On Fri, Jan 19, 2018 at 04:22:48AM -0800, Jayachandran C wrote:
> Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in
> unmap_kernel_at_el0(). These CPUs are not vulnerable to
> CVE-2017-5754 and do not need KPTI when KASLR is off.
>
> Signed-off-by: Jayachandran C <jn...@caviumnetworks.com>
> ---
> arch/arm64/kernel/cpufeature.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 647d44b..fb698ca 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -866,6 +866,13 @@ static bool unmap_kernel_at_el0(const struct
> arm64_cpu_capabilities *entry,
> if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
> return true;
>
> + /* Don't force KPTI for CPUs that are not vulnerable */
> + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) {
> + case MIDR_CAVIUM_THUNDERX2:
> + case MIDR_BRCM_VULCAN:
> + return false;
> + }
> +
> /* Defer to CPU feature registers */
> return !cpuid_feature_extract_unsigned_field(pfr0,
> ID_AA64PFR0_CSV3_SHIFT);
We'll need to re-jig this to work properly with big/little because this is
only called once, but that's ok for now:
Acked-by: Will Deacon <will.dea...@arm.com>
Suzuki has a series reworking much of the cpufeatures code so that we can
do this properly for 4.17.
Will
