From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x226Z3yWn0xiFFy/pwbnKQIVM7y2bfkjlZhPEJg/6MzPLfqq3VGEsHeLiyl20mINzVBpHKpwA ARC-Seal: i=1; a=rsa-sha256; t=1516610556; cv=none; d=google.com; s=arc-20160816; b=msku0vvvy/SalAcAFvC2oUwY9y4F6W1gCa3Ld7hDc9ml9GvtlSKMue9QQmsAKZMo0S FdiloctV5WJN2zlRBeh3bR8miFecrsGXMJNA+L40cOJxRFjAARp/0mZCqJh/LAoxAchh JnIlG8fH/UQlAJ7JGsRYPg3Us36HKx6XHmjxaie3ZUxI4UEfLI6rZekRSbYEn+TQuzKw XScV/1tHnnrzpEbGl0YtfHf2i8xt8kEvjoRGQsAr3OL7RMa8vM1hTIjFjKDIrNXKJQCL 2cuRwc0CBBuU6/QHesBjD0Aqsm4jv9nllGbjA6hd+jqyh5D0CRhSZ3tKFqZIHxi4zqmm LKow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=2OY9C1WZMjlapS2ccS3yAQRTYZ58yaglq+e0f64M8dU=; b=DQDL8CzQCG8/64JNCJ8fkhRb2gElhifGlW2Jf6uXDnl4Bw3g9/FMh1IJzXg2aJYmE1 yEiT57RF82bgZLu1aeVulZtc3Zya33xT/pmRhqwhvI/lKZFVjrHnNjsqFevBCV9K10Zn Gvsm1xVvDPw+9gCfGpes2z9ZJzJm7KP9noCy8X388dPDGIX2EuF+ncyxvIJWLZrbl5Ay ixAoNe6+bty0CgutCD1i2CUIyRsF0bBplMdCt2fYWgmuLISLbx5H4xFguTs4A/rE9QVG k/VK8XYo5YjQ1IJdV/iBf0opWY4LANombkRI34zw3/oCzFf7Xg2crwC/lPUHRK9lG6lC 5kDg== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tom Lendacky , Thomas Gleixner , Borislav Petkov , Dave Hansen , Andy Lutomirski , Nick Lowe Subject: [PATCH 4.4 46/53] x86/cpu, x86/pti: Do not enable PTI on AMD processors Date: Mon, 22 Jan 2018 09:40:38 +0100 Message-Id: <20180122083912.578867910@linuxfoundation.org> X-Mailer: git-send-email 2.16.0 In-Reply-To: <20180122083910.299610926@linuxfoundation.org> References: <20180122083910.299610926@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcU2VudCI=?= X-GMAIL-THRID: =?utf-8?q?1590281430429901005?= X-GMAIL-MSGID: =?utf-8?q?1590281430429901005?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Tom Lendacky commit 694d99d40972f12e59a3696effee8a376b79d7c8 upstream. AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault. Disable page table isolation by default on AMD processors by not setting the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI is set. Signed-off-by: Tom Lendacky Signed-off-by: Thomas Gleixner Reviewed-by: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/20171227054354.20369.94587.stgit@tlendack-t1.amdoffice.net Cc: Nick Lowe Signed-off-by: Greg Kroah-Hartman --- arch/x86/kernel/cpu/common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -831,8 +831,8 @@ static void __init early_identify_cpu(st setup_force_cpu_cap(X86_FEATURE_ALWAYS); - /* Assume for now that ALL x86 CPUs are insecure */ - setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); + if (c->x86_vendor != X86_VENDOR_AMD) + setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN); setup_force_cpu_bug(X86_BUG_SPECTRE_V1); setup_force_cpu_bug(X86_BUG_SPECTRE_V2);