Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751741AbeADAQW (ORCPT + 1 other); Wed, 3 Jan 2018 19:16:22 -0500 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:57678 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751204AbeADAQV (ORCPT ); Wed, 3 Jan 2018 19:16:21 -0500 Message-ID: <1515024968.2714.171.camel@decadent.org.uk> Subject: Re: [PATCH 4.9 29/39] x86/kaiser: Check boottime cmdline params From: Ben Hutchings To: Greg Kroah-Hartman , linux-kernel@vger.kernel.org Cc: stable@vger.kernel.org, Borislav Petkov Date: Thu, 04 Jan 2018 00:16:08 +0000 In-Reply-To: <20180103195105.300752447@linuxfoundation.org> References: <20180103195104.066528044@linuxfoundation.org> <20180103195105.300752447@linuxfoundation.org> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-WuA028IxIKv+Ghfxo/is" X-Mailer: Evolution 3.26.2-1 Mime-Version: 1.0 X-SA-Exim-Connect-IP: 2a02:8011:400e:2:6f00:88c8:c921:d332 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: --=-WuA028IxIKv+Ghfxo/is Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, 2018-01-03 at 21:11 +0100, Greg Kroah-Hartman wrote: > 4.9-stable review patch. If anyone has any objections, please let me kno= w. >=20 > ------------------ >=20 > From: Borislav Petkov >=20 >=20 > AMD (and possibly other vendors) are not affected by the leak > KAISER is protecting against. [...] > +void __init kaiser_check_boottime_disable(void) > +{ > + bool enable =3D true; > + char arg[5]; > + int ret; > + > + ret =3D cmdline_find_option(boot_command_line, "pti", arg, sizeof(arg))= ; > + if (ret > 0) { > + if (!strncmp(arg, "on", 2)) > + goto enable; > + > + if (!strncmp(arg, "off", 3)) > + goto disable; > + > + if (!strncmp(arg, "auto", 4)) > + goto skip; > + } > + > + if (cmdline_find_option_bool(boot_command_line, "nopti")) > + goto disable; > + > +skip: > + if (boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_AMD) > + goto disable; [...] No such exception has been added upstream, so I don't think it's appropriate to add it in stable. Ben. --=20 Ben Hutchings Quantity is no substitute for quality, but it's the only one we've got. --=-WuA028IxIKv+Ghfxo/is Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlpNckgACgkQ57/I7JWG EQkqJw/+PsUYpEuz8bs7zOfO3J96lpVGan8y8nSQrmP842dGmBinglnqntO8RGRG mW/ac3Ondd/qcWfMQ/QKKogAI6NCcS+zrPLl03K4CfUZFj384vqArSLZuZuGQ2F9 P5qOS4CWtGpmhwZ7LLQGOL6xRVvbxG0IIHAGKsauzlN3JsvPYIYlhrbLHkv1GU+/ fVU0djljgJigtgumPvuzE2u28oqvrPc1ouU9xDf6wB1cyR0OFOOhhh6a9BTSx8TN +QupyEms2eFIFQnSXjbAJM6LzReQvJNuLJSad8RfYULN1/CqtU0wtNHg86/bA74M m1Ov3/0W+wHXAo7eOpcEjQYpFSezVmHpmBftRkp4JBpPPL86ZC85YOKOczTnlJmT J4HfsWJRF5XorSuirwL6bY1hXJ2x6tcgjm+oKQhV7E/dgfTN+uPIKaKweevC9iYf wlj9NPBj+qWeKIcXE88mbYU8G/ZiaYbXGWxBWTSJ0UVaUINwJ7XeKTQgK03oHq8H xBsuU5enyk8rLFYUqTv2cOOxNcazYBobHcRMO8xNLnO2A1Do161ReSoEJPT/POUK kiOwST6wtlIyYYxnOtd4KPaihtyL5cGTBp44c6t5Y082zFjVg7v3TNrZAAZ0g6mK hYgKd0mXWaDMeU6f0pM/gVxc06RXU62KsR0GJftiBsxWvwbrH3k= =or4w -----END PGP SIGNATURE----- --=-WuA028IxIKv+Ghfxo/is--