arm64: Turn on KPTI only on CPUs that need it

Commit 0ba2e29c7fc1 upstream.

Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in
unmap_kernel_at_el0(). These CPUs are not vulnerable to
CVE-2017-5754 and do not need KPTI when KASLR is off.

Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Jayachandran C <jnair@caviumnetworks.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit c98c8c23585643cbf255415b02cb32c95baac82e)

CVE-2017-5753
CVE-2017-5715
CVE-2017-5754

Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
Acked-by: Brad Figg <brad.figg@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index c4e842f45b7c3f3f5a1ac716e3a3bb47d703ce64..46b1507ea60557124aea03ab7191c2cb03d512f1 100644 (file)
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -816,6 +816,13 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry,
        if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
                return true;
 
+       /* Don't force KPTI for CPUs that are not vulnerable */
+       switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) {
+       case MIDR_CAVIUM_THUNDERX2:
+       case MIDR_BRCM_VULCAN:
+               return false;
+       }
+
        /* Defer to CPU feature registers */
        return !cpuid_feature_extract_unsigned_field(pfr0,
                                                     ID_AA64PFR0_CSV3_SHIFT);