This is a note to let you know that I've just added the patch titled
x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: x86-kaiser-rename-and-simplify-x86_feature_kaiser-handling.patch and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
From foo@baz Wed Jan 3 18:58:12 CET 2018
From: Borislav Petkov bp@suse.de Date: Tue, 2 Jan 2018 14:19:48 +0100 Subject: x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
From: Borislav Petkov bp@suse.de
Concentrate it in arch/x86/mm/kaiser.c and use the upstream string "nopti".
Signed-off-by: Borislav Petkov bp@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- Documentation/kernel-parameters.txt | 2 +- arch/x86/kernel/cpu/common.c | 18 ------------------ arch/x86/mm/kaiser.c | 20 +++++++++++++++++++- 3 files changed, 20 insertions(+), 20 deletions(-)
--- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -2523,7 +2523,7 @@ bytes respectively. Such letter suffixes
nojitter [IA-64] Disables jitter checking for ITC timers.
- nokaiser [X86-64] Disable KAISER isolation of kernel from user. + nopti [X86-64] Disable KAISER isolation of kernel from user.
no-kvmclock [X86,KVM] Disable paravirtualized KVM clock driver
--- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -178,20 +178,6 @@ static int __init x86_pcid_setup(char *s return 1; } __setup("nopcid", x86_pcid_setup); - -static int __init x86_nokaiser_setup(char *s) -{ - /* nokaiser doesn't accept parameters */ - if (s) - return -EINVAL; -#ifdef CONFIG_KAISER - kaiser_enabled = 0; - setup_clear_cpu_cap(X86_FEATURE_KAISER); - pr_info("nokaiser: KAISER feature disabled\n"); -#endif - return 0; -} -early_param("nokaiser", x86_nokaiser_setup); #endif
static int __init x86_noinvpcid_setup(char *s) @@ -761,10 +747,6 @@ void get_cpu_cap(struct cpuinfo_x86 *c) c->x86_power = cpuid_edx(0x80000007);
init_scattered_cpuid_features(c); -#ifdef CONFIG_KAISER - if (kaiser_enabled) - set_cpu_cap(c, X86_FEATURE_KAISER); -#endif }
static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c) --- a/arch/x86/mm/kaiser.c +++ b/arch/x86/mm/kaiser.c @@ -275,8 +275,13 @@ void __init kaiser_init(void) { int cpu;
- if (!kaiser_enabled) + if (!kaiser_enabled) { + setup_clear_cpu_cap(X86_FEATURE_KAISER); return; + } + + setup_force_cpu_cap(X86_FEATURE_KAISER); + kaiser_init_all_pgds();
for_each_possible_cpu(cpu) { @@ -419,3 +424,16 @@ void kaiser_flush_tlb_on_return_to_user( X86_CR3_PCID_USER_FLUSH | KAISER_SHADOW_PGD_OFFSET); } EXPORT_SYMBOL(kaiser_flush_tlb_on_return_to_user); + +static int __init x86_nokaiser_setup(char *s) +{ + /* nopti doesn't accept parameters */ + if (s) + return -EINVAL; + + kaiser_enabled = 0; + pr_info("Kernel/User page tables isolation: disabled\n"); + + return 0; +} +early_param("nopti", x86_nokaiser_setup);
Patches currently in stable-queue which might be from bp@suse.de are
queue-4.4/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.4/x86-kaiser-reenable-paravirt.patch queue-4.4/x86-kaiser-rename-and-simplify-x86_feature_kaiser-handling.patch queue-4.4/x86-kaiser-check-boottime-cmdline-params.patch queue-4.4/x86-kaiser-move-feature-detection-up.patch
On 2018-01-03 01:04 PM, gregkh@linuxfoundation.org wrote:
This is a note to let you know that I've just added the patch titled
x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: x86-kaiser-rename-and-simplify-x86_feature_kaiser-handling.patch and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
Hi Greg,
Is this going to be called kaiser in stable (older kernels) or will this get renamed to pti?
Thanks! Dhaval
On Wed, Jan 03, 2018 at 02:21:27PM -0500, Dhaval Giani wrote:
On 2018-01-03 01:04 PM, gregkh@linuxfoundation.org wrote:
This is a note to let you know that I've just added the patch titled
x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: x86-kaiser-rename-and-simplify-x86_feature_kaiser-handling.patch and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
Hi Greg,
Is this going to be called kaiser in stable (older kernels) or will this get renamed to pti?
Don't know yet, probably pti, I have some patches not yet applied to do that...
thanks,
greg k-h
linux-stable-mirror@lists.linaro.org