This is a note to let you know that I've just added the patch titled
kprobes/x86: Blacklist indirect thunk functions for kprobes
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
kprobes-x86-blacklist-indirect-thunk-functions-for-kprobes.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From c1804a236894ecc942da7dc6c5abe209e56cba93 Mon Sep 17 00:00:00 2001
From: Masami Hiramatsu <mhiramat(a)kernel.org>
Date: Fri, 19 Jan 2018 01:14:51 +0900
Subject: kprobes/x86: Blacklist indirect thunk functions for kprobes
From: Masami Hiramatsu <mhiramat(a)kernel.org>
commit c1804a236894ecc942da7dc6c5abe209e56cba93 upstream.
Mark __x86_indirect_thunk_* functions as blacklist for kprobes
because those functions can be called from anywhere in the kernel
including blacklist functions of kprobes.
Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Acked-by: David Woodhouse <dwmw(a)amazon.co.uk>
Cc: Andi Kleen <ak(a)linux.intel.com>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Ananth N Mavinakayanahalli <ananth(a)linux.vnet.ibm.com>
Cc: Arjan van de Ven <arjan(a)linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Link: https://lkml.kernel.org/r/151629209111.10241.5444852823378068683.stgit@devb…
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/lib/retpoline.S | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/arch/x86/lib/retpoline.S
+++ b/arch/x86/lib/retpoline.S
@@ -25,7 +25,8 @@ ENDPROC(__x86_indirect_thunk_\reg)
* than one per register with the correct names. So we do it
* the simple and nasty way...
*/
-#define EXPORT_THUNK(reg) EXPORT_SYMBOL(__x86_indirect_thunk_ ## reg)
+#define __EXPORT_THUNK(sym) _ASM_NOKPROBE(sym); EXPORT_SYMBOL(sym)
+#define EXPORT_THUNK(reg) __EXPORT_THUNK(__x86_indirect_thunk_ ## reg)
#define GENERATE_THUNK(reg) THUNK reg ; EXPORT_THUNK(reg)
GENERATE_THUNK(_ASM_AX)
Patches currently in stable-queue which might be from mhiramat(a)kernel.org are
queue-4.14/kprobes-x86-disable-optimizing-on-the-function-jumps-to-indirect-thunk.patch
queue-4.14/kprobes-x86-blacklist-indirect-thunk-functions-for-kprobes.patch
queue-4.14/retpoline-introduce-start-end-markers-of-indirect-thunk.patch
Hi
I'm submitting this upstream patch to the stable branch 4.14. The patch
fixes a bug that was introduced in 4.14 and that bug causes frequent
lock-ups of network connections. I tested that the patch fixes the
lock-ups on the kernel 4.14.14.
Mikulas
commit e749aca84b10f3987b2ee1f76e0c7d8aacc5653c
Author: Yan Markman <ymarkman(a)marvell.com>
Date: Tue Nov 28 14:19:50 2017 +0100
net: mvpp2: do not disable GMAC padding
Short fragmented packets may never be sent by the hardware when padding
is disabled. This patch stop modifying the GMAC padding bits, to leave
them to their reset value (disabled).
Fixes: 3919357fb0bb ("net: mvpp2: initialize the GMAC when using a port")
Signed-off-by: Yan Markman <ymarkman(a)marvell.com>
[Antoine: commit message]
Signed-off-by: Antoine Tenart <antoine.tenart(a)free-electrons.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
---
drivers/net/ethernet/marvell/mvpp2.c | 9 ---------
1 file changed, 9 deletions(-)
Index: linux-4.14.13/drivers/net/ethernet/marvell/mvpp2.c
===================================================================
--- linux-4.14.13.orig/drivers/net/ethernet/marvell/mvpp2.c 2018-01-21 21:19:58.000000000 +0100
+++ linux-4.14.13/drivers/net/ethernet/marvell/mvpp2.c 2018-01-21 21:19:57.000000000 +0100
@@ -4552,11 +4552,6 @@ static void mvpp2_port_mii_gmac_configur
MVPP22_CTRL4_QSGMII_BYPASS_ACTIVE;
val &= ~MVPP22_CTRL4_EXT_PIN_GMII_SEL;
writel(val, port->base + MVPP22_GMAC_CTRL_4_REG);
-
- val = readl(port->base + MVPP2_GMAC_CTRL_2_REG);
- val |= MVPP2_GMAC_DISABLE_PADDING;
- val &= ~MVPP2_GMAC_FLOW_CTRL_MASK;
- writel(val, port->base + MVPP2_GMAC_CTRL_2_REG);
} else if (phy_interface_mode_is_rgmii(port->phy_interface)) {
val = readl(port->base + MVPP22_GMAC_CTRL_4_REG);
val |= MVPP22_CTRL4_EXT_PIN_GMII_SEL |
@@ -4564,10 +4559,6 @@ static void mvpp2_port_mii_gmac_configur
MVPP22_CTRL4_QSGMII_BYPASS_ACTIVE;
val &= ~MVPP22_CTRL4_DP_CLK_SEL;
writel(val, port->base + MVPP22_GMAC_CTRL_4_REG);
-
- val = readl(port->base + MVPP2_GMAC_CTRL_2_REG);
- val &= ~MVPP2_GMAC_DISABLE_PADDING;
- writel(val, port->base + MVPP2_GMAC_CTRL_2_REG);
}
/* The port is connected to a copper PHY */
On Sun, Jan 21, 2018 at 3:49 PM, Tetsuo Handa
<penguin-kernel(a)i-love.sakura.ne.jp> wrote:
>
> As far as I tested, using helper function made no difference. Unless I
> explicitly insert barriers like cpu_relax() or smp_mb() between these,
> the object side does not change.
Ok, thanks for checking.
> You can apply with
>
> Acked-by: Michal Hocko <mhocko(a)suse.com>
> Tested-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp>
Applied and pushed out. Thanks everybody.
Linus
This is the start of the stable review cycle for the 4.4.109 release.
There are 63 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Wed Jan 3 13:59:54 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.109-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.4.109-rc1
Linus Torvalds <torvalds(a)linux-foundation.org>
n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
Thomas Gleixner <tglx(a)linutronix.de>
x86/smpboot: Remove stale TLB flush invocations
Thomas Gleixner <tglx(a)linutronix.de>
nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick()
Daniel Thompson <daniel.thompson(a)linaro.org>
usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201
Mathias Nyman <mathias.nyman(a)linux.intel.com>
USB: Fix off by one in type-specific length check of BOS SSP capability
Oliver Neukum <oneukum(a)suse.com>
usb: add RESET_RESUME for ELSA MicroLink 56K
Dmitry Fleytman Dmitry Fleytman <dmitry.fleytman(a)gmail.com>
usb: Add device quirk for Logitech HD Pro Webcam C925e
SZ Lin (林上智) <sz.lin(a)moxa.com>
USB: serial: option: adding support for YUGA CLM920-NC5
Daniele Palmas <dnlplm(a)gmail.com>
USB: serial: option: add support for Telit ME910 PID 0x1101
Reinhard Speyerer <rspmn(a)arcor.de>
USB: serial: qcserial: add Sierra Wireless EM7565
Max Schulze <max.schulze(a)posteo.de>
USB: serial: ftdi_sio: add id for Airbus DS P8GR
Shuah Khan <shuahkh(a)osg.samsung.com>
usbip: vhci: stop printing kernel pointer addresses in messages
Shuah Khan <shuahkh(a)osg.samsung.com>
usbip: stub: stop printing kernel pointer addresses in messages
Juan Zea <juan.zea(a)qindel.com>
usbip: fix usbip bind writing random string after command in match_busid
Willem de Bruijn <willemb(a)google.com>
sock: free skb in skb_complete_tx_timestamp on error
Grygorii Strashko <grygorii.strashko(a)ti.com>
net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround
Eric W. Biederman <ebiederm(a)xmission.com>
net: Fix double free and memory corruption in get_net_ns_by_id()
Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com>
net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks
Ido Schimmel <idosch(a)mellanox.com>
ipv4: Fix use-after-free when flushing FIB tables
Tonghao Zhang <xiangxia.m.yue(a)gmail.com>
sctp: Replace use of sockets_allocated with specified macro.
Tobias Jordan <Tobias.Jordan(a)elektrobit.com>
net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case
Mohamed Ghannam <simo.ghannam(a)gmail.com>
net: ipv4: fix for a race condition in raw_sendmsg
Brian King <brking(a)linux.vnet.ibm.com>
tg3: Fix rx hang on MTU change with 5717/5719
Christoph Paasch <cpaasch(a)apple.com>
tcp md5sig: Use skb's saddr when replying to an incoming segment
Shaohua Li <shli(a)fb.com>
net: reevalulate autoflowlabel setting after sysctl setting
Sebastian Sjoholm <ssjoholm(a)mac.com>
net: qmi_wwan: add Sierra EM7565 1199:9091
Kevin Cernekee <cernekee(a)chromium.org>
netlink: Add netns check on taps
Kevin Cernekee <cernekee(a)chromium.org>
net: igmp: Use correct source address on IGMPv3 reports
Eric Dumazet <edumazet(a)google.com>
ipv6: mcast: better catch silly mtu values
Eric Dumazet <edumazet(a)google.com>
ipv4: igmp: guard against silly MTU values
Linus Torvalds <torvalds(a)linux-foundation.org>
kbuild: add '-fno-stack-check' to kernel build options
Andy Lutomirski <luto(a)kernel.org>
x86/mm/64: Fix reboot interaction with CR4.PCIDE
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Enable CR4.PCIDE on supported systems
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Add the 'nopcid' boot option to turn off PCID
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Disable PCID on 32-bit kernels
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range()
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Make flush_tlb_mm_range() more predictable
Andy Lutomirski <luto(a)kernel.org>
x86/mm: Remove flush_tlb() and flush_tlb_current_task()
Andy Lutomirski <luto(a)kernel.org>
x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly()
Hui Wang <hui.wang(a)canonical.com>
ALSA: hda - fix headset mic detection issue on a Dell machine
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda: Drop useless WARN_ON()
Johan Hovold <johan(a)kernel.org>
ASoC: twl4030: fix child-node lookup
Maciej S. Szmigiero <mail(a)maciej.szmigiero.name>
ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure
Steve Wise <swise(a)opengridcomputing.com>
iw_cxgb4: Only validate the MSN for successful completions
Steven Rostedt (VMware) <rostedt(a)goodmis.org>
ring-buffer: Mask out the info bits when returning buffer page length
Jing Xia <jing.xia(a)spreadtrum.com>
tracing: Fix crash when it fails to alloc ring buffer
Steven Rostedt (VMware) <rostedt(a)goodmis.org>
tracing: Fix possible double free on failure of allocating trace buffer
Steven Rostedt (VMware) <rostedt(a)goodmis.org>
tracing: Remove extra zeroing out of the ring buffer page
Yelena Krivosheev <yelena(a)marvell.com>
net: mvneta: clear interface link status on port disable
Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com>
powerpc/perf: Dereference BHRB entries safely
Paolo Bonzini <pbonzini(a)redhat.com>
kvm: x86: fix RSM when PCID is non-zero
Wanpeng Li <wanpeng.li(a)hotmail.com>
KVM: X86: Fix load RFLAGS w/o the fixed bit
Ricardo Ribalda Delgado <ricardo.ribalda(a)gmail.com>
spi: xilinx: Detect stall with Unknown commands
Helge Deller <deller(a)gmx.de>
parisc: Hide Diva-built-in serial aux and graphics card
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
PCI / PM: Force devices to D0 in pci_pm_thaw_noirq()
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU
Takashi Iwai <tiwai(a)suse.de>
ALSA: rawmidi: Avoid racy info ioctl via ctl device
Johan Hovold <johan(a)kernel.org>
mfd: twl6040: Fix child-node lookup
Johan Hovold <johan(a)kernel.org>
mfd: twl4030-audio: Fix sibling-node lookup
Jon Hunter <jonathanh(a)nvidia.com>
mfd: cros ec: spi: Don't send first message too soon
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
crypto: mcryptd - protect the per-CPU queue with a lock
Takashi Iwai <tiwai(a)suse.de>
ACPI: APEI / ERST: Fix missing error handling in erst_reader()
-------------
Diffstat:
Documentation/kernel-parameters.txt | 2 +
Makefile | 7 ++-
arch/powerpc/perf/core-book3s.c | 8 ++-
arch/x86/Kconfig | 2 +-
arch/x86/include/asm/disabled-features.h | 4 +-
arch/x86/include/asm/hardirq.h | 2 +-
arch/x86/include/asm/mmu.h | 6 --
arch/x86/include/asm/mmu_context.h | 2 -
arch/x86/include/asm/tlbflush.h | 99 +++++---------------------------
arch/x86/kernel/cpu/bugs.c | 8 +++
arch/x86/kernel/cpu/common.c | 40 +++++++++++++
arch/x86/kernel/reboot.c | 4 ++
arch/x86/kernel/smpboot.c | 9 ---
arch/x86/kernel/vm86_32.c | 2 +-
arch/x86/kvm/emulate.c | 32 ++++++++---
arch/x86/kvm/x86.c | 2 +-
arch/x86/mm/init.c | 2 -
arch/x86/mm/tlb.c | 73 +++--------------------
arch/x86/xen/enlighten.c | 6 ++
crypto/mcryptd.c | 23 ++++----
drivers/acpi/apei/erst.c | 2 +-
drivers/infiniband/hw/cxgb4/cq.c | 6 +-
drivers/mfd/cros_ec_spi.c | 1 +
drivers/mfd/twl4030-audio.c | 9 ++-
drivers/mfd/twl6040.c | 12 ++--
drivers/net/ethernet/broadcom/tg3.c | 4 +-
drivers/net/ethernet/marvell/mvmdio.c | 3 +-
drivers/net/ethernet/marvell/mvneta.c | 4 ++
drivers/net/phy/micrel.c | 1 +
drivers/net/usb/qmi_wwan.c | 1 +
drivers/parisc/lba_pci.c | 33 +++++++++++
drivers/pci/pci-driver.c | 7 ++-
drivers/spi/spi-xilinx.c | 11 ++++
drivers/tty/n_tty.c | 4 +-
drivers/usb/core/config.c | 2 +-
drivers/usb/core/quirks.c | 6 +-
drivers/usb/host/xhci-pci.c | 3 +
drivers/usb/serial/ftdi_sio.c | 1 +
drivers/usb/serial/ftdi_sio_ids.h | 6 ++
drivers/usb/serial/option.c | 17 ++++++
drivers/usb/serial/qcserial.c | 3 +
drivers/usb/usbip/stub_main.c | 5 +-
drivers/usb/usbip/stub_rx.c | 7 +--
drivers/usb/usbip/stub_tx.c | 4 +-
drivers/usb/usbip/vhci_hcd.c | 10 ----
drivers/usb/usbip/vhci_rx.c | 23 ++++----
drivers/usb/usbip/vhci_tx.c | 3 +-
include/crypto/mcryptd.h | 1 +
include/linux/ipv6.h | 3 +-
include/net/ip.h | 2 +
kernel/time/tick-sched.c | 19 +++++-
kernel/trace/ring_buffer.c | 6 +-
kernel/trace/trace.c | 13 ++---
net/bridge/br_netlink.c | 11 ++--
net/core/net_namespace.c | 2 +-
net/core/skbuff.c | 6 +-
net/ipv4/devinet.c | 2 +-
net/ipv4/fib_frontend.c | 9 ++-
net/ipv4/igmp.c | 44 ++++++++++----
net/ipv4/ip_tunnel.c | 4 +-
net/ipv4/raw.c | 15 +++--
net/ipv4/tcp_ipv4.c | 2 +-
net/ipv6/af_inet6.c | 1 -
net/ipv6/ip6_output.c | 12 +++-
net/ipv6/ipv6_sockglue.c | 1 +
net/ipv6/mcast.c | 25 ++++----
net/ipv6/tcp_ipv6.c | 2 +-
net/netlink/af_netlink.c | 3 +
net/sctp/socket.c | 4 +-
sound/core/rawmidi.c | 15 ++++-
sound/hda/hdac_i915.c | 2 +-
sound/pci/hda/patch_realtek.c | 5 ++
sound/soc/codecs/twl4030.c | 4 +-
sound/soc/fsl/fsl_ssi.c | 18 ++++--
sound/usb/mixer.c | 27 +++++----
tools/usb/usbip/src/utils.c | 9 ++-
76 files changed, 459 insertions(+), 329 deletions(-)
This is a note to let you know that I've just added the patch titled
usbip: fix warning in vhci_hcd_probe/lockdep_init_map
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
usbip-fix-warning-in-vhci_hcd_probe-lockdep_init_map.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From 918b8ac55b6c809b70aa05c279087109584e393e Mon Sep 17 00:00:00 2001
From: Shuah Khan <shuahkh(a)osg.samsung.com>
Date: Mon, 5 Dec 2016 12:56:38 -0700
Subject: usbip: fix warning in vhci_hcd_probe/lockdep_init_map
From: Shuah Khan <shuahkh(a)osg.samsung.com>
commit 918b8ac55b6c809b70aa05c279087109584e393e upstream.
vhci_hcd calls sysfs_create_group() with dynamically allocated sysfs
attributes triggering the lock-class key not persistent warning. Call
sysfs_attr_init() for dynamically allocated sysfs attributes to fix it.
vhci_hcd vhci_hcd: USB/IP Virtual Host Controller
vhci_hcd vhci_hcd: new USB bus registered, assigned bus number 2
BUG: key ffff88006a7e8d18 not in .data!
------------[ cut here ]------------
WARNING: CPU: 0 PID: 1 at kernel/locking/lockdep.c:3131
lockdep_init_map+0x60c/0x770
DEBUG_LOCKS_WARN_ON(1)[ 1.567044] Modules linked in:
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.9.0-rc7+ #58
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
ffff88006bce6eb8 ffffffff81f96c8a ffffffff00000a02 1ffff1000d79cd6a
ffffed000d79cd62 000000046bce6ed8 0000000041b58ab3 ffffffff8598af40
ffffffff81f969f8 0000000000000000 0000000041b58ab3 0000000000000200
Call Trace:
[< inline >] __dump_stack lib/dump_stack.c:15
[<ffffffff81f96c8a>] dump_stack+0x292/0x398 lib/dump_stack.c:51
[<ffffffff812b808f>] __warn+0x19f/0x1e0 kernel/panic.c:550
[<ffffffff812b8195>] warn_slowpath_fmt+0xc5/0x110 kernel/panic.c:565
[<ffffffff813f3efc>] lockdep_init_map+0x60c/0x770 kernel/locking/lockdep.c:3131
[<ffffffff819e43d4>] __kernfs_create_file+0x114/0x2a0 fs/kernfs/file.c:954
[<ffffffff819e68f5>] sysfs_add_file_mode_ns+0x225/0x520 fs/sysfs/file.c:305
[< inline >] create_files fs/sysfs/group.c:64
[<ffffffff819e8a89>] internal_create_group+0x239/0x8f0 fs/sysfs/group.c:134
[<ffffffff819e915f>] sysfs_create_group+0x1f/0x30 fs/sysfs/group.c:156
[<ffffffff8323de24>] vhci_start+0x5b4/0x7a0 drivers/usb/usbip/vhci_hcd.c:978
[<ffffffff82c907ca>] usb_add_hcd+0x8da/0x1c60 drivers/usb/core/hcd.c:2867
[<ffffffff8323bc57>] vhci_hcd_probe+0x97/0x130
drivers/usb/usbip/vhci_hcd.c:1103
---
---
---[ end trace c33c7b202cf3aac8 ]---
Signed-off-by: Shuah Khan <shuahkh(a)osg.samsung.com>
Reported-by: Andrey Konovalov <andreyknvl(a)google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
drivers/usb/usbip/vhci_sysfs.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/usb/usbip/vhci_sysfs.c
+++ b/drivers/usb/usbip/vhci_sysfs.c
@@ -361,6 +361,7 @@ static void set_status_attr(int id)
status->attr.attr.name = status->name;
status->attr.attr.mode = S_IRUGO;
status->attr.show = status_show;
+ sysfs_attr_init(&status->attr.attr);
}
static int init_status_attrs(void)
Patches currently in stable-queue which might be from shuahkh(a)osg.samsung.com are
queue-4.9/usbip-fix-warning-in-vhci_hcd_probe-lockdep_init_map.patch
On Tue, Jan 16, 2018 at 10:38:35AM +0000, Woodhouse, David wrote:
> On Tue, 2018-01-16 at 11:22 +0100, Jiri Slaby wrote:
> > On 01/15/2018, 01:35 PM, Greg Kroah-Hartman wrote:
> > > 4.9-stable review patch. If anyone has any objections, please let me know.
> >
> > May I ask if somebody has started the 4.4 port yet?
>
> Razvan pushed that out yesterday:
>
> http://git.infradead.org/retpoline-stable.git/shortlog/refs/heads/linux-4.4…
And I've now queued up all of these patches, thanks very much for doing
this work!
greg k-h
This is a note to let you know that I've just added the patch titled
x86/cpu, x86/pti: Do not enable PTI on AMD processors
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-cpu-x86-pti-do-not-enable-pti-on-amd-processors.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From 694d99d40972f12e59a3696effee8a376b79d7c8 Mon Sep 17 00:00:00 2001
From: Tom Lendacky <thomas.lendacky(a)amd.com>
Date: Tue, 26 Dec 2017 23:43:54 -0600
Subject: x86/cpu, x86/pti: Do not enable PTI on AMD processors
From: Tom Lendacky <thomas.lendacky(a)amd.com>
commit 694d99d40972f12e59a3696effee8a376b79d7c8 upstream.
AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.
Disable page table isolation by default on AMD processors by not setting
the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI
is set.
Signed-off-by: Tom Lendacky <thomas.lendacky(a)amd.com>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Reviewed-by: Borislav Petkov <bp(a)suse.de>
Cc: Dave Hansen <dave.hansen(a)linux.intel.com>
Cc: Andy Lutomirski <luto(a)kernel.org>
Cc: stable(a)vger.kernel.org
Link: https://lkml.kernel.org/r/20171227054354.20369.94587.stgit@tlendack-t1.amdo…
Cc: Nick Lowe <nick.lowe(a)gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/kernel/cpu/common.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -883,8 +883,8 @@ static void __init early_identify_cpu(st
setup_force_cpu_cap(X86_FEATURE_ALWAYS);
- /* Assume for now that ALL x86 CPUs are insecure */
- setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+ if (c->x86_vendor != X86_VENDOR_AMD)
+ setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
Patches currently in stable-queue which might be from thomas.lendacky(a)amd.com are
queue-4.9/x86-retpoline-fill-rsb-on-context-switch-for-affected-cpus.patch
queue-4.9/x86-retpoline-add-lfence-to-the-retpoline-rsb-filling-rsb-macros.patch
queue-4.9/x86-cpu-x86-pti-do-not-enable-pti-on-amd-processors.patch