git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit

author	Marc Zyngier <marc.zyngier@arm.com>
	Fri, 19 Jan 2018 15:42:09 +0000 (15:42 +0000)
committer	Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	Wed, 7 Mar 2018 11:14:06 +0000 (12:14 +0100)
commit	0375a96664b5f23ed3917294a93b735876112a8c
tree	54c046e41250f0483c981d400ccc0b54cb648c43	tree
parent	297c40443b7acec0bf2a53584a89955846b4ced3	commit \| diff

arm64: Move BP hardening to check_and_switch_context

Commit a8e4c0a919ae upstream.

We call arm64_apply_bp_hardening() from post_ttbr_update_workaround,
which has the unexpected consequence of being triggered on every
exception return to userspace when ARM64_SW_TTBR0_PAN is selected,
even if no context switch actually occured.

This is a bit suboptimal, and it would be more logical to only
invalidate the branch predictor when we actually switch to
a different mm.

In order to solve this, move the call to arm64_apply_bp_hardening()
into check_and_switch_context(), where we're guaranteed to pick
a different mm context.

Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 9107ac4ea3da68af722d1b6820f90cf0c119b134)

CVE-2017-5753
CVE-2017-5715
CVE-2017-5754

Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
Acked-by: Brad Figg <brad.figg@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Acked-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>