From: Jeremy Linton <jeremy.linton@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: catalin.marinas@arm.com, will.deacon@arm.com,
marc.zyngier@arm.com, suzuki.poulose@arm.com,
dave.martin@arm.com, shankerd@codeaurora.org,
mark.rutland@arm.com, linux-kernel@vger.kernel.org,
ykaukab@suse.de, julien.thierry@arm.com, mlangsdo@redhat.com,
steven.price@arm.com, Jeremy Linton <jeremy.linton@arm.com>
Subject: [PATCH v2 2/7] arm64: kpti: move check for non-vulnerable CPUs to a function
Date: Wed, 2 Jan 2019 18:49:16 -0600 [thread overview]
Message-ID: <20190103004921.1928921-3-jeremy.linton@arm.com> (raw)
In-Reply-To: <20190103004921.1928921-1-jeremy.linton@arm.com>
From: Mian Yousaf Kaukab <ykaukab@suse.de>
Add is_meltdown_safe() which is a whitelist of known safe cores.
Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de>
[Moved location of function]
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
---
arch/arm64/kernel/cpufeature.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 4f272399de89..ab784d7a0083 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -947,8 +947,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope)
#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */
-static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
- int scope)
+static bool is_cpu_meltdown_safe(void)
{
/* List of CPUs that are not vulnerable and don't need KPTI */
static const struct midr_range kpti_safe_list[] = {
@@ -962,6 +961,15 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
{ /* sentinel */ }
};
+ if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
+ return true;
+
+ return false;
+}
+
+static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
+ int scope)
+{
char const *str = "command line option";
/*
@@ -985,8 +993,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
return true;
- /* Don't force KPTI for CPUs that are not vulnerable */
- if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
+ if (is_cpu_meltdown_safe())
return false;
/* Defer to CPU feature registers */
--
2.17.2
WARNING: multiple messages have this Message-ID (diff)
From: Jeremy Linton <jeremy.linton@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: mark.rutland@arm.com, mlangsdo@redhat.com,
suzuki.poulose@arm.com, marc.zyngier@arm.com,
catalin.marinas@arm.com, julien.thierry@arm.com,
will.deacon@arm.com, linux-kernel@vger.kernel.org,
Jeremy Linton <jeremy.linton@arm.com>,
steven.price@arm.com, ykaukab@suse.de, dave.martin@arm.com,
shankerd@codeaurora.org
Subject: [PATCH v2 2/7] arm64: kpti: move check for non-vulnerable CPUs to a function
Date: Wed, 2 Jan 2019 18:49:16 -0600 [thread overview]
Message-ID: <20190103004921.1928921-3-jeremy.linton@arm.com> (raw)
In-Reply-To: <20190103004921.1928921-1-jeremy.linton@arm.com>
From: Mian Yousaf Kaukab <ykaukab@suse.de>
Add is_meltdown_safe() which is a whitelist of known safe cores.
Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de>
[Moved location of function]
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
---
arch/arm64/kernel/cpufeature.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 4f272399de89..ab784d7a0083 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -947,8 +947,7 @@ has_useable_cnp(const struct arm64_cpu_capabilities *entry, int scope)
#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */
-static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
- int scope)
+static bool is_cpu_meltdown_safe(void)
{
/* List of CPUs that are not vulnerable and don't need KPTI */
static const struct midr_range kpti_safe_list[] = {
@@ -962,6 +961,15 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
{ /* sentinel */ }
};
+ if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
+ return true;
+
+ return false;
+}
+
+static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
+ int scope)
+{
char const *str = "command line option";
/*
@@ -985,8 +993,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
return true;
- /* Don't force KPTI for CPUs that are not vulnerable */
- if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
+ if (is_cpu_meltdown_safe())
return false;
/* Defer to CPU feature registers */
--
2.17.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-01-03 0:49 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-03 0:49 [PATCH v2 0/7] add system vulnerability sysfs entries Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 9:38 ` Greg Kroah-Hartman
2019-01-03 9:38 ` Greg Kroah-Hartman
2019-01-03 16:38 ` Jeremy Linton
2019-01-03 16:38 ` Jeremy Linton
2019-01-03 16:48 ` Greg Kroah-Hartman
2019-01-03 16:48 ` Greg Kroah-Hartman
2019-01-04 14:08 ` Dave Martin
2019-01-04 14:08 ` Dave Martin
2019-01-04 14:18 ` Greg Kroah-Hartman
2019-01-04 14:18 ` Greg Kroah-Hartman
2019-01-04 14:55 ` Will Deacon
2019-01-04 14:55 ` Will Deacon
2019-01-03 16:37 ` Dave Martin
2019-01-03 16:37 ` Dave Martin
2019-01-03 16:46 ` Jeremy Linton
2019-01-03 16:46 ` Jeremy Linton
2019-01-03 19:30 ` Stefan Wahren
2019-01-03 19:30 ` Stefan Wahren
2019-01-03 20:32 ` Jeremy Linton
2019-01-03 20:32 ` Jeremy Linton
2019-01-04 10:13 ` Will Deacon
2019-01-04 10:13 ` Will Deacon
2019-01-03 0:49 ` Jeremy Linton [this message]
2019-01-03 0:49 ` [PATCH v2 2/7] arm64: kpti: move check for non-vulnerable CPUs to a function Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 3/7] arm64: add sysfs vulnerability show for meltdown Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 4/7] arm64: add sysfs vulnerability show for spectre v1 Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 5/7] arm64: add sysfs vulnerability show for spectre v2 Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 6/7] arm64: add sysfs vulnerability show for speculative store bypass Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
2019-01-03 0:49 ` [PATCH v2 7/7] arm64: enable generic CPU vulnerabilites support Jeremy Linton
2019-01-03 0:49 ` Jeremy Linton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190103004921.1928921-3-jeremy.linton@arm.com \
--to=jeremy.linton@arm.com \
--cc=catalin.marinas@arm.com \
--cc=dave.martin@arm.com \
--cc=julien.thierry@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.zyngier@arm.com \
--cc=mark.rutland@arm.com \
--cc=mlangsdo@redhat.com \
--cc=shankerd@codeaurora.org \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will.deacon@arm.com \
--cc=ykaukab@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.