Received: by 10.223.176.46 with SMTP id f43csp2809082wra;
        Mon, 22 Jan 2018 03:52:49 -0800 (PST)
X-Google-Smtp-Source: AH8x224ocJRWSmTqAMcE5Gl/8SH82yBnmgEeX+qJ+Q5Gt4YfDwAAtfrDQhcNLdwftaCEQ0GyG99G
X-Received: by 10.99.132.200 with SMTP id k191mr6865589pgd.177.1516621968979;
        Mon, 22 Jan 2018 03:52:48 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516621968; cv=none;
        d=google.com; s=arc-20160816;
        b=ALfaWklylAvcqKSgiXY2BUZAEn95jvM75eyhsN36I35onFZ+x3j3iZ3dMELPKzj2os
         a/v1EPtzGaZUrgmnl+w/4ecVzOCmF+OVwXJ01vRK+vVm9m2sd4qrUnbUNM0w8RQq122D
         wJfDF+LMMsZvGjchWkZiONuu/G8Y+mc6CQ2OIwGcBZFrx3YG1D/xGmuoTBLu9ST9ESVy
         foBqN1lUR8hwDzfYJC/ICnuPY3JUkNUBRQLj/LyQvQXKnRBruW79mbIlAXVvZP7Ki0NA
         DZiWFYUDcGRkJJoTOKFtnUmfPSLQZRcyZmA0y29tDqEyeE1tCk0FiihuPxUhPdDp8T+s
         31qg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=;
        b=YZ4pYSZR35Vb430BxcvC3RBnIgVvTBwMEnkXtWyaf7oinHYgJHR7VkasCzQGrYuwF+
         NL10Gdd5mgDHLN4HovHELmMUf8pkA3H2ztY227f4PjflpkPkYZ+D1bxdkzwI44Ki9V+B
         Wd8g4LMQcRo2hZ9UWkXLyx3lKCx5O2LPvSlI6c24SfU20HYpAp4YsM1IRIRx2HD5mtYE
         OIZ2tESDvva8JzTK70Bj9945wzPssPo94P2YLfTm5xIhNV06HoEbQ5nwHGIvOXmtP6KB
         HREqCaezZ0uqfUPzmksntRAFHxP2CEEn5suqDTK3QqyveKx7GDOp3EpoakMmHjctV9a9
         jerw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=EIsLu0xO;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q81si57464pfd.99.2018.01.22.03.52.35;
        Mon, 22 Jan 2018 03:52:48 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=EIsLu0xO;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751143AbeAVLvh (ORCPT <rfc822;aashilpatel1993@gmail.com>
        + 99 others); Mon, 22 Jan 2018 06:51:37 -0500
Received: from mail-io0-f194.google.com ([209.85.223.194]:43692 "EHLO
        mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750955AbeAVLvf (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 22 Jan 2018 06:51:35 -0500
Received: by mail-io0-f194.google.com with SMTP id 72so9134910iom.10
        for <linux-kernel@vger.kernel.org>; Mon, 22 Jan 2018 03:51:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=;
        b=EIsLu0xOrHW/ehXNG2DND59/QQBkJwFCMmMu07FeQ6sN7JzchxqhvPhe7+mfab1B0c
         jOquAROaIW2b6xAIKUVqjcIlzpQqvc2A6+JSrLkosVAbyV1vdRwZpUx6vU5I6RbV5Vv/
         qpw+44OZxdhud12nFABUS0VgDCuLq/kgrbsi8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=+2wfNWlTN67u50ar31C2ZBap49WiBn21+DC+VtDGFjg=;
        b=YfqZePU3mmOty7hWqwvUR66vhEm6H6e5cWJL5iO1zfP/rbtZ2/lQU7DmQPXUcyUyqg
         YxmPRMNYHlAGK5XWYUpwTvwx0tR19ovq7eEDbtUjZeBq1IjLHTrQjnd/Nuc8gnJ3DUqw
         2bPvZT3IBJkoid5ZzOY1LmGW2bF5R9+sl6ZGRLH7pZnRTuluBQwaNiz+1oNZT6B0Ri9U
         gqIVMA6FGrQcbjIKF1yuno7ZgAwM78gLBXPR7hrljCw8LZwDtvfoKJFNLTIW9m94y4/3
         Pm9DWhZWhbUYpBG84zIEmJ/bEO7rQeauW39Lw0wXkIEg+upHjrH1hOpa9BSRChsb/l0u
         l2cA==
X-Gm-Message-State: AKwxytdHSzVV1f+dzUXur+6ZUHYZ7J6qZBdTN8t85EW5FHYAwXTLojVV
        wG0sl4FHxa+1+gm7HtKkOM4B+MO/VAG06E2MivsjJg==
X-Received: by 10.107.132.158 with SMTP id o30mr7732766ioi.70.1516621895245;
 Mon, 22 Jan 2018 03:51:35 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.112.13 with HTTP; Mon, 22 Jan 2018 03:51:34 -0800 (PST)
In-Reply-To: <20180122114155.GC15456@arm.com>
References: <20180118135354.GB20783@arm.com> <1516364568-95577-1-git-send-email-jnair@caviumnetworks.com>
 <1516364568-95577-2-git-send-email-jnair@caviumnetworks.com> <20180122114155.GC15456@arm.com>
From:   Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date:   Mon, 22 Jan 2018 11:51:34 +0000
Message-ID: <CAKv+Gu_kOYYx3Qa8OsfsxJDLMSrWVNrt7kmtJOue9sVaTdGqXg@mail.gmail.com>
Subject: Re: [PATCH v3 2/2] arm64: Turn on KPTI only on CPUs that need it
To:     Will Deacon <will.deacon@arm.com>
Cc:     Jayachandran C <jnair@caviumnetworks.com>,
        Jon Masters <jcm@jonmasters.org>,
        Marc Zyngier <marc.zyngier@arm.com>,
        linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Laura Abbott <labbott@redhat.com>,
        Christoffer Dall <christoffer.dall@linaro.org>,
        "Suzuki K. Poulose" <suzuki.poulose@arm.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 22 January 2018 at 11:41, Will Deacon <will.deacon@arm.com> wrote:
> On Fri, Jan 19, 2018 at 04:22:48AM -0800, Jayachandran C wrote:
>> Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in
>> unmap_kernel_at_el0(). These CPUs are not vulnerable to
>> CVE-2017-5754 and do not need KPTI when KASLR is off.
>>
>> Signed-off-by: Jayachandran C <jnair@caviumnetworks.com>
>> ---
>>  arch/arm64/kernel/cpufeature.c | 7 +++++++
>>  1 file changed, 7 insertions(+)
>>
>> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
>> index 647d44b..fb698ca 100644
>> --- a/arch/arm64/kernel/cpufeature.c
>> +++ b/arch/arm64/kernel/cpufeature.c
>> @@ -866,6 +866,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
>>       if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
>>               return true;
>>
>> +     /* Don't force KPTI for CPUs that are not vulnerable */
>> +     switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) {
>> +     case MIDR_CAVIUM_THUNDERX2:
>> +     case MIDR_BRCM_VULCAN:
>> +             return false;
>> +     }
>> +
>>       /* Defer to CPU feature registers */
>>       return !cpuid_feature_extract_unsigned_field(pfr0,
>>                                                    ID_AA64PFR0_CSV3_SHIFT);
>
> We'll need to re-jig this to work properly with big/little because this is
> only called once, but that's ok for now:
>
> Acked-by: Will Deacon <will.deacon@arm.com>
>
> Suzuki has a series reworking much of the cpufeatures code so that we can
> do this properly for 4.17.
>

If we start adding opt outs here, we should at least include A53, and
probably replace

>>       if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
>>               return true;

with

>>       if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_offset() > 0)
>>               return true;

so that adding 'nokaslr' to the command line also disables KPTI.