Received: by 10.223.176.46 with SMTP id f43csp2809082wra; Mon, 22 Jan 2018 03:52:49 -0800 (PST) X-Google-Smtp-Source: AH8x224ocJRWSmTqAMcE5Gl/8SH82yBnmgEeX+qJ+Q5Gt4YfDwAAtfrDQhcNLdwftaCEQ0GyG99G X-Received: by 10.99.132.200 with SMTP id k191mr6865589pgd.177.1516621968979; Mon, 22 Jan 2018 03:52:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516621968; cv=none; d=google.com; s=arc-20160816; b=ALfaWklylAvcqKSgiXY2BUZAEn95jvM75eyhsN36I35onFZ+x3j3iZ3dMELPKzj2os a/v1EPtzGaZUrgmnl+w/4ecVzOCmF+OVwXJ01vRK+vVm9m2sd4qrUnbUNM0w8RQq122D wJfDF+LMMsZvGjchWkZiONuu/G8Y+mc6CQ2OIwGcBZFrx3YG1D/xGmuoTBLu9ST9ESVy foBqN1lUR8hwDzfYJC/ICnuPY3JUkNUBRQLj/LyQvQXKnRBruW79mbIlAXVvZP7Ki0NA DZiWFYUDcGRkJJoTOKFtnUmfPSLQZRcyZmA0y29tDqEyeE1tCk0FiihuPxUhPdDp8T+s 31qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=; b=YZ4pYSZR35Vb430BxcvC3RBnIgVvTBwMEnkXtWyaf7oinHYgJHR7VkasCzQGrYuwF+ NL10Gdd5mgDHLN4HovHELmMUf8pkA3H2ztY227f4PjflpkPkYZ+D1bxdkzwI44Ki9V+B Wd8g4LMQcRo2hZ9UWkXLyx3lKCx5O2LPvSlI6c24SfU20HYpAp4YsM1IRIRx2HD5mtYE OIZ2tESDvva8JzTK70Bj9945wzPssPo94P2YLfTm5xIhNV06HoEbQ5nwHGIvOXmtP6KB HREqCaezZ0uqfUPzmksntRAFHxP2CEEn5suqDTK3QqyveKx7GDOp3EpoakMmHjctV9a9 jerw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EIsLu0xO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q81si57464pfd.99.2018.01.22.03.52.35; Mon, 22 Jan 2018 03:52:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EIsLu0xO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751143AbeAVLvh (ORCPT + 99 others); Mon, 22 Jan 2018 06:51:37 -0500 Received: from mail-io0-f194.google.com ([209.85.223.194]:43692 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750955AbeAVLvf (ORCPT ); Mon, 22 Jan 2018 06:51:35 -0500 Received: by mail-io0-f194.google.com with SMTP id 72so9134910iom.10 for ; Mon, 22 Jan 2018 03:51:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=; b=EIsLu0xOrHW/ehXNG2DND59/QQBkJwFCMmMu07FeQ6sN7JzchxqhvPhe7+mfab1B0c jOquAROaIW2b6xAIKUVqjcIlzpQqvc2A6+JSrLkosVAbyV1vdRwZpUx6vU5I6RbV5Vv/ qpw+44OZxdhud12nFABUS0VgDCuLq/kgrbsi8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=; b=YfqZePU3mmOty7hWqwvUR66vhEm6H6e5cWJL5iO1zfP/rbtZ2/lQU7DmQPXUcyUyqg YxmPRMNYHlAGK5XWYUpwTvwx0tR19ovq7eEDbtUjZeBq1IjLHTrQjnd/Nuc8gnJ3DUqw 2bPvZT3IBJkoid5ZzOY1LmGW2bF5R9+sl6ZGRLH7pZnRTuluBQwaNiz+1oNZT6B0Ri9U gqIVMA6FGrQcbjIKF1yuno7ZgAwM78gLBXPR7hrljCw8LZwDtvfoKJFNLTIW9m94y4/3 Pm9DWhZWhbUYpBG84zIEmJ/bEO7rQeauW39Lw0wXkIEg+upHjrH1hOpa9BSRChsb/l0u l2cA== X-Gm-Message-State: AKwxytdHSzVV1f+dzUXur+6ZUHYZ7J6qZBdTN8t85EW5FHYAwXTLojVV wG0sl4FHxa+1+gm7HtKkOM4B+MO/VAG06E2MivsjJg== X-Received: by 10.107.132.158 with SMTP id o30mr7732766ioi.70.1516621895245; Mon, 22 Jan 2018 03:51:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.112.13 with HTTP; Mon, 22 Jan 2018 03:51:34 -0800 (PST) In-Reply-To: <20180122114155.GC15456@arm.com> References: <20180118135354.GB20783@arm.com> <1516364568-95577-1-git-send-email-jnair@caviumnetworks.com> <1516364568-95577-2-git-send-email-jnair@caviumnetworks.com> <20180122114155.GC15456@arm.com> From: Ard Biesheuvel Date: Mon, 22 Jan 2018 11:51:34 +0000 Message-ID: Subject: Re: [PATCH v3 2/2] arm64: Turn on KPTI only on CPUs that need it To: Will Deacon Cc: Jayachandran C , Jon Masters , Marc Zyngier , linux-arm-kernel , Lorenzo Pieralisi , Catalin Marinas , Linux Kernel Mailing List , Laura Abbott , Christoffer Dall , "Suzuki K. Poulose" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 22 January 2018 at 11:41, Will Deacon wrote: > On Fri, Jan 19, 2018 at 04:22:48AM -0800, Jayachandran C wrote: >> Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in >> unmap_kernel_at_el0(). These CPUs are not vulnerable to >> CVE-2017-5754 and do not need KPTI when KASLR is off. >> >> Signed-off-by: Jayachandran C >> --- >> arch/arm64/kernel/cpufeature.c | 7 +++++++ >> 1 file changed, 7 insertions(+) >> >> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c >> index 647d44b..fb698ca 100644 >> --- a/arch/arm64/kernel/cpufeature.c >> +++ b/arch/arm64/kernel/cpufeature.c >> @@ -866,6 +866,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, >> if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) >> return true; >> >> + /* Don't force KPTI for CPUs that are not vulnerable */ >> + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) { >> + case MIDR_CAVIUM_THUNDERX2: >> + case MIDR_BRCM_VULCAN: >> + return false; >> + } >> + >> /* Defer to CPU feature registers */ >> return !cpuid_feature_extract_unsigned_field(pfr0, >> ID_AA64PFR0_CSV3_SHIFT); > > We'll need to re-jig this to work properly with big/little because this is > only called once, but that's ok for now: > > Acked-by: Will Deacon > > Suzuki has a series reworking much of the cpufeatures code so that we can > do this properly for 4.17. > If we start adding opt outs here, we should at least include A53, and probably replace >> if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) >> return true; with >> if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_offset() > 0) >> return true; so that adding 'nokaslr' to the command line also disables KPTI.