git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit

author	Tyler Hicks <tyhicks@canonical.com>
	Thu, 5 Apr 2018 05:51:00 +0000 (07:51 +0200)
committer	Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	Thu, 5 Apr 2018 12:19:39 +0000 (14:19 +0200)
commit	2695744c5fe8781d0cbb2c0928cadbc75d52ab21
tree	df5730667c2cfe86f8aeb700f127c6d8093a9ccf	tree
parent	cbe746278f766b0b31729aff38a22d0a7e31d69b	commit \| diff

Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current thread"

BugLink: https://bugs.launchpad.net/bugs/1759920
CVE-2017-5715 (Spectre v2 Intel)

This reverts commit 96d520d0fd4994643216f30fe91eea770ba934bc.

Using a ptrace access check in the middle of a task switch was causing
a hard lockup in some cases when the old task was confined by AppArmor.
If the AppArmor policy for the the old task didn't allow the task to
ptrace the new task, AppArmor would attempt to emit an audit message and
deadlock on the task's pi_lock would occur. The fix is to revert this
change and go with upstream's implementation that uses the task's
dumpable state to determine if IBPB should be used.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

arch/x86/mm/tlb.c		diff \| blob \| blame \| history
include/linux/ptrace.h		diff \| blob \| blame \| history
kernel/ptrace.c		diff \| blob \| blame \| history