Received: by 10.223.176.46 with SMTP id f43csp994663wra; Wed, 24 Jan 2018 09:00:46 -0800 (PST) X-Google-Smtp-Source: AH8x227J9gSXgRwY6en9bBkD81mvpzk5jvjz209xLf2ph66ddbQ5HO3UzOTq6H6R8rJs4JOu/qJ7 X-Received: by 2002:a17:902:781:: with SMTP id 1-v6mr8569660plj.411.1516813246623; Wed, 24 Jan 2018 09:00:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516813246; cv=none; d=google.com; s=arc-20160816; b=hAThU/b3MOjesLY2mPZUryV3LCUsnGDuSGrjnOf0zCFlHMXNRS3yjcIIBKf4vniFta jjZ/aNiY8R7BQZ6VOnLEkyJEkv3ThFK+T6buR4OcU1Avy7xJt0T9W5DpRStl5OTWbxGM paXuI/bPmIc50ckabQ6JZK+SyD7MBOxEYNkW2NPfk8R+x6txl9iAzHSLhdWYeRenY/nQ loT1Y14I20ny4jfgv/jGpgV5QWfzLp18jCnlS3VP/PRFuSVmkmsa26y4g1opaE8xS4/B lhBcv8vU6jDR57rnyHN5Cq5/RztasJvzPuMoiO1fK4ra7aU/IPFXO9JCPEv8ROoUyZrS tLNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:to:from:dkim-signature:arc-authentication-results; bh=r6WgxJRcPns4j7XeX/sM46Z+YsZTtcBYA71+sSdDni0=; b=RCpjOrxE75+eJldqf8ee6F77uFL3RA+nSha5ffpKJWtU33oqvrx4h8kJpn9Uq7FTn+ XYzztseFX9QsHt3kPAcq+HZmcBPav7L01g8Ap+25OJGTCTUfotYwhSS/506INSNi7K2j n8GtpvLfkycpg//2SiKjTc4MwYZ+UrUxTAhovlWBErf+JG4kaye3SPk/elNMHuSIJHwy e48Cjsx5EDOn8qSaXIt5ViJmM5JoCA+9jeAgqUOjyZmfImhpMDpZ2uXQv1toFXz05g/L V/tN31H6gFzT1oKNM5PabO+RMbNxmhpgW3nbytOad+oHloYYFLQ24qR0e2M0zpKRGQa2 iR+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=pxQ4AMDZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j12si355977pga.150.2018.01.24.09.00.27; Wed, 24 Jan 2018 09:00:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=pxQ4AMDZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934443AbeAXQ67 (ORCPT + 99 others); Wed, 24 Jan 2018 11:58:59 -0500 Received: from smtp-fw-9102.amazon.com ([207.171.184.29]:15753 "EHLO smtp-fw-9102.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934304AbeAXQ5f (ORCPT ); Wed, 24 Jan 2018 11:57:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1516813055; x=1548349055; h=from:to:subject:date:message-id:in-reply-to:references; bh=r6WgxJRcPns4j7XeX/sM46Z+YsZTtcBYA71+sSdDni0=; b=pxQ4AMDZsFKZ52bUXpPd/+XtalCLiPO/P2lql6mNWJOIS1wSDwXx3kpp Dw5zfzCDXr1uWRmDhJOoVk0oZksjcNLMgVTa5yk19TdMBD1v0mRTYtWjb bTY4PNx1PVVymnL0PmBtchImdef201JjzVDE2IgJwwB0exqs31tI4F8qR c=; X-IronPort-AV: E=Sophos;i="5.46,408,1511827200"; d="scan'208";a="589559286" Received: from sea3-co-svc-lb6-vlan3.sea.amazon.com (HELO email-inbound-relay-1a-67b371d8.us-east-1.amazon.com) ([10.47.22.38]) by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 24 Jan 2018 16:57:31 +0000 Received: from uc8d3ff76b9bc5848a9cc.ant.amazon.com (iad1-ws-svc-lb91-vlan3.amazon.com [10.0.103.150]) by email-inbound-relay-1a-67b371d8.us-east-1.amazon.com (8.14.7/8.14.7) with ESMTP id w0OGvKQP097696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 24 Jan 2018 16:57:22 GMT Received: from uc8d3ff76b9bc5848a9cc.ant.amazon.com (localhost [127.0.0.1]) by uc8d3ff76b9bc5848a9cc.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w0OGvJ22011189; Wed, 24 Jan 2018 16:57:19 GMT Received: (from dwmw@localhost) by uc8d3ff76b9bc5848a9cc.ant.amazon.com (8.15.2/8.15.2/Submit) id w0OGvJT6011188; Wed, 24 Jan 2018 16:57:19 GMT From: David Woodhouse To: arjan@linux.intel.com, tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dave.hansen@intel.com, gnomes@lxorguk.ukuu.org.uk Subject: [PATCH v3 5/6] x86/pti: Do not enable PTI on processors which are not vulnerable to Meltdown Date: Wed, 24 Jan 2018 16:57:04 +0000 Message-Id: <1516813025-10794-6-git-send-email-dwmw@amazon.co.uk> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk> References: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Some old Atoms, anything in family 5 or 4, and newer CPUs when they advertise the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO bit set, are not vulnerable. Roll the AMD exemption into the x86_match_cpu() table too. Based on suggestions from Dave Hansen and Alan Cox. Signed-off-by: David Woodhouse --- arch/x86/kernel/cpu/common.c | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index e5d66e9..3bc8a1f 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -47,6 +47,8 @@ #include #include #include +#include +#include #ifdef CONFIG_X86_LOCAL_APIC #include @@ -853,6 +855,35 @@ static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c) #endif } +static const __initdata struct x86_cpu_id cpu_no_meltdown[] = { + { X86_VENDOR_AMD }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CEDARVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_CLOVERVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_LINCROFT, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PENWELL, X86_FEATURE_ANY }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_PINEVIEW, X86_FEATURE_ANY }, + { X86_VENDOR_ANY, 5 }, + { X86_VENDOR_ANY, 4 }, + {} +}; + +static bool __init early_cpu_vulnerable_meltdown(struct cpuinfo_x86 *c) +{ + u64 ia32_cap = 0; + + if (x86_match_cpu(cpu_no_meltdown)) + return false; + + if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES)) + rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap); + + /* Rogue Data Cache Load? No! */ + if (ia32_cap & ARCH_CAP_RDCL_NO) + return false; + + return true; +} + /* * Do minimum CPU detection early. * Fields really needed: vendor, cpuid_level, family, model, mask, @@ -900,9 +931,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) setup_force_cpu_cap(X86_FEATURE_ALWAYS); - if (c->x86_vendor != X86_VENDOR_AMD) + if (early_cpu_vulnerable_meltdown(c)) setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); - setup_force_cpu_bug(X86_BUG_SPECTRE_V1); setup_force_cpu_bug(X86_BUG_SPECTRE_V2); -- 2.7.4