing peer name attribute Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 004/118] can: gs_usb: fix return value of the "set_bittiming" callback Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 005/118] IB/srpt: Disable RDMA access by the initiator Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 006/118] IB/srpt: Fix ACL lookup during login Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 007/118] MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 008/118] MIPS: Factor out NT_PRFPREG regset access helpers Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 009/118] MIPS: Guard against any partial write attempt with PTRACE_SETREGSET Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 010/118] MIPS: Consistently handle buffer counter " Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 011/118] MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA Greg Kroah-Hartman
2018-01-15 12:33 ` [PATCH 4.14 012/118] MIPS: Also verify sizeof `elf_fpreg_t with PTRACE_SETREGSET Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 013/118] MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 014/118] cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 015/118] kvm: vmx: Scrub hardware GPRs at VM-exit Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 016/118] platform/x86: wmi: Call acpi_wmi_init() later Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 017/118] iw_cxgb4: only call the cq comp_handler when the cq is armed Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 018/118] iw_cxgb4: atomically flush the qp Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 019/118] iw_cxgb4: only clear the ARMED bit if a notification is needed Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 020/118] iw_cxgb4: reflect the original WR opcode in drain cqes Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 021/118] iw_cxgb4: when flushing, complete all wrs in a chain Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 022/118] x86/acpi: Handle SCI interrupts above legacy space gracefully Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 023/118] ALSA: pcm: Remove incorrect snd_BUG_ON() usages Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 024/118] ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 025/118] ALSA: pcm: Add missing error checks in OSS emulation plugin builder Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 026/118] ALSA: pcm: Abort properly at pending signal in OSS read/write loops Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 027/118] ALSA: pcm: Allow aborting mutex lock at " Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 028/118] ALSA: aloop: Release cable upon open error path Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 029/118] ALSA: aloop: Fix inconsistent format due to incomplete rule Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 030/118] ALSA: aloop: Fix racy hw constraints adjustment Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 031/118] x86/acpi: Reduce code duplication in mp_override_legacy_irq() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 032/118] 8021q: fix a memory leak for VLAN 0 device Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 033/118] ip6_tunnel: disable dst caching if tunnel is dual-stack Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 034/118] net: core: fix module type in sock_diag_bind Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 035/118] phylink: ensure we report link down when LOS asserted Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 036/118] RDS: Heap OOB write in rds_message_alloc_sgs() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 037/118] RDS: null pointer dereference in rds_atomic_free_op Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 038/118] net: fec: restore dev_id in the cases of probe error Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 039/118] net: fec: defer probe if regulator is not ready Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 040/118] net: fec: free/restore resource in related probe error pathes Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 041/118] sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 042/118] sctp: fix the handling of ICMP Frag Needed for too small MTUs Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 043/118] sh_eth: fix TSU resource handling Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 044/118] net: stmmac: enable EEE in MII, GMII or RGMII only Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 045/118] sh_eth: fix SH7757 GEther initialization Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 046/118] ipv6: fix possible mem leaks in ipv6_make_skb() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 047/118] ethtool: do not print warning for applications using legacy API Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 048/118] mlxsw: spectrum_router: Fix NULL pointer deref Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 049/118] net/sched: Fix update of lastuse in act modules implementing stats_update Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 050/118] ipv6: sr: fix TLVs not being copied using setsockopt Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 051/118] mlxsw: spectrum: Relax sanity checks during enslavement Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 052/118] sfp: fix sfp-bus oops when removing socket/upstream Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 053/118] Revert "Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find."" Greg Kroah-Hartman
2018-01-15 13:23 ` Steffen Klassert
2018-01-15 13:37 ` Greg Kroah-Hartman
2018-01-15 16:56 ` David Miller
2018-01-16 6:33 ` Steffen Klassert
2018-01-16 7:44 ` Nicolas Dichtel
2018-01-16 8:12 ` Steffen Klassert
2018-01-16 15:32 ` David Miller
2018-01-16 17:44 ` Greg KH
2018-01-15 12:34 ` [PATCH 4.14 054/118] membarrier: Disable preemption when calling smp_call_function_many() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 055/118] crypto: algapi - fix NULL dereference in crypto_remove_spawns() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 056/118] mmc: renesas_sdhi: Add MODULE_LICENSE Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 057/118] rbd: reacquire lock should update lock owner client id Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 058/118] rbd: set max_segments to USHRT_MAX Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 059/118] iwlwifi: pcie: fix DMA memory mapping / unmapping Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 060/118] x86/microcode/intel: Extend BDW late-loading with a revision check Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 061/118] KVM: x86: Add memory barrier on vmcs field lookup Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 062/118] KVM: PPC: Book3S PR: Fix WIMG handling under pHyp Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 063/118] KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 064/118] KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 065/118] KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 066/118] drm/vmwgfx: Dont cache framebuffer maps Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 067/118] drm/vmwgfx: Potential off by one in vmw_view_add() Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 068/118] drm/i915/gvt: Clear the shadow page table entry after post-sync Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 069/118] drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 070/118] drm/i915: Move init_clock_gating() back to where it was Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 071/118] drm/i915: Fix init_clock_gating for resume Greg Kroah-Hartman
2018-01-15 12:34 ` [PATCH 4.14 072/118] bpf: prevent out-of-bounds speculation Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 073/118] bpf, array: fix overflow in max_entries and undefined behavior in index_mask Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 074/118] bpf: arsh is not supported in 32 bit alu thus reject it Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 075/118] USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 076/118] USB: serial: cp210x: add new device ID ELV ALC 8xxx Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 077/118] usb: misc: usb3503: make sure reset is low for at least 100us Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 078/118] USB: fix usbmon BUG trigger Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 079/118] USB: UDC core: fix double-free in usb_add_gadget_udc_release Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 080/118] usbip: remove kernel addresses from usb device and urb debug msgs Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 081/118] usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 082/118] usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 083/118] staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 084/118] Bluetooth: Prevent stack info leak from the EFS element Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 085/118] uas: ignore UAS for Norelsys NS1068(X) chips Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 086/118] mux: core: fix double get_device() Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 087/118] kdump: write correct address of mem_section into vmcoreinfo Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 088/118] apparmor: fix ptrace label match when matching stacked labels Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 089/118] e1000e: Fix e1000_check_for_copper_link_ich8lan return value Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 090/118] x86/pti: Unbreak EFI old_memmap Greg Kroah-Hartman
2018-01-15 12:35 ` Greg Kroah-Hartman [this message]
2018-01-15 12:35 ` [PATCH 4.14 092/118] x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 093/118] sysfs/cpu: Add vulnerability folder Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 094/118] x86/cpu: Implement CPU vulnerabilites sysfs functions Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 095/118] x86/tboot: Unbreak tboot with PTI enabled Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 096/118] x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 097/118] x86/cpu/AMD: Make LFENCE a serializing instruction Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 098/118] x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 099/118] sysfs/cpu: Fix typos in vulnerability documentation Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 100/118] x86/alternatives: Fix optimize_nops() checking Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 101/118] x86/pti: Make unpoison of pgd for trusted boot work for real Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 102/118] objtool: Detect jumps to retpoline thunks Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 103/118] objtool: Allow alternatives to be ignored Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 104/118] x86/retpoline: Add initial retpoline support Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 105/118] x86/spectre: Add boot time option to select Spectre v2 mitigation Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 106/118] x86/retpoline/crypto: Convert crypto assembler indirect jumps Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 107/118] x86/retpoline/entry: Convert entry " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 108/118] x86/retpoline/ftrace: Convert ftrace " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 109/118] x86/retpoline/hyperv: Convert " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 110/118] x86/retpoline/xen: Convert Xen hypercall " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 111/118] x86/retpoline/checksum32: Convert assembler " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 112/118] x86/retpoline/irq32: " Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 113/118] x86/retpoline: Fill return stack buffer on vmexit Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 114/118] selftests/x86: Add test_vsyscall Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 115/118] x86/pti: Fix !PCID and sanitize defines Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 116/118] security/Kconfig: Correct the Documentation reference for PTI Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 117/118] x86,perf: Disable intel_bts when PTI Greg Kroah-Hartman
2018-01-15 12:35 ` [PATCH 4.14 118/118] x86/retpoline: Remove compile time warning Greg Kroah-Hartman
2018-01-15 15:24 ` [PATCH 4.14 000/118] 4.14.14-stable review Holger Hoffstätte
2018-01-15 18:02 ` Greg Kroah-Hartman
2018-01-15 16:04 ` Alan J. Wylie
2018-01-15 17:40 ` Greg Kroah-Hartman
2018-01-16 11:50 ` Alan J. Wylie
2018-01-15 16:28 ` kernelci.org bot
2018-01-15 22:11 ` Dan Rue
2018-01-16 5:53 ` Greg Kroah-Hartman
2018-01-16 14:30 ` Guenter Roeck
2018-01-16 14:57 ` Greg Kroah-Hartman
2018-01-16 18:08 ` Shuah Khan
2018-01-16 20:50 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180115123420.838167531@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=daniel.gruss@iaik.tugraz.at \
--cc=dave.hansen@linux.intel.com \
--cc=hughd@google.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=michael.schwarz@iaik.tugraz.at \
--cc=moritz.lipp@iaik.tugraz.at \
--cc=rdunlap@infradead.org \
--cc=richard.fellner@student.tugraz.at \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).