Home Explore Help
Register Sign In
Apq
/
pve-edge-kernel
mirror of https://github.com/fabianishere/pve-edge-kernel.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 59d5af6732
Branches Tags
pve-edge-kernel
/
patches
/
kernel
/
0016-x86-mm-Enable-CR4.PCIDE-on-supported-systems.patch

0016-x86-mm-Enable-CR4.PCIDE-on-supported-systems.patch 4.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
    2. 

  2. From: Andy Lutomirski <[email protected]>
    3. 

  3. Date: Thu, 29 Jun 2017 08:53:21 -0700
    4. 

  4. Subject: [PATCH] x86/mm: Enable CR4.PCIDE on supported systems
    5. 

  5. MIME-Version: 1.0
    6. 

  6. Content-Type: text/plain; charset=UTF-8
    7. 

  7. Content-Transfer-Encoding: 8bit
    8. 

  8. 

  9. CVE-2017-5754
    10. 

  10. 

  11. We can use PCID if the CPU has PCID and PGE and we're not on Xen.
    12. 

  12. 

  13. By itself, this has no effect. A followup patch will start using PCID.
    14. 

  14. 

  15. Signed-off-by: Andy Lutomirski <[email protected]>
    16. 

  16. Reviewed-by: Nadav Amit <[email protected]>
    17. 

  17. Reviewed-by: Boris Ostrovsky <[email protected]>
    18. 

  18. Reviewed-by: Thomas Gleixner <[email protected]>
    19. 

  19. Cc: Andrew Morton <[email protected]>
    20. 

  20. Cc: Arjan van de Ven <[email protected]>
    21. 

  21. Cc: Borislav Petkov <[email protected]>
    22. 

  22. Cc: Dave Hansen <[email protected]>
    23. 

  23. Cc: Juergen Gross <[email protected]>
    24. 

  24. Cc: Linus Torvalds <[email protected]>
    25. 

  25. Cc: Mel Gorman <[email protected]>
    26. 

  26. Cc: Peter Zijlstra <[email protected]>
    27. 

  27. Cc: Rik van Riel <[email protected]>
    28. 

  28. Cc: [email protected]
    29. 

  29. Link: http://lkml.kernel.org/r/6327ecd907b32f79d5aa0d466f04503bbec5df88.1498751203.git.luto@kernel.org
    30. 

  30. Signed-off-by: Ingo Molnar <[email protected]>
    31. 

  31. (cherry picked from commit 660da7c9228f685b2ebe664f9fd69aaddcc420b5)
    32. 

  32. Signed-off-by: Andy Whitcroft <[email protected]>
    33. 

  33. Signed-off-by: Kleber Sacilotto de Souza <[email protected]>
    34. 

  34. (cherry picked from commit 7d6bbe5528395f18de50bd2532843546c849883d)
    35. 

  35. Signed-off-by: Fabian Grünbichler <[email protected]>
    36. 

  36. ---
    37. 

  37.  arch/x86/include/asm/tlbflush.h |  8 ++++++++
    38. 

  38.  arch/x86/kernel/cpu/common.c    | 22 ++++++++++++++++++++++
    39. 

  39.  arch/x86/xen/enlighten_pv.c     |  6 ++++++
    40. 

  40.  3 files changed, 36 insertions(+)
    41. 

  41. 

  42. diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
    43. 

  43. index 50ea3482e1d1..2b3d68093235 100644
    44. 

  44. --- a/arch/x86/include/asm/tlbflush.h
    45. 

  45. +++ b/arch/x86/include/asm/tlbflush.h
    46. 

  46. @@ -207,6 +207,14 @@ static inline void __flush_tlb_all(void)
    47. 

  47.  		__flush_tlb_global();
    48. 

  48.  	else
    49. 

  49.  		__flush_tlb();
    50. 

  50. +
    51. 

  51. +	/*
    52. 

  52. +	 * Note: if we somehow had PCID but not PGE, then this wouldn't work --
    53. 

  53. +	 * we'd end up flushing kernel translations for the current ASID but
    54. 

  54. +	 * we might fail to flush kernel translations for other cached ASIDs.
    55. 

  55. +	 *
    56. 

  56. +	 * To avoid this issue, we force PCID off if PGE is off.
    57. 

  57. +	 */
    58. 

  58.  }
    59. 

  59.  
    60. 

  60.  static inline void __flush_tlb_one(unsigned long addr)
    61. 

  61. diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
    62. 

  62. index 904485e7b230..b95cd94ca97b 100644
    63. 

  63. --- a/arch/x86/kernel/cpu/common.c
    64. 

  64. +++ b/arch/x86/kernel/cpu/common.c
    65. 

  65. @@ -329,6 +329,25 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
    66. 

  66.  	}
    67. 

  67.  }
    68. 

  68.  
    69. 

  69. +static void setup_pcid(struct cpuinfo_x86 *c)
    70. 

  70. +{
    71. 

  71. +	if (cpu_has(c, X86_FEATURE_PCID)) {
    72. 

  72. +		if (cpu_has(c, X86_FEATURE_PGE)) {
    73. 

  73. +			cr4_set_bits(X86_CR4_PCIDE);
    74. 

  74. +		} else {
    75. 

  75. +			/*
    76. 

  76. +			 * flush_tlb_all(), as currently implemented, won't
    77. 

  77. +			 * work if PCID is on but PGE is not.  Since that
    78. 

  78. +			 * combination doesn't exist on real hardware, there's
    79. 

  79. +			 * no reason to try to fully support it, but it's
    80. 

  80. +			 * polite to avoid corrupting data if we're on
    81. 

  81. +			 * an improperly configured VM.
    82. 

  82. +			 */
    83. 

  83. +			clear_cpu_cap(c, X86_FEATURE_PCID);
    84. 

  84. +		}
    85. 

  85. +	}
    86. 

  86. +}
    87. 

  87. +
    88. 

  88.  /*
    89. 

  89.   * Protection Keys are not available in 32-bit mode.
    90. 

  90.   */
    91. 

  91. @@ -1143,6 +1162,9 @@ static void identify_cpu(struct cpuinfo_x86 *c)
    92. 

  92.  	setup_smep(c);
    93. 

  93.  	setup_smap(c);
    94. 

  94.  
    95. 

  95. +	/* Set up PCID */
    96. 

  96. +	setup_pcid(c);
    97. 

  97. +
    98. 

  98.  	/*
    99. 

  99.  	 * The vendor-specific functions might have changed features.
    100. 

  100.  	 * Now we do "generic changes."
    101. 

  101. diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c
    102. 

  102. index 811e4ddb3f37..290bc5ac9852 100644
    103. 

  103. --- a/arch/x86/xen/enlighten_pv.c
    104. 

  104. +++ b/arch/x86/xen/enlighten_pv.c
    105. 

  105. @@ -264,6 +264,12 @@ static void __init xen_init_capabilities(void)
    106. 

  106.  	setup_clear_cpu_cap(X86_FEATURE_ACC);
    107. 

  107.  	setup_clear_cpu_cap(X86_FEATURE_X2APIC);
    108. 

  108.  
    109. 

  109. +	/*
    110. 

  110. +	 * Xen PV would need some work to support PCID: CR3 handling as well
    111. 

  111. +	 * as xen_flush_tlb_others() would need updating.
    112. 

  112. +	 */
    113. 

  113. +	setup_clear_cpu_cap(X86_FEATURE_PCID);
    114. 

  114. +
    115. 

  115.  	if (!xen_initial_domain())
    116. 

  116.  		setup_clear_cpu_cap(X86_FEATURE_ACPI);
    117. 

  117.  
    118. 

  118. -- 
    119. 

  119. 2.14.2
    120. 

  120.