[linux] 01/01: Update KPTI patches to match 3.16.53-rc2
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Mon Jan 8 22:24:35 UTC 2018
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch jessie-security
in repository linux.
commit cfc09e68e64a1a0846d6d0c4d91f97282c92d3a1
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Mon Jan 8 22:13:38 2018 +0000
Update KPTI patches to match 3.16.53-rc2
---
...rivers-vhost-fix-mmu_context.h-assumption.patch | 27 ++
...dd-nokaiser-boot-option-using-alternative.patch | 24 +-
...sm-tlbflush.h-handle-nopge-at-lower-level.patch | 8 +-
...er_flush_tlb_on_return_to_user-check-pcid.patch | 4 +-
.../all/kpti/kaiser-kernel-address-isolation.patch | 16 +-
.../all/kpti/kaiser-x86-fix-nmi-handling.patch | 44 +++
.../kpti/kpti-rename-to-page_table_isolation.patch | 2 +-
.../all/kpti/x86-clean-up-cr4-manipulation.patch | 423 +++++++++++++++++++++
...-64-fix-reboot-interaction-with-cr4.pcide.patch | 2 +-
...-mm-enable-cr4.pcide-on-supported-systems.patch | 5 +-
...available-use-it-to-flush-global-mappings.patch | 2 +-
...t-flush_tlb_page-using-flush_tlb_mm_range.patch | 2 +-
...move-flush_tlb-and-flush_tlb_current_task.patch | 6 +-
...h.h-code-always-use-the-formerly-smp-code.patch | 4 +-
debian/patches/series | 3 +
15 files changed, 533 insertions(+), 39 deletions(-)
diff --git a/debian/patches/bugfix/all/kpti/drivers-vhost-fix-mmu_context.h-assumption.patch b/debian/patches/bugfix/all/kpti/drivers-vhost-fix-mmu_context.h-assumption.patch
new file mode 100644
index 0000000..12c3184
--- /dev/null
+++ b/debian/patches/bugfix/all/kpti/drivers-vhost-fix-mmu_context.h-assumption.patch
@@ -0,0 +1,27 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Date: Fri, 05 Jan 2018 17:46:15 +0000
+Subject: drivers/vhost: Fix mmu_context.h assumption
+
+Some architectures (such as Alpha) rely on include/linux/sched.h definitions
+in their mmu_context.h files.
+
+So include sched.h before mmu_context.h.
+
+(This doesn't seem to be needed upstream, though a similar problem was
+fixed by commit 8efd755ac2fe "mm/mmu_context, sched/core: Fix mmu_context.h
+assumption".)
+
+Cc: Ingo Molnar <mingo at kernel.org>
+Cc: Hugh Dickins <hughd at google.com>
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+--- a/drivers/vhost/vhost.c
++++ b/drivers/vhost/vhost.c
+@@ -15,6 +15,7 @@
+ #include <linux/vhost.h>
+ #include <linux/uio.h>
+ #include <linux/mm.h>
++#include <linux/sched.h>
+ #include <linux/mmu_context.h>
+ #include <linux/miscdevice.h>
+ #include <linux/mutex.h>
diff --git a/debian/patches/bugfix/all/kpti/kaiser-add-nokaiser-boot-option-using-alternative.patch b/debian/patches/bugfix/all/kpti/kaiser-add-nokaiser-boot-option-using-alternative.patch
index de4e698..218023a 100644
--- a/debian/patches/bugfix/all/kpti/kaiser-add-nokaiser-boot-option-using-alternative.patch
+++ b/debian/patches/bugfix/all/kpti/kaiser-add-nokaiser-boot-option-using-alternative.patch
@@ -36,9 +36,7 @@ BSP and auxiliaries - BSP alone was adding PSE, in probe_page_size_mask().
(cherry picked from Change-Id: I8e5bec716944444359cbd19f6729311eff943e9a)
Signed-off-by: Hugh Dickins <hughd at google.com>
-[bwh: Backported to 3.16:
- - Use set_in_cr4()
- - Adjust context]
+[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
---
Documentation/kernel-parameters.txt | 2 ++
@@ -240,7 +238,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
#define _PAGE_PAT (_AT(pteval_t, 1) << _PAGE_BIT_PAT)
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -69,9 +69,11 @@ static inline void invpcid_flush_all_non
+@@ -106,9 +106,11 @@ static inline void cr4_set_bits_and_upda
* to avoid the need for asm/kaiser.h in unexpected places.
*/
#ifdef CONFIG_KAISER
@@ -252,7 +250,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
static inline void kaiser_setup_pcid(void)
{
}
-@@ -96,7 +98,7 @@ static inline void __native_flush_tlb(vo
+@@ -133,7 +135,7 @@ static inline void __native_flush_tlb(vo
* back:
*/
preempt_disable();
@@ -261,7 +259,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
kaiser_flush_tlb_on_return_to_user();
native_write_cr3(native_read_cr3());
preempt_enable();
-@@ -107,20 +109,30 @@ static inline void __native_flush_tlb_gl
+@@ -144,20 +146,30 @@ static inline void __native_flush_tlb_gl
unsigned long cr4;
cr4 = native_read_cr4();
@@ -300,7 +298,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
if (this_cpu_has(X86_FEATURE_INVPCID)) {
/*
* Using INVPCID is considerably faster than a pair of writes
-@@ -140,7 +152,6 @@ static inline void __native_flush_tlb_gl
+@@ -177,7 +189,6 @@ static inline void __native_flush_tlb_gl
raw_local_irq_save(flags);
__native_flush_tlb_global_irq_disabled();
raw_local_irq_restore(flags);
@@ -308,7 +306,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
}
static inline void __native_flush_tlb_single(unsigned long addr)
-@@ -155,7 +166,7 @@ static inline void __native_flush_tlb_si
+@@ -192,7 +203,7 @@ static inline void __native_flush_tlb_si
*/
if (!this_cpu_has(X86_FEATURE_INVPCID_SINGLE)) {
@@ -317,7 +315,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
kaiser_flush_tlb_on_return_to_user();
asm volatile("invlpg (%0)" ::"r" (addr) : "memory");
return;
-@@ -170,9 +181,9 @@ static inline void __native_flush_tlb_si
+@@ -207,9 +218,9 @@ static inline void __native_flush_tlb_si
* Make sure to do only a single invpcid when KAISER is
* disabled and we have only a single ASID.
*/
@@ -359,7 +357,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
if (cpu_has(c, X86_FEATURE_PCID)) {
- if (cpu_has(c, X86_FEATURE_PGE)) {
+ if (cpu_has(c, X86_FEATURE_PGE) || kaiser_enabled) {
- set_in_cr4(X86_CR4_PCIDE);
+ cr4_set_bits(X86_CR4_PCIDE);
/*
* INVPCID has two "groups" of types:
@@ -719,6 +733,10 @@ void get_cpu_cap(struct cpuinfo_x86 *c)
@@ -383,7 +381,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+ * probe_page_size_mask() sets it on the boot cpu,
+ * but it needs to be set on each secondary cpu.
+ */
-+ set_in_cr4(X86_CR4_PGE);
++ cr4_set_bits(X86_CR4_PGE);
+ }
+
/*
@@ -490,12 +488,12 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/mm/init.c
+++ b/arch/x86/mm/init.c
@@ -140,7 +140,7 @@ static void __init probe_page_size_mask(
- set_in_cr4(X86_CR4_PSE);
+ cr4_set_bits_and_update_boot(X86_CR4_PSE);
/* Enable PGE if available */
- if (cpu_has_pge) {
+ if (cpu_has_pge && !kaiser_enabled) {
- set_in_cr4(X86_CR4_PGE);
+ cr4_set_bits_and_update_boot(X86_CR4_PGE);
__supported_pte_mask |= _PAGE_GLOBAL;
}
--- a/arch/x86/mm/init_64.c
diff --git a/debian/patches/bugfix/all/kpti/kaiser-asm-tlbflush.h-handle-nopge-at-lower-level.patch b/debian/patches/bugfix/all/kpti/kaiser-asm-tlbflush.h-handle-nopge-at-lower-level.patch
index 2ae714f..08ee040 100644
--- a/debian/patches/bugfix/all/kpti/kaiser-asm-tlbflush.h-handle-nopge-at-lower-level.patch
+++ b/debian/patches/bugfix/all/kpti/kaiser-asm-tlbflush.h-handle-nopge-at-lower-level.patch
@@ -26,7 +26,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -84,14 +84,6 @@ static inline void kaiser_flush_tlb_on_r
+@@ -121,14 +121,6 @@ static inline void kaiser_flush_tlb_on_r
static inline void __native_flush_tlb(void)
{
@@ -41,7 +41,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
/*
* If current->mm == NULL then we borrow a mm which may change during a
* task switch and therefore we must not be preempted while we write CR3
-@@ -115,11 +107,8 @@ static inline void __native_flush_tlb_gl
+@@ -152,11 +144,8 @@ static inline void __native_flush_tlb_gl
/* restore PGE as it was before */
native_write_cr4(cr4);
} else {
@@ -55,7 +55,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
}
}
-@@ -127,12 +116,6 @@ static inline void __native_flush_tlb_gl
+@@ -164,12 +153,6 @@ static inline void __native_flush_tlb_gl
{
unsigned long flags;
@@ -68,7 +68,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
if (this_cpu_has(X86_FEATURE_INVPCID)) {
/*
* Using INVPCID is considerably faster than a pair of writes
-@@ -188,11 +171,7 @@ static inline void __native_flush_tlb_si
+@@ -225,11 +208,7 @@ static inline void __native_flush_tlb_si
static inline void __flush_tlb_all(void)
{
diff --git a/debian/patches/bugfix/all/kpti/kaiser-kaiser_flush_tlb_on_return_to_user-check-pcid.patch b/debian/patches/bugfix/all/kpti/kaiser-kaiser_flush_tlb_on_return_to_user-check-pcid.patch
index 83e1526..4dd49f1 100644
--- a/debian/patches/bugfix/all/kpti/kaiser-kaiser_flush_tlb_on_return_to_user-check-pcid.patch
+++ b/debian/patches/bugfix/all/kpti/kaiser-kaiser_flush_tlb_on_return_to_user-check-pcid.patch
@@ -20,7 +20,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -90,7 +90,7 @@ static inline void __native_flush_tlb(vo
+@@ -127,7 +127,7 @@ static inline void __native_flush_tlb(vo
* back:
*/
preempt_disable();
@@ -29,7 +29,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
kaiser_flush_tlb_on_return_to_user();
native_write_cr3(native_read_cr3());
preempt_enable();
-@@ -149,7 +149,7 @@ static inline void __native_flush_tlb_si
+@@ -186,7 +186,7 @@ static inline void __native_flush_tlb_si
*/
if (!this_cpu_has(X86_FEATURE_INVPCID_SINGLE)) {
diff --git a/debian/patches/bugfix/all/kpti/kaiser-kernel-address-isolation.patch b/debian/patches/bugfix/all/kpti/kaiser-kernel-address-isolation.patch
index e08cd41..b0b3870 100644
--- a/debian/patches/bugfix/all/kpti/kaiser-kernel-address-isolation.patch
+++ b/debian/patches/bugfix/all/kpti/kaiser-kernel-address-isolation.patch
@@ -504,7 +504,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
/*
* Save the original ist values for checking stack pointers during debugging
-@@ -929,7 +929,7 @@ extern unsigned long KSTK_ESP(struct tas
+@@ -896,7 +896,7 @@ extern unsigned long KSTK_ESP(struct tas
/*
* User space RSP while inside the SYSCALL fast path
*/
@@ -515,9 +515,9 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -64,14 +64,40 @@ static inline void invpcid_flush_all_non
- #define __flush_tlb_single(addr) __native_flush_tlb_single(addr)
- #endif
+@@ -101,14 +101,40 @@ static inline void cr4_set_bits_and_upda
+ cr4_set_bits(mask);
+ }
+/*
+ * Declare a couple of kaiser interfaces here for convenience,
@@ -556,7 +556,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
native_write_cr3(native_read_cr3());
preempt_enable();
}
-@@ -89,12 +115,18 @@ static inline void __native_flush_tlb_gl
+@@ -126,12 +152,18 @@ static inline void __native_flush_tlb_gl
static inline void __native_flush_tlb_global(void)
{
@@ -576,7 +576,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
*/
invpcid_flush_all();
return;
-@@ -106,15 +138,41 @@ static inline void __native_flush_tlb_gl
+@@ -143,15 +175,41 @@ static inline void __native_flush_tlb_gl
* be called from deep inside debugging code.)
*/
raw_local_irq_save(flags);
@@ -647,7 +647,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
@@ -335,6 +335,19 @@ static void setup_pcid(struct cpuinfo_x8
if (cpu_has(c, X86_FEATURE_PCID)) {
if (cpu_has(c, X86_FEATURE_PGE)) {
- set_in_cr4(X86_CR4_PCIDE);
+ cr4_set_bits(X86_CR4_PCIDE);
+ /*
+ * INVPCID has two "groups" of types:
+ * 1/2: Invalidate an individual address
@@ -1286,7 +1286,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
/*
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
-@@ -37,7 +37,7 @@
+@@ -38,7 +38,7 @@
* section. Since TSS's are completely CPU-local, we want them
* on exact cacheline boundaries, to eliminate cacheline ping-pong.
*/
diff --git a/debian/patches/bugfix/all/kpti/kaiser-x86-fix-nmi-handling.patch b/debian/patches/bugfix/all/kpti/kaiser-x86-fix-nmi-handling.patch
new file mode 100644
index 0000000..aefd0b1
--- /dev/null
+++ b/debian/patches/bugfix/all/kpti/kaiser-x86-fix-nmi-handling.patch
@@ -0,0 +1,44 @@
+From: Jiri Kosina <jkosina at suse.cz>
+Date: Wed, 3 Jan 2018 15:20:04 +0100
+Subject: kaiser: x86: Fix NMI handling
+
+On Mon, 4 Dec 2017, Hugh Dickins wrote:
+
+> kaiser-3.18.72.tar
+
+Hi Hugh,
+
+this hunk from 0024-kaiser-merged-update.patch:
+
+ - SWITCH_KERNEL_CR3_NO_STACK
+ + /*
+ + * percpu variables are mapped with user CR3, so no need
+ + * to switch CR3 here.
+ + */
+ cld
+ movq %rsp, %rdx
+ movq PER_CPU_VAR(kernel_stack), %rsp
+
+is problematic, as the patchset actually never user-maps kernel_stack
+percpu variable, and therefore crashes on NMIs.
+
+The patch below is needed to make NMIs work properly.
+
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+ arch/x86/kernel/cpu/common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
+index 51b99c85f960..59e549922dae 100644
+--- a/arch/x86/kernel/cpu/common.c
++++ b/arch/x86/kernel/cpu/common.c
+@@ -1180,7 +1180,7 @@ static __init int setup_disablecpuid(char *arg)
+ }
+ __setup("clearcpuid=", setup_disablecpuid);
+
+-DEFINE_PER_CPU(unsigned long, kernel_stack) =
++DEFINE_PER_CPU_USER_MAPPED(unsigned long, kernel_stack) =
+ (unsigned long)&init_thread_union - KERNEL_STACK_OFFSET + THREAD_SIZE;
+ EXPORT_PER_CPU_SYMBOL(kernel_stack);
+
diff --git a/debian/patches/bugfix/all/kpti/kpti-rename-to-page_table_isolation.patch b/debian/patches/bugfix/all/kpti/kpti-rename-to-page_table_isolation.patch
index dcc1341..b9f320c 100644
--- a/debian/patches/bugfix/all/kpti/kpti-rename-to-page_table_isolation.patch
+++ b/debian/patches/bugfix/all/kpti/kpti-rename-to-page_table_isolation.patch
@@ -147,7 +147,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -68,7 +68,7 @@ static inline void invpcid_flush_all_non
+@@ -105,7 +105,7 @@ static inline void cr4_set_bits_and_upda
* Declare a couple of kaiser interfaces here for convenience,
* to avoid the need for asm/kaiser.h in unexpected places.
*/
diff --git a/debian/patches/bugfix/all/kpti/x86-clean-up-cr4-manipulation.patch b/debian/patches/bugfix/all/kpti/x86-clean-up-cr4-manipulation.patch
new file mode 100644
index 0000000..06c52b6
--- /dev/null
+++ b/debian/patches/bugfix/all/kpti/x86-clean-up-cr4-manipulation.patch
@@ -0,0 +1,423 @@
+From: Andy Lutomirski <luto at amacapital.net>
+Date: Fri, 24 Oct 2014 15:58:07 -0700
+Subject: x86: Clean up cr4 manipulation
+
+commit 375074cc736ab1d89a708c0a8d7baa4a70d5d476 upstream.
+
+CR4 manipulation was split, seemingly at random, between direct
+(write_cr4) and using a helper (set/clear_in_cr4). Unfortunately,
+the set_in_cr4 and clear_in_cr4 helpers also poke at the boot code,
+which only a small subset of users actually wanted.
+
+This patch replaces all cr4 access in functions that don't leave cr4
+exactly the way they found it with new helpers cr4_set_bits,
+cr4_clear_bits, and cr4_set_bits_and_update_boot.
+
+Signed-off-by: Andy Lutomirski <luto at amacapital.net>
+Reviewed-by: Thomas Gleixner <tglx at linutronix.de>
+Signed-off-by: Peter Zijlstra (Intel) <peterz at infradead.org>
+Cc: Andrea Arcangeli <aarcange at redhat.com>
+Cc: Vince Weaver <vince at deater.net>
+Cc: "hillf.zj" <hillf.zj at alibaba-inc.com>
+Cc: Valdis Kletnieks <Valdis.Kletnieks at vt.edu>
+Cc: Paul Mackerras <paulus at samba.org>
+Cc: Arnaldo Carvalho de Melo <acme at kernel.org>
+Cc: Kees Cook <keescook at chromium.org>
+Cc: Linus Torvalds <torvalds at linux-foundation.org>
+Link: http://lkml.kernel.org/r/495a10bdc9e67016b8fd3945700d46cfd5c12c2f.1414190806.git.luto@amacapital.net
+Signed-off-by: Ingo Molnar <mingo at kernel.org>
+[bwh: Backported to 3.16: adjust context]
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+ arch/x86/include/asm/processor.h | 33 --------------------------------
+ arch/x86/include/asm/tlbflush.h | 37 ++++++++++++++++++++++++++++++++++++
+ arch/x86/include/asm/virtext.h | 3 ++-
+ arch/x86/kernel/cpu/common.c | 10 +++++-----
+ arch/x86/kernel/cpu/mcheck/mce.c | 3 ++-
+ arch/x86/kernel/cpu/mcheck/p5.c | 3 ++-
+ arch/x86/kernel/cpu/mcheck/winchip.c | 3 ++-
+ arch/x86/kernel/cpu/perf_event.c | 7 ++++---
+ arch/x86/kernel/i387.c | 3 ++-
+ arch/x86/kernel/process.c | 5 +++--
+ arch/x86/kernel/xsave.c | 3 ++-
+ arch/x86/kvm/vmx.c | 4 ++--
+ arch/x86/mm/init.c | 4 ++--
+ arch/x86/xen/enlighten.c | 4 ++--
+ drivers/lguest/x86/core.c | 5 +++--
+ 15 files changed, 70 insertions(+), 57 deletions(-)
+
+--- a/arch/x86/include/asm/processor.h
++++ b/arch/x86/include/asm/processor.h
+@@ -578,39 +578,6 @@ static inline void load_sp0(struct tss_s
+ #define set_iopl_mask native_set_iopl_mask
+ #endif /* CONFIG_PARAVIRT */
+
+-/*
+- * Save the cr4 feature set we're using (ie
+- * Pentium 4MB enable and PPro Global page
+- * enable), so that any CPU's that boot up
+- * after us can get the correct flags.
+- */
+-extern unsigned long mmu_cr4_features;
+-extern u32 *trampoline_cr4_features;
+-
+-static inline void set_in_cr4(unsigned long mask)
+-{
+- unsigned long cr4;
+-
+- mmu_cr4_features |= mask;
+- if (trampoline_cr4_features)
+- *trampoline_cr4_features = mmu_cr4_features;
+- cr4 = read_cr4();
+- cr4 |= mask;
+- write_cr4(cr4);
+-}
+-
+-static inline void clear_in_cr4(unsigned long mask)
+-{
+- unsigned long cr4;
+-
+- mmu_cr4_features &= ~mask;
+- if (trampoline_cr4_features)
+- *trampoline_cr4_features = mmu_cr4_features;
+- cr4 = read_cr4();
+- cr4 &= ~mask;
+- write_cr4(cr4);
+-}
+-
+ typedef struct {
+ unsigned long seg;
+ } mm_segment_t;
+--- a/arch/x86/include/asm/tlbflush.h
++++ b/arch/x86/include/asm/tlbflush.h
+@@ -15,6 +15,43 @@
+ #define __flush_tlb_single(addr) __native_flush_tlb_single(addr)
+ #endif
+
++/* Set in this cpu's CR4. */
++static inline void cr4_set_bits(unsigned long mask)
++{
++ unsigned long cr4;
++
++ cr4 = read_cr4();
++ cr4 |= mask;
++ write_cr4(cr4);
++}
++
++/* Clear in this cpu's CR4. */
++static inline void cr4_clear_bits(unsigned long mask)
++{
++ unsigned long cr4;
++
++ cr4 = read_cr4();
++ cr4 &= ~mask;
++ write_cr4(cr4);
++}
++
++/*
++ * Save some of cr4 feature set we're using (e.g. Pentium 4MB
++ * enable and PPro Global page enable), so that any CPU's that boot
++ * up after us can get the correct flags. This should only be used
++ * during boot on the boot cpu.
++ */
++extern unsigned long mmu_cr4_features;
++extern u32 *trampoline_cr4_features;
++
++static inline void cr4_set_bits_and_update_boot(unsigned long mask)
++{
++ mmu_cr4_features |= mask;
++ if (trampoline_cr4_features)
++ *trampoline_cr4_features = mmu_cr4_features;
++ cr4_set_bits(mask);
++}
++
+ static inline void __native_flush_tlb(void)
+ {
+ /*
+--- a/arch/x86/include/asm/virtext.h
++++ b/arch/x86/include/asm/virtext.h
+@@ -19,6 +19,7 @@
+
+ #include <asm/vmx.h>
+ #include <asm/svm.h>
++#include <asm/tlbflush.h>
+
+ /*
+ * VMX functions:
+@@ -40,7 +41,7 @@ static inline int cpu_has_vmx(void)
+ static inline void cpu_vmxoff(void)
+ {
+ asm volatile (ASM_VMX_VMXOFF : : : "cc");
+- write_cr4(read_cr4() & ~X86_CR4_VMXE);
++ cr4_clear_bits(X86_CR4_VMXE);
+ }
+
+ static inline int cpu_vmx_enabled(void)
+--- a/arch/x86/kernel/cpu/common.c
++++ b/arch/x86/kernel/cpu/common.c
+@@ -270,7 +270,7 @@ __setup("nosmep", setup_disable_smep);
+ static __always_inline void setup_smep(struct cpuinfo_x86 *c)
+ {
+ if (cpu_has(c, X86_FEATURE_SMEP))
+- set_in_cr4(X86_CR4_SMEP);
++ cr4_set_bits(X86_CR4_SMEP);
+ }
+
+ static __init int setup_disable_smap(char *arg)
+@@ -289,9 +289,9 @@ static __always_inline void setup_smap(s
+
+ if (cpu_has(c, X86_FEATURE_SMAP)) {
+ #ifdef CONFIG_X86_SMAP
+- set_in_cr4(X86_CR4_SMAP);
++ cr4_set_bits(X86_CR4_SMAP);
+ #else
+- clear_in_cr4(X86_CR4_SMAP);
++ cr4_clear_bits(X86_CR4_SMAP);
+ #endif
+ }
+ }
+@@ -1291,7 +1291,7 @@ void cpu_init(void)
+
+ pr_debug("Initializing CPU#%d\n", cpu);
+
+- clear_in_cr4(X86_CR4_VME|X86_CR4_PVI|X86_CR4_TSD|X86_CR4_DE);
++ cr4_clear_bits(X86_CR4_VME|X86_CR4_PVI|X86_CR4_TSD|X86_CR4_DE);
+
+ /*
+ * Initialize the per-CPU GDT with the boot GDT,
+@@ -1376,7 +1376,7 @@ void cpu_init(void)
+ printk(KERN_INFO "Initializing CPU#%d\n", cpu);
+
+ if (cpu_has_vme || cpu_has_tsc || cpu_has_de)
+- clear_in_cr4(X86_CR4_VME|X86_CR4_PVI|X86_CR4_TSD|X86_CR4_DE);
++ cr4_clear_bits(X86_CR4_VME|X86_CR4_PVI|X86_CR4_TSD|X86_CR4_DE);
+
+ load_current_idt();
+ switch_to_new_gdt(cpu);
+--- a/arch/x86/kernel/cpu/mcheck/mce.c
++++ b/arch/x86/kernel/cpu/mcheck/mce.c
+@@ -43,6 +43,7 @@
+ #include <linux/export.h>
+
+ #include <asm/processor.h>
++#include <asm/tlbflush.h>
+ #include <asm/mce.h>
+ #include <asm/msr.h>
+
+@@ -1470,7 +1471,7 @@ static void __mcheck_cpu_init_generic(vo
+ bitmap_fill(all_banks, MAX_NR_BANKS);
+ machine_check_poll(MCP_UC | m_fl, &all_banks);
+
+- set_in_cr4(X86_CR4_MCE);
++ cr4_set_bits(X86_CR4_MCE);
+
+ rdmsrl(MSR_IA32_MCG_CAP, cap);
+ if (cap & MCG_CTL_P)
+--- a/arch/x86/kernel/cpu/mcheck/p5.c
++++ b/arch/x86/kernel/cpu/mcheck/p5.c
+@@ -8,6 +8,7 @@
+ #include <linux/smp.h>
+
+ #include <asm/processor.h>
++#include <asm/tlbflush.h>
+ #include <asm/mce.h>
+ #include <asm/msr.h>
+
+@@ -59,7 +60,7 @@ void intel_p5_mcheck_init(struct cpuinfo
+ "Intel old style machine check architecture supported.\n");
+
+ /* Enable MCE: */
+- set_in_cr4(X86_CR4_MCE);
++ cr4_set_bits(X86_CR4_MCE);
+ printk(KERN_INFO
+ "Intel old style machine check reporting enabled on CPU#%d.\n",
+ smp_processor_id());
+--- a/arch/x86/kernel/cpu/mcheck/winchip.c
++++ b/arch/x86/kernel/cpu/mcheck/winchip.c
+@@ -7,6 +7,7 @@
+ #include <linux/types.h>
+
+ #include <asm/processor.h>
++#include <asm/tlbflush.h>
+ #include <asm/mce.h>
+ #include <asm/msr.h>
+
+@@ -31,7 +32,7 @@ void winchip_mcheck_init(struct cpuinfo_
+ lo &= ~(1<<4); /* Enable MCE */
+ wrmsr(MSR_IDT_FCR1, lo, hi);
+
+- set_in_cr4(X86_CR4_MCE);
++ cr4_set_bits(X86_CR4_MCE);
+
+ printk(KERN_INFO
+ "Winchip machine check reporting enabled on CPU#0.\n");
+--- a/arch/x86/kernel/cpu/perf_event.c
++++ b/arch/x86/kernel/cpu/perf_event.c
+@@ -31,6 +31,7 @@
+ #include <asm/nmi.h>
+ #include <asm/smp.h>
+ #include <asm/alternative.h>
++#include <asm/tlbflush.h>
+ #include <asm/mmu_context.h>
+ #include <asm/timer.h>
+ #include <asm/desc.h>
+@@ -1340,7 +1341,7 @@ x86_pmu_notifier(struct notifier_block *
+
+ case CPU_STARTING:
+ if (x86_pmu.attr_rdpmc)
+- set_in_cr4(X86_CR4_PCE);
++ cr4_set_bits(X86_CR4_PCE);
+ if (x86_pmu.cpu_starting)
+ x86_pmu.cpu_starting(cpu);
+ break;
+@@ -1855,9 +1856,9 @@ static void change_rdpmc(void *info)
+ bool enable = !!(unsigned long)info;
+
+ if (enable)
+- set_in_cr4(X86_CR4_PCE);
++ cr4_set_bits(X86_CR4_PCE);
+ else
+- clear_in_cr4(X86_CR4_PCE);
++ cr4_clear_bits(X86_CR4_PCE);
+ }
+
+ static ssize_t set_attr_rdpmc(struct device *cdev,
+--- a/arch/x86/kernel/i387.c
++++ b/arch/x86/kernel/i387.c
+@@ -13,6 +13,7 @@
+ #include <asm/sigcontext.h>
+ #include <asm/processor.h>
+ #include <asm/math_emu.h>
++#include <asm/tlbflush.h>
+ #include <asm/uaccess.h>
+ #include <asm/ptrace.h>
+ #include <asm/i387.h>
+@@ -181,7 +182,7 @@ void fpu_init(void)
+ if (cpu_has_xmm)
+ cr4_mask |= X86_CR4_OSXMMEXCPT;
+ if (cr4_mask)
+- set_in_cr4(cr4_mask);
++ cr4_set_bits(cr4_mask);
+
+ cr0 = read_cr0();
+ cr0 &= ~(X86_CR0_TS|X86_CR0_EM); /* clear TS and EM */
+--- a/arch/x86/kernel/process.c
++++ b/arch/x86/kernel/process.c
+@@ -29,6 +29,7 @@
+ #include <asm/fpu-internal.h>
+ #include <asm/debugreg.h>
+ #include <asm/nmi.h>
++#include <asm/tlbflush.h>
+
+ /*
+ * per-CPU TSS segments. Threads are completely 'soft' on Linux,
+@@ -139,7 +140,7 @@ void flush_thread(void)
+
+ static void hard_disable_TSC(void)
+ {
+- write_cr4(read_cr4() | X86_CR4_TSD);
++ cr4_set_bits(X86_CR4_TSD);
+ }
+
+ void disable_TSC(void)
+@@ -156,7 +157,7 @@ void disable_TSC(void)
+
+ static void hard_enable_TSC(void)
+ {
+- write_cr4(read_cr4() & ~X86_CR4_TSD);
++ cr4_clear_bits(X86_CR4_TSD);
+ }
+
+ static void enable_TSC(void)
+--- a/arch/x86/kernel/xsave.c
++++ b/arch/x86/kernel/xsave.c
+@@ -11,6 +11,7 @@
+ #include <asm/i387.h>
+ #include <asm/fpu-internal.h>
+ #include <asm/sigframe.h>
++#include <asm/tlbflush.h>
+ #include <asm/xcr.h>
+
+ /*
+@@ -450,7 +451,7 @@ static void prepare_fx_sw_frame(void)
+ */
+ static inline void xstate_enable(void)
+ {
+- set_in_cr4(X86_CR4_OSXSAVE);
++ cr4_set_bits(X86_CR4_OSXSAVE);
+ xsetbv(XCR_XFEATURE_ENABLED_MASK, pcntxt_mask);
+ }
+
+--- a/arch/x86/kvm/vmx.c
++++ b/arch/x86/kvm/vmx.c
+@@ -2738,7 +2738,7 @@ static int hardware_enable(void *garbage
+ /* enable and lock */
+ wrmsrl(MSR_IA32_FEATURE_CONTROL, old | test_bits);
+ }
+- write_cr4(read_cr4() | X86_CR4_VMXE); /* FIXME: not cpu hotplug safe */
++ cr4_set_bits(X86_CR4_VMXE);
+
+ if (vmm_exclusive) {
+ kvm_cpu_vmxon(phys_addr);
+@@ -2775,7 +2775,7 @@ static void hardware_disable(void *garba
+ vmclear_local_loaded_vmcss();
+ kvm_cpu_vmxoff();
+ }
+- write_cr4(read_cr4() & ~X86_CR4_VMXE);
++ cr4_clear_bits(X86_CR4_VMXE);
+ }
+
+ static __init int adjust_vmx_controls(u32 ctl_min, u32 ctl_opt,
+--- a/arch/x86/mm/init.c
++++ b/arch/x86/mm/init.c
+@@ -137,11 +137,11 @@ static void __init probe_page_size_mask(
+
+ /* Enable PSE if available */
+ if (cpu_has_pse)
+- set_in_cr4(X86_CR4_PSE);
++ cr4_set_bits_and_update_boot(X86_CR4_PSE);
+
+ /* Enable PGE if available */
+ if (cpu_has_pge) {
+- set_in_cr4(X86_CR4_PGE);
++ cr4_set_bits_and_update_boot(X86_CR4_PGE);
+ __supported_pte_mask |= _PAGE_GLOBAL;
+ }
+ }
+--- a/arch/x86/xen/enlighten.c
++++ b/arch/x86/xen/enlighten.c
+@@ -1526,10 +1526,10 @@ static void xen_pvh_set_cr_flags(int cpu
+ * set them here. For all, OSFXSR OSXMMEXCPT are set in fpu_init.
+ */
+ if (cpu_has_pse)
+- set_in_cr4(X86_CR4_PSE);
++ cr4_set_bits_and_update_boot(X86_CR4_PSE);
+
+ if (cpu_has_pge)
+- set_in_cr4(X86_CR4_PGE);
++ cr4_set_bits_and_update_boot(X86_CR4_PGE);
+ }
+
+ /*
+--- a/drivers/lguest/x86/core.c
++++ b/drivers/lguest/x86/core.c
+@@ -47,6 +47,7 @@
+ #include <asm/lguest.h>
+ #include <asm/uaccess.h>
+ #include <asm/i387.h>
++#include <asm/tlbflush.h>
+ #include "../lg.h"
+
+ static int cpu_had_pge;
+@@ -452,9 +453,9 @@ void lguest_arch_handle_trap(struct lg_c
+ static void adjust_pge(void *on)
+ {
+ if (on)
+- write_cr4(read_cr4() | X86_CR4_PGE);
++ cr4_set_bits(X86_CR4_PGE);
+ else
+- write_cr4(read_cr4() & ~X86_CR4_PGE);
++ cr4_clear_bits(X86_CR4_PGE);
+ }
+
+ /*H:020
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-64-fix-reboot-interaction-with-cr4.pcide.patch b/debian/patches/bugfix/all/kpti/x86-mm-64-fix-reboot-interaction-with-cr4.pcide.patch
index 7c8da71..57e46a4 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-64-fix-reboot-interaction-with-cr4.pcide.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-64-fix-reboot-interaction-with-cr4.pcide.patch
@@ -34,7 +34,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+
+ /* Exiting long mode will fail if CR4.PCIDE is set. */
+ if (static_cpu_has(X86_FEATURE_PCID))
-+ clear_in_cr4(X86_CR4_PCIDE);
++ cr4_clear_bits(X86_CR4_PCIDE);
#endif
/* Jump to the identity-mapped low memory code */
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-enable-cr4.pcide-on-supported-systems.patch b/debian/patches/bugfix/all/kpti/x86-mm-enable-cr4.pcide-on-supported-systems.patch
index 39a7067..a034722 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-enable-cr4.pcide-on-supported-systems.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-enable-cr4.pcide-on-supported-systems.patch
@@ -29,7 +29,6 @@ Signed-off-by: Ingo Molnar <mingo at kernel.org>
- arch/x86/xen/enlighten.c (patched instead of that)]
Signed-off-by: Hugh Dickins <hughd at google.com>
[Borislav Petkov: Fix bad backport to disable PCID on Xen]
-[bwh: Backported to 3.16: use set_in_cr4()]
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
---
arch/x86/include/asm/tlbflush.h | 8 ++++++++
@@ -39,7 +38,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -123,6 +123,14 @@ static inline void __flush_tlb_all(void)
+@@ -160,6 +160,14 @@ static inline void __flush_tlb_all(void)
__flush_tlb_global();
else
__flush_tlb();
@@ -64,7 +63,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+{
+ if (cpu_has(c, X86_FEATURE_PCID)) {
+ if (cpu_has(c, X86_FEATURE_PGE)) {
-+ set_in_cr4(X86_CR4_PCIDE);
++ cr4_set_bits(X86_CR4_PCIDE);
+ } else {
+ /*
+ * flush_tlb_all(), as currently implemented, won't
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-if-invpcid-is-available-use-it-to-flush-global-mappings.patch b/debian/patches/bugfix/all/kpti/x86-mm-if-invpcid-is-available-use-it-to-flush-global-mappings.patch
index 1cf32ad..045127c 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-if-invpcid-is-available-use-it-to-flush-global-mappings.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-if-invpcid-is-available-use-it-to-flush-global-mappings.patch
@@ -36,7 +36,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -90,6 +90,15 @@ static inline void __native_flush_tlb_gl
+@@ -127,6 +127,15 @@ static inline void __native_flush_tlb_gl
{
unsigned long flags;
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-reimplement-flush_tlb_page-using-flush_tlb_mm_range.patch b/debian/patches/bugfix/all/kpti/x86-mm-reimplement-flush_tlb_page-using-flush_tlb_mm_range.patch
index 935c8c8..6829a7a 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-reimplement-flush_tlb_page-using-flush_tlb_mm_range.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-reimplement-flush_tlb_page-using-flush_tlb_mm_range.patch
@@ -45,7 +45,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -227,11 +227,15 @@ static inline void flush_tlb_kernel_rang
+@@ -264,11 +264,15 @@ static inline void flush_tlb_kernel_rang
flush_tlb_mm_range(vma->vm_mm, start, end, vma->vm_flags)
extern void flush_tlb_all(void);
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-remove-flush_tlb-and-flush_tlb_current_task.patch b/debian/patches/bugfix/all/kpti/x86-mm-remove-flush_tlb-and-flush_tlb_current_task.patch
index fef8433..9bafdc7 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-remove-flush_tlb-and-flush_tlb_current_task.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-remove-flush_tlb-and-flush_tlb_current_task.patch
@@ -35,7 +35,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
--- a/arch/x86/include/asm/tlbflush.h
+++ b/arch/x86/include/asm/tlbflush.h
-@@ -135,7 +135,6 @@ static inline void __flush_tlb_one(unsig
+@@ -172,7 +172,6 @@ static inline void __flush_tlb_one(unsig
/*
* TLB flushing:
*
@@ -43,7 +43,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
* - flush_tlb_all() flushes all processes TLBs
* - flush_tlb_mm(mm) flushes the specified mm context TLB's
* - flush_tlb_page(vma, vmaddr) flushes one page
-@@ -167,11 +166,6 @@ static inline void flush_tlb_all(void)
+@@ -204,11 +203,6 @@ static inline void flush_tlb_all(void)
__flush_tlb_all();
}
@@ -55,7 +55,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
static inline void local_flush_tlb(void)
{
__flush_tlb_up();
-@@ -233,14 +227,11 @@ static inline void flush_tlb_kernel_rang
+@@ -270,14 +264,11 @@ static inline void flush_tlb_kernel_rang
flush_tlb_mm_range(vma->vm_mm, start, end, vma->vm_flags)
extern void flush_tlb_all(void);
diff --git a/debian/patches/bugfix/all/kpti/x86-mm-remove-the-up-asm-tlbflush.h-code-always-use-the-formerly-smp-code.patch b/debian/patches/bugfix/all/kpti/x86-mm-remove-the-up-asm-tlbflush.h-code-always-use-the-formerly-smp-code.patch
index df9d259..2c7b9c9 100644
--- a/debian/patches/bugfix/all/kpti/x86-mm-remove-the-up-asm-tlbflush.h-code-always-use-the-formerly-smp-code.patch
+++ b/debian/patches/bugfix/all/kpti/x86-mm-remove-the-up-asm-tlbflush.h-code-always-use-the-formerly-smp-code.patch
@@ -99,7 +99,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
static inline void __invpcid(unsigned long pcid, unsigned long addr,
unsigned long type)
-@@ -146,79 +147,6 @@ static inline void __flush_tlb_one(unsig
+@@ -183,79 +184,6 @@ static inline void __flush_tlb_one(unsig
* and page-granular flushes are available only on i486 and up.
*/
@@ -179,7 +179,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
#define local_flush_tlb() __flush_tlb()
#define flush_tlb_mm(mm) flush_tlb_mm_range(mm, 0UL, TLB_FLUSH_ALL, 0UL)
-@@ -255,8 +183,6 @@ static inline void reset_lazy_tlbstate(v
+@@ -292,8 +220,6 @@ static inline void reset_lazy_tlbstate(v
this_cpu_write(cpu_tlbstate.active_mm, &init_mm);
}
diff --git a/debian/patches/series b/debian/patches/series
index de82003..ff3db83 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -709,11 +709,13 @@ bugfix/all/kpti/x86-mm-fix-missed-global-tlb-flush-stat.patch
bugfix/all/kpti/x86-mm-new-tunable-for-single-vs-full-tlb-flush.patch
bugfix/all/kpti/x86-mm-set-tlb-flush-tunable-to-sane-value-33.patch
bugfix/all/kpti/x86-mm-fix-sparse-tlb_single_page_flush_ceiling-warning-and-make-the-variable-read-mostly.patch
+bugfix/all/kpti/x86-clean-up-cr4-manipulation.patch
bugfix/all/kpti/x86-mm-add-invpcid-helpers.patch
bugfix/all/kpti/x86-mm-fix-invpcid-asm-constraint.patch
bugfix/all/kpti/x86-mm-add-a-noinvpcid-boot-option-to-turn-off-invpcid.patch
bugfix/all/kpti/x86-mm-if-invpcid-is-available-use-it-to-flush-global-mappings.patch
bugfix/all/kpti/mm-mmu_context-sched-core-fix-mmu_context.h-assumption.patch
+bugfix/all/kpti/drivers-vhost-fix-mmu_context.h-assumption.patch
bugfix/all/kpti/sched-core-add-switch_mm_irqs_off-and-use-it-in-the-scheduler.patch
bugfix/all/kpti/x86-mm-build-arch-x86-mm-tlb.c-even-on-smp.patch
bugfix/all/kpti/x86-mm-sched-core-uninline-switch_mm.patch
@@ -755,5 +757,6 @@ bugfix/all/kpti/kaiser-disabled-on-xen-pv.patch
bugfix/all/kpti/x86-kaiser-move-feature-detection-up.patch
bugfix/all/kpti/kpti-rename-to-page_table_isolation.patch
bugfix/all/kpti/kpti-report-when-enabled.patch
+bugfix/all/kpti/kaiser-x86-fix-nmi-handling.patch
# Fix ABI changes
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list