Use the name associated with the attack which needs page table isolation
for mitigation.
Signed-off-by: Thomas Gleixner <[email protected]>
---
arch/x86/include/asm/cpufeatures.h | 2 +-
arch/x86/mm/pti.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -341,6 +341,6 @@
#define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */
#define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
#define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
-#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
+#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
#endif /* _ASM_X86_CPUFEATURES_H */
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -56,13 +56,13 @@
static void __init pti_print_if_insecure(const char *reason)
{
- if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
static void __init pti_print_if_secure(const char *reason)
{
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
@@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v
}
autosel:
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
return;
enable:
setup_force_cpu_cap(X86_FEATURE_PTI);
On 1/5/2018 8:10 AM, Thomas Gleixner wrote:
> Use the name associated with the attack which needs page table isolation
> for mitigation.
>
> Signed-off-by: Thomas Gleixner <[email protected]>
> ---
> arch/x86/include/asm/cpufeatures.h | 2 +-
> arch/x86/mm/pti.c | 6 +++---
> 2 files changed, 4 insertions(+), 4 deletions(-)
Don't you need to update the value in arch/x86/kernel/cpu/common.c, also?
Thanks,
Tom
>
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -341,6 +341,6 @@
> #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */
> #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
> #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
> -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
> +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
>
> #endif /* _ASM_X86_CPUFEATURES_H */
> --- a/arch/x86/mm/pti.c
> +++ b/arch/x86/mm/pti.c
> @@ -56,13 +56,13 @@
>
> static void __init pti_print_if_insecure(const char *reason)
> {
> - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> pr_info("%s\n", reason);
> }
>
> static void __init pti_print_if_secure(const char *reason)
> {
> - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> pr_info("%s\n", reason);
> }
>
> @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v
> }
>
> autosel:
> - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> return;
> enable:
> setup_force_cpu_cap(X86_FEATURE_PTI);
>
On Fri, 5 Jan 2018, Tom Lendacky wrote:
> On 1/5/2018 8:10 AM, Thomas Gleixner wrote:
> > Use the name associated with the attack which needs page table isolation
> > for mitigation.
> >
> > Signed-off-by: Thomas Gleixner <[email protected]>
> > ---
> > arch/x86/include/asm/cpufeatures.h | 2 +-
> > arch/x86/mm/pti.c | 6 +++---
> > 2 files changed, 4 insertions(+), 4 deletions(-)
>
> Don't you need to update the value in arch/x86/kernel/cpu/common.c, also?
Indeed. I'm sure I wanted to :)
> Thanks,
> Tom
>
> >
> > --- a/arch/x86/include/asm/cpufeatures.h
> > +++ b/arch/x86/include/asm/cpufeatures.h
> > @@ -341,6 +341,6 @@
> > #define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */
> > #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
> > #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
> > -#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
> > +#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
> >
> > #endif /* _ASM_X86_CPUFEATURES_H */
> > --- a/arch/x86/mm/pti.c
> > +++ b/arch/x86/mm/pti.c
> > @@ -56,13 +56,13 @@
> >
> > static void __init pti_print_if_insecure(const char *reason)
> > {
> > - if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> > + if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> > pr_info("%s\n", reason);
> > }
> >
> > static void __init pti_print_if_secure(const char *reason)
> > {
> > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> > pr_info("%s\n", reason);
> > }
> >
> > @@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v
> > }
> >
> > autosel:
> > - if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
> > + if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
> > return;
> > enable:
> > setup_force_cpu_cap(X86_FEATURE_PTI);
> >
>
Subject: x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
From: Thomas Gleixner <[email protected]>
Date: Fri, 05 Jan 2018 15:05:27 +0100
Use the name associated with the particular attack which needs page table
isolation for mitigation.
Signed-off-by: Thomas Gleixner <[email protected]>
---
V2: This time quilt refreshed ...
---
arch/x86/include/asm/cpufeatures.h | 2 +-
arch/x86/kernel/cpu/common.c | 2 +-
arch/x86/mm/pti.c | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -341,6 +341,6 @@
#define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */
#define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
#define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
-#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
+#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
#endif /* _ASM_X86_CPUFEATURES_H */
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -900,7 +900,7 @@ static void __init early_identify_cpu(st
setup_force_cpu_cap(X86_FEATURE_ALWAYS);
if (c->x86_vendor != X86_VENDOR_AMD)
- setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
+ setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
fpu__init_system(c);
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -56,13 +56,13 @@
static void __init pti_print_if_insecure(const char *reason)
{
- if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
static void __init pti_print_if_secure(const char *reason)
{
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
@@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(v
}
autosel:
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
return;
enable:
setup_force_cpu_cap(X86_FEATURE_PTI);
On Fri, 2018-01-05 at 15:27 +0100, Thomas Gleixner wrote:
> Subject: x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
> From: Thomas Gleixner <[email protected]>
> Date: Fri, 05 Jan 2018 15:05:27 +0100
>
> Use the name associated with the particular attack which needs page
> table
> isolation for mitigation.
>
> Signed-off-by: Thomas Gleixner <[email protected]>
Acked-by: David Woodhouse <[email protected]>
I'll add the SPECTRE_V[12] and do X86_FEATURE_RETPOLINE based on top of
that, as discussed.
Commit-ID: de791821c295cc61419a06fe5562288417d1bc58
Gitweb: https://git.kernel.org/tip/de791821c295cc61419a06fe5562288417d1bc58
Author: Thomas Gleixner <[email protected]>
AuthorDate: Fri, 5 Jan 2018 15:27:34 +0100
Committer: Thomas Gleixner <[email protected]>
CommitDate: Fri, 5 Jan 2018 15:34:43 +0100
x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
Use the name associated with the particular attack which needs page table
isolation for mitigation.
Signed-off-by: Thomas Gleixner <[email protected]>
Acked-by: David Woodhouse <[email protected]>
Cc: Alan Cox <[email protected]>
Cc: Jiri Koshina <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Tim Chen <[email protected]>
Cc: Andi Lutomirski <[email protected]>
Cc: Andi Kleen <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Paul Turner <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Greg KH <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: [email protected]
Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801051525300.1724@nanos
---
arch/x86/include/asm/cpufeatures.h | 2 +-
arch/x86/kernel/cpu/common.c | 2 +-
arch/x86/mm/pti.c | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index 07cdd17..21ac898 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -341,6 +341,6 @@
#define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */
#define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
#define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
-#define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
+#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
#endif /* _ASM_X86_CPUFEATURES_H */
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index b1be494..2d3bd22 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -900,7 +900,7 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
setup_force_cpu_cap(X86_FEATURE_ALWAYS);
if (c->x86_vendor != X86_VENDOR_AMD)
- setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
+ setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
fpu__init_system(c);
diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index 2da28ba..43d4a4a 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -56,13 +56,13 @@
static void __init pti_print_if_insecure(const char *reason)
{
- if (boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
static void __init pti_print_if_secure(const char *reason)
{
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
pr_info("%s\n", reason);
}
@@ -96,7 +96,7 @@ void __init pti_check_boottime_disable(void)
}
autosel:
- if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
+ if (!boot_cpu_has_bug(X86_BUG_CPU_MELTDOWN))
return;
enable:
setup_force_cpu_cap(X86_FEATURE_PTI);