projects / pve-kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| 59d5af67 | 1 | From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| 321d628a FG |
2 | From: Andy Lutomirski <luto@kernel.org> |
| 3 | Date: Thu, 29 Jun 2017 08:53:21 -0700 | |
| 59d5af67 | 4 | Subject: [PATCH] x86/mm: Enable CR4.PCIDE on supported systems |
| 321d628a FG |
5 | MIME-Version: 1.0 |
| 6 | Content-Type: text/plain; charset=UTF-8 | |
| 7 | Content-Transfer-Encoding: 8bit | |
| 8 | ||
| 9 | CVE-2017-5754 | |
| 10 | ||
| 11 | We can use PCID if the CPU has PCID and PGE and we're not on Xen. | |
| 12 | ||
| 13 | By itself, this has no effect. A followup patch will start using PCID. | |
| 14 | ||
| 15 | Signed-off-by: Andy Lutomirski <luto@kernel.org> | |
| 16 | Reviewed-by: Nadav Amit <nadav.amit@gmail.com> | |
| 17 | Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> | |
| 18 | Reviewed-by: Thomas Gleixner <tglx@linutronix.de> | |
| 19 | Cc: Andrew Morton <akpm@linux-foundation.org> | |
| 20 | Cc: Arjan van de Ven <arjan@linux.intel.com> | |
| 21 | Cc: Borislav Petkov <bp@alien8.de> | |
| 22 | Cc: Dave Hansen <dave.hansen@intel.com> | |
| 23 | Cc: Juergen Gross <jgross@suse.com> | |
| 24 | Cc: Linus Torvalds <torvalds@linux-foundation.org> | |
| 25 | Cc: Mel Gorman <mgorman@suse.de> | |
| 26 | Cc: Peter Zijlstra <peterz@infradead.org> | |
| 27 | Cc: Rik van Riel <riel@redhat.com> | |
| 28 | Cc: linux-mm@kvack.org | |
| 29 | Link: http://lkml.kernel.org/r/6327ecd907b32f79d5aa0d466f04503bbec5df88.1498751203.git.luto@kernel.org | |
| 30 | Signed-off-by: Ingo Molnar <mingo@kernel.org> | |
| 31 | (cherry picked from commit 660da7c9228f685b2ebe664f9fd69aaddcc420b5) | |
| 32 | Signed-off-by: Andy Whitcroft <apw@canonical.com> | |
| 33 | Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> | |
| 34 | (cherry picked from commit 7d6bbe5528395f18de50bd2532843546c849883d) | |
| 35 | Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> | |
| 36 | --- | |
| 37 | arch/x86/include/asm/tlbflush.h | 8 ++++++++ | |
| 38 | arch/x86/kernel/cpu/common.c | 22 ++++++++++++++++++++++ | |
| 39 | arch/x86/xen/enlighten_pv.c | 6 ++++++ | |
| 40 | 3 files changed, 36 insertions(+) | |
| 41 | ||
| 42 | diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h | |
| 43 | index 50ea3482e1d1..2b3d68093235 100644 | |
| 44 | --- a/arch/x86/include/asm/tlbflush.h | |
| 45 | +++ b/arch/x86/include/asm/tlbflush.h | |
| 46 | @@ -207,6 +207,14 @@ static inline void __flush_tlb_all(void) | |
| 47 | __flush_tlb_global(); | |
| 48 | else | |
| 49 | __flush_tlb(); | |
| 50 | + | |
| 51 | + /* | |
| 52 | + * Note: if we somehow had PCID but not PGE, then this wouldn't work -- | |
| 53 | + * we'd end up flushing kernel translations for the current ASID but | |
| 54 | + * we might fail to flush kernel translations for other cached ASIDs. | |
| 55 | + * | |
| 56 | + * To avoid this issue, we force PCID off if PGE is off. | |
| 57 | + */ | |
| 58 | } | |
| 59 | ||
| 60 | static inline void __flush_tlb_one(unsigned long addr) | |
| 61 | diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c | |
| 62 | index 904485e7b230..b95cd94ca97b 100644 | |
| 63 | --- a/arch/x86/kernel/cpu/common.c | |
| 64 | +++ b/arch/x86/kernel/cpu/common.c | |
| 65 | @@ -329,6 +329,25 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c) | |
| 66 | } | |
| 67 | } | |
| 68 | ||
| 69 | +static void setup_pcid(struct cpuinfo_x86 *c) | |
| 70 | +{ | |
| 71 | + if (cpu_has(c, X86_FEATURE_PCID)) { | |
| 72 | + if (cpu_has(c, X86_FEATURE_PGE)) { | |
| 73 | + cr4_set_bits(X86_CR4_PCIDE); | |
| 74 | + } else { | |
| 75 | + /* | |
| 76 | + * flush_tlb_all(), as currently implemented, won't | |
| 77 | + * work if PCID is on but PGE is not. Since that | |
| 78 | + * combination doesn't exist on real hardware, there's | |
| 79 | + * no reason to try to fully support it, but it's | |
| 80 | + * polite to avoid corrupting data if we're on | |
| 81 | + * an improperly configured VM. | |
| 82 | + */ | |
| 83 | + clear_cpu_cap(c, X86_FEATURE_PCID); | |
| 84 | + } | |
| 85 | + } | |
| 86 | +} | |
| 87 | + | |
| 88 | /* | |
| 89 | * Protection Keys are not available in 32-bit mode. | |
| 90 | */ | |
| 91 | @@ -1143,6 +1162,9 @@ static void identify_cpu(struct cpuinfo_x86 *c) | |
| 92 | setup_smep(c); | |
| 93 | setup_smap(c); | |
| 94 | ||
| 95 | + /* Set up PCID */ | |
| 96 | + setup_pcid(c); | |
| 97 | + | |
| 98 | /* | |
| 99 | * The vendor-specific functions might have changed features. | |
| 100 | * Now we do "generic changes." | |
| 101 | diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c | |
| 102 | index 811e4ddb3f37..290bc5ac9852 100644 | |
| 103 | --- a/arch/x86/xen/enlighten_pv.c | |
| 104 | +++ b/arch/x86/xen/enlighten_pv.c | |
| 105 | @@ -264,6 +264,12 @@ static void __init xen_init_capabilities(void) | |
| 106 | setup_clear_cpu_cap(X86_FEATURE_ACC); | |
| 107 | setup_clear_cpu_cap(X86_FEATURE_X2APIC); | |
| 108 | ||
| 109 | + /* | |
| 110 | + * Xen PV would need some work to support PCID: CR3 handling as well | |
| 111 | + * as xen_flush_tlb_others() would need updating. | |
| 112 | + */ | |
| 113 | + setup_clear_cpu_cap(X86_FEATURE_PCID); | |
| 114 | + | |
| 115 | if (!xen_initial_domain()) | |
| 116 | setup_clear_cpu_cap(X86_FEATURE_ACPI); | |
| 117 | ||
| 118 | -- | |
| 119 | 2.14.2 | |
| 120 |