lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <26cdac8e-ff62-d35c-50ca-a50d86f6651b@arm.com>
Date:   Fri, 18 Jan 2019 10:35:45 -0600
From:   Jeremy Linton <jeremy.linton@....com>
To:     Suzuki K Poulose <suzuki.poulose@....com>,
        linux-arm-kernel@...ts.infradead.org
Cc:     catalin.marinas@....com, will.deacon@....com, marc.zyngier@....com,
        dave.martin@....com, shankerd@...eaurora.org,
        linux-kernel@...r.kernel.org, ykaukab@...e.de,
        julien.thierry@....com, mlangsdo@...hat.com, Steven.Price@....com,
        stefan.wahren@...e.com
Subject: Re: [PATCH v3 3/7] arm64: kpti: move check for non-vulnerable CPUs to
 a function

Hi,

On 01/14/2019 05:32 AM, Suzuki K Poulose wrote:
> Hi Jeremy,
> 
> On 09/01/2019 23:55, Jeremy Linton wrote:
>> From: Mian Yousaf Kaukab <ykaukab@...e.de>
>>
>> Add is_meltdown_safe() which is a whitelist of known safe cores.
>>
>> Signed-off-by: Mian Yousaf Kaukab <ykaukab@...e.de>
>> [Moved location of function]
>> Signed-off-by: Jeremy Linton <jeremy.linton@....com>
>> ---
>>   arch/arm64/kernel/cpufeature.c | 15 +++++++++++----
>>   1 file changed, 11 insertions(+), 4 deletions(-)
>>
>> diff --git a/arch/arm64/kernel/cpufeature.c 
>> b/arch/arm64/kernel/cpufeature.c
>> index 4f272399de89..ab784d7a0083 100644
>> --- a/arch/arm64/kernel/cpufeature.c
>> +++ b/arch/arm64/kernel/cpufeature.c
>> @@ -947,8 +947,7 @@ has_useable_cnp(const struct 
>> arm64_cpu_capabilities *entry, int scope)
>>   #ifdef CONFIG_UNMAP_KERNEL_AT_EL0
>>   static int __kpti_forced; /* 0: not forced, >0: forced on, <0: 
>> forced off */
>> -static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities 
>> *entry,
>> -                int scope)
>> +static bool is_cpu_meltdown_safe(void)
>>   {
>>       /* List of CPUs that are not vulnerable and don't need KPTI */
>>       static const struct midr_range kpti_safe_list[] = {
>> @@ -962,6 +961,15 @@ static bool unmap_kernel_at_el0(const struct 
>> arm64_cpu_capabilities *entry,
>>           MIDR_ALL_VERSIONS(MIDR_CORTEX_A73),
>>           { /* sentinel */ }
>>       };
>> +    if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list))
> 
> nit: Does it make sense to rename the list to "meltdown_safe_list", to 
> match the
> function name ?
> 
> Also also, you may do :
> 
>      return is_midr_in_range_list(read_cpuid_id(), kpti_safe_list);
> 
> Either way
> 
> Reviewed-by: Suzuki K Poulose <suzuki.poulose@....com>

Hi, again.

Part of the delay in responding to this one, has been the fact that 
originally meltodwn_safe() was being used in two places (which is why it 
was broken out). But that isn't true anymore, and this patch is 
effectively just fluff, so it seemed appropriate for the chopping block 
too, which is what i'm planning.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ