Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp6175816imu; Wed, 30 Jan 2019 10:03:48 -0800 (PST) X-Google-Smtp-Source: ALg8bN5cifFHbAwdrgLZmBjiIEPjrMIGfyXH+hlcVY5QhtHXHgHCk9kag3Js1ZMBEaKosn+L4BEG X-Received: by 2002:a62:4886:: with SMTP id q6mr32333229pfi.182.1548871427942; Wed, 30 Jan 2019 10:03:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548871427; cv=none; d=google.com; s=arc-20160816; b=yUVcncjNcsczWx+53ebQ42FlaDziSYd6TquOHYFp9SmPkZ/8Ek8kslVN8vmgA9R91q AKPB8WJPuOB67EBuqTsVdb+78Pipf26jSyDYB5RiVEwxvPJH2YwiieXgRibPFkaAjIQA C+rvsN7W4s9e2ta9sQH4r8MRrkRrGTAkldfCV1IrzU8R0uGZ7MNrCrC8G5giOB2WknW4 mVKiYBESxAb2DCfjMvmwVbSzfDwFLkPzPASqUappHvDIyL9CWFQvW7lvkVYFglt5jUI/ hSpqixBRMW78N1+3U1KgFoyVqK0xJPCJBAoVBK87vXEmbp/ozMuyIq4xXY2iihMtoDM4 ctag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=UK4gQN8UcQHyPRXWJteqVD3ZvYiwV67wzwVmSPEDxbo=; b=XvFYg6vOyklXnPdoOjynX3Lt4kjgeSUtsih/Tvusove8V1h0VaGTXj0+GOLdjlU2TY QZ25AS0O3V3CikgVmYVUIefYmSgBCN8UnYQ241IgMxKVYJs4bc/U+l31D8qQopVQagc6 3mjmmckEI4Wh8jXZtn/bKRyQOqXjNyPtmnNrnSeB7z4PphmhubiXhx0VVUiyJi6CkXXI rxAc8ZOIpgDnPIS4i8s/h4/Dx6wHvPOgp/QMBFBbSV3RbAh2RwFnG3uYmhrKYG5HGopz OQ4x/3T2i9oORseshbVj4/SLNo13erBRTormHrYfCOSjv6CBVuPuMiDM88yKgrpeTKB1 InXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k22si1885805pgl.29.2019.01.30.10.03.31; Wed, 30 Jan 2019 10:03:47 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728674AbfA3SCy (ORCPT + 99 others); Wed, 30 Jan 2019 13:02:54 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:59120 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725770AbfA3SCx (ORCPT ); Wed, 30 Jan 2019 13:02:53 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4217F80D; Wed, 30 Jan 2019 10:02:53 -0800 (PST) Received: from donnerap.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 935993F557; Wed, 30 Jan 2019 10:02:50 -0800 (PST) Date: Wed, 30 Jan 2019 18:02:47 +0000 From: Andre Przywara To: Jeremy Linton Cc: linux-arm-kernel@lists.infradead.org, stefan.wahren@i2se.com, Jonathan Corbet , mlangsdo@redhat.com, linux-doc@vger.kernel.org, suzuki.poulose@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, julien.thierry@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, steven.price@arm.com, ykaukab@suse.de, dave.martin@arm.com, shankerd@codeaurora.org Subject: Re: [PATCH v4 01/12] Documentation: Document arm64 kpti control Message-ID: <20190130180247.15ab0577@donnerap.cambridge.arm.com> In-Reply-To: <20190125180711.1970973-2-jeremy.linton@arm.com> References: <20190125180711.1970973-1-jeremy.linton@arm.com> <20190125180711.1970973-2-jeremy.linton@arm.com> Organization: ARM X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; aarch64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 25 Jan 2019 12:07:00 -0600 Jeremy Linton wrote: Hi, > For a while Arm64 has been capable of force enabling > or disabling the kpti mitigations. Lets make sure the > documentation reflects that. > > Signed-off-by: Jeremy Linton > Cc: Jonathan Corbet > Cc: linux-doc@vger.kernel.org > --- > Documentation/admin-guide/kernel-parameters.txt | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt > b/Documentation/admin-guide/kernel-parameters.txt index > b799bcf67d7b..9475f02c79da 100644 --- > a/Documentation/admin-guide/kernel-parameters.txt +++ > b/Documentation/admin-guide/kernel-parameters.txt @@ -1982,6 +1982,12 > @@ Built with CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y, > the default is off. > > + kpti= [ARM64] Control page table isolation of > user > + and kernel address spaces. > + Default: enabled on cores which need > mitigation. Would this be a good place to mention that we enable it when CONFIG_RANDOMIZE_BASE is enabled and we have a valid kaslr_offset? I found this somewhat surprising, also it's unrelated to the vulnerability. Cheers, Andre > + 0: force disabled > + 1: force enabled > + > kvm.ignore_msrs=[KVM] Ignore guest accesses to unhandled > MSRs. Default is 0 (don't ignore, but inject #GP) >