| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2018 03:06:12 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org, "Paolo Bonzini" <pbonzini@...hat.com>,
"Ashok Raj" <ashok.raj@...el.com>,
"Thomas Gleixner" <tglx@...utronix.de>,
"Jun Nakajima" <jun.nakajima@...el.com>,
"Dan Williams" <dan.j.williams@...el.com>,
"Arjan Van De Ven" <arjan.van.de.ven@...el.com>,
"Peter Zijlstra" <peterz@...radead.org>,
"Josh Poimboeuf" <jpoimboe@...hat.com>,
"Greg KH" <gregkh@...uxfoundation.org>,
"David Woodhouse" <dwmw2@...radead.org>,
"Andrea Arcangeli" <aarcange@...hat.com>,
"Dave Hansen" <dave.hansen@...el.com>,
"Jason Baron" <jbaron@...mai.com>,
"Juergen Gross" <jgross@...e.com>,
"Alok Kataria" <akataria@...are.com>,
"Asit Mallick" <asit.k.mallick@...el.com>,
"Rusty Russell" <rusty@...tcorp.com.au>,
"Andy Lutomirski" <luto@...nel.org>,
"Tim Chen" <tim.c.chen@...ux.intel.com>,
"Andi Kleen" <ak@...ux.intel.com>,
"Linus Torvalds" <torvalds@...ux-foundation.org>
Subject: [PATCH 3.16 61/76] x86/paravirt: Remove 'noreplace-paravirt'
cmdline option
3.16.56-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Josh Poimboeuf <jpoimboe@...hat.com>
commit 12c69f1e94c89d40696e83804dd2f0965b5250cd upstream.
The 'noreplace-paravirt' option disables paravirt patching, leaving the
original pv indirect calls in place.
That's highly incompatible with retpolines, unless we want to uglify
paravirt even further and convert the paravirt calls to retpolines.
As far as I can tell, the option doesn't seem to be useful for much
other than introducing surprising corner cases and making the kernel
vulnerable to Spectre v2. It was probably a debug option from the early
paravirt days. So just remove it.
Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Reviewed-by: Juergen Gross <jgross@...e.com>
Cc: Andrea Arcangeli <aarcange@...hat.com>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: Ashok Raj <ashok.raj@...el.com>
Cc: Greg KH <gregkh@...uxfoundation.org>
Cc: Jun Nakajima <jun.nakajima@...el.com>
Cc: Tim Chen <tim.c.chen@...ux.intel.com>
Cc: Rusty Russell <rusty@...tcorp.com.au>
Cc: Dave Hansen <dave.hansen@...el.com>
Cc: Asit Mallick <asit.k.mallick@...el.com>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Jason Baron <jbaron@...mai.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>
Cc: Alok Kataria <akataria@...are.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@...el.com>
Cc: David Woodhouse <dwmw2@...radead.org>
Cc: Dan Williams <dan.j.williams@...el.com>
Link: https://lkml.kernel.org/r/20180131041333.2x6blhxirc2kclrq@treble
[bwh: Backported to 3.16: adjust filename]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
Documentation/kernel-parameters.txt | 2 --
arch/x86/kernel/alternative.c | 14 --------------
2 files changed, 16 deletions(-)
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2271,8 +2271,6 @@ bytes respectively. Such letter suffixes
norandmaps Don't use address space randomization. Equivalent to
echo 0 > /proc/sys/kernel/randomize_va_space
- noreplace-paravirt [X86,IA-64,PV_OPS] Don't patch paravirt_ops
-
noreplace-smp [X86-32,SMP] Don't replace SMP instructions
with UP alternatives
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -41,17 +41,6 @@ static int __init setup_noreplace_smp(ch
}
__setup("noreplace-smp", setup_noreplace_smp);
-#ifdef CONFIG_PARAVIRT
-static int __initdata_or_module noreplace_paravirt = 0;
-
-static int __init setup_noreplace_paravirt(char *str)
-{
- noreplace_paravirt = 1;
- return 1;
-}
-__setup("noreplace-paravirt", setup_noreplace_paravirt);
-#endif
-
#define DPRINTK(fmt, args...) \
do { \
if (debug_alternative) \
@@ -574,9 +563,6 @@ void __init_or_module apply_paravirt(str
struct paravirt_patch_site *p;
char insnbuf[MAX_PATCH_LEN];
- if (noreplace_paravirt)
- return;
-
for (p = start; p < end; p++) {
unsigned int used;
Powered by blists - more mailing lists