Received: by 10.223.176.46 with SMTP id f43csp2801053wra; Mon, 22 Jan 2018 03:42:58 -0800 (PST) X-Google-Smtp-Source: AH8x225IpFcFrThr3gEgYZCqsk4Q3HQUxlgfWfS1vtVc2E5R0TzEZ/xm6tIvaRqDJHqZRhCXNrXd X-Received: by 2002:a17:902:6b01:: with SMTP id o1-v6mr3313726plk.51.1516621378649; Mon, 22 Jan 2018 03:42:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516621378; cv=none; d=google.com; s=arc-20160816; b=TSqVufC07zwoHzp4V/Ck3qa1aMOj1iczVVoD5ZIA7IZlg662Qbfl7JoyByFc7JGaJ7 gbE//nK82Uf0DeBdWQr7NndXBZVcvSkYK+6FIpU32DOSGUb5mnOEEthnLu8y6Up/6bZa Q6mG+Kl6RXZ49qZt00mY30a20e7oeak557V3OYT7eH/nQpsi6Ps1TNRipVYZW2CJ71PK Mdyfl/fnFI4pmdzO9eRVJrOIl5CVmJgJcNb2RTGn8C37x8h0aT1TR/com0mYbRHxoGMt vGCIjwOlqtMv6eYdchjQNrhRs+X/MUk6EIAeVv2plI6JKk3mXvtsSutRSicF9FbL4PmH KXRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=cfzYbvSD2Y3sZBI9qyK59zCYWg9GmJlXdQKW3n6RNcI=; b=usncj4njcxMwmrQ9NIqG4Fl7StaqKCB6SZBA3fdNF1z+2V662KZHVfg/zUfOr/FSag c1gGPrd0YOOXvujRo2SfHKCtGDqmf0Rmkme7+WZD38wJMnVmsBci8C9vPwbF3O6gLqdp ehXTX4EcVTh7xuD9Nfo6yrL5psLZV3ul+nqOvS6a7WbQe/94/MNbJDl69DuGtXQ363oy 9xSrQnjdtZyxuQqUhwE6EDADVaJ92jSayKignEGmCkrvrPkY6vq30IP92okWjljqVhEJ c4lGR4tebRQCNkohLDC3y89wn/RJiiKnbS73BDsG/nLGhfLBSbcWi3goW5rH9vihsuzb FwKw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b1si1695611pgn.191.2018.01.22.03.42.44; Mon, 22 Jan 2018 03:42:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751137AbeAVLlt (ORCPT + 99 others); Mon, 22 Jan 2018 06:41:49 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:57566 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750886AbeAVLls (ORCPT ); Mon, 22 Jan 2018 06:41:48 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id F35221529; Mon, 22 Jan 2018 03:41:47 -0800 (PST) Received: from edgewater-inn.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C43B93F53D; Mon, 22 Jan 2018 03:41:47 -0800 (PST) Received: by edgewater-inn.cambridge.arm.com (Postfix, from userid 1000) id A59431AE2F75; Mon, 22 Jan 2018 11:41:55 +0000 (GMT) Date: Mon, 22 Jan 2018 11:41:55 +0000 From: Will Deacon To: Jayachandran C Cc: Jon Masters , marc.zyngier@arm.com, linux-arm-kernel@lists.infradead.org, lorenzo.pieralisi@arm.com, ard.biesheuvel@linaro.org, catalin.marinas@arm.com, linux-kernel@vger.kernel.org, labbott@redhat.com, christoffer.dall@linaro.org, suzuki.poulose@arm.com Subject: Re: [PATCH v3 2/2] arm64: Turn on KPTI only on CPUs that need it Message-ID: <20180122114155.GC15456@arm.com> References: <20180118135354.GB20783@arm.com> <1516364568-95577-1-git-send-email-jnair@caviumnetworks.com> <1516364568-95577-2-git-send-email-jnair@caviumnetworks.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1516364568-95577-2-git-send-email-jnair@caviumnetworks.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 19, 2018 at 04:22:48AM -0800, Jayachandran C wrote: > Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in > unmap_kernel_at_el0(). These CPUs are not vulnerable to > CVE-2017-5754 and do not need KPTI when KASLR is off. > > Signed-off-by: Jayachandran C > --- > arch/arm64/kernel/cpufeature.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c > index 647d44b..fb698ca 100644 > --- a/arch/arm64/kernel/cpufeature.c > +++ b/arch/arm64/kernel/cpufeature.c > @@ -866,6 +866,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, > if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) > return true; > > + /* Don't force KPTI for CPUs that are not vulnerable */ > + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) { > + case MIDR_CAVIUM_THUNDERX2: > + case MIDR_BRCM_VULCAN: > + return false; > + } > + > /* Defer to CPU feature registers */ > return !cpuid_feature_extract_unsigned_field(pfr0, > ID_AA64PFR0_CSV3_SHIFT); We'll need to re-jig this to work properly with big/little because this is only called once, but that's ok for now: Acked-by: Will Deacon Suzuki has a series reworking much of the cpufeatures code so that we can do this properly for 4.17. Will