linux/arch/arm64/kernel
Suzuki K Poulose d3aec8a28b arm64: capabilities: Restrict KPTI detection to boot-time CPUs
KPTI is treated as a system wide feature and is only detected if all
the CPUs in the sysetm needs the defense, unless it is forced via kernel
command line. This leaves a system with a mix of CPUs with and without
the defense vulnerable. Also, if a late CPU needs KPTI but KPTI was not
activated at boot time, the CPU is currently allowed to boot, which is a
potential security vulnerability.
This patch ensures that the KPTI is turned on if at least one CPU detects
the capability (i.e, change scope to SCOPE_LOCAL_CPU). Also rejetcs a late
CPU, if it requires the defense, when the system hasn't enabled it,

Cc: Will Deacon <will.deacon@arm.com>
Reviewed-by: Dave Martin <dave.martin@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2018-03-26 18:01:40 +01:00
..
probes License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vdso arm64 updates for 4.15 2017-11-15 10:56:56 -08:00
.gitignore
acpi_numa.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
acpi_parking_protocol.c arm64: fix endianness annotation in acpi_parking_protocol.c 2017-06-29 11:33:15 +01:00
acpi.c More ACPI updates for v4.16-rc1 2018-02-09 09:44:25 -08:00
alternative.c arm64: alternatives: use tpidr_el2 on VHE hosts 2018-01-13 10:44:33 +00:00
arm64ksyms.c arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user 2018-02-06 22:53:40 +00:00
armv8_deprecated.c arm64: signal: Make force_signal_inject more robust 2018-03-06 18:52:22 +00:00
asm-offsets.c KVM: arm64: Handle RAS SErrors from EL2 on guest exit 2018-01-16 15:09:36 +00:00
bpi.S arm64: Kill PSCI_GET_VERSION as a variant-2 workaround 2018-02-06 22:54:18 +00:00
cacheinfo.c arm64: cacheinfo: Remove CCSIDR-based cache information probing 2017-03-20 16:16:54 +00:00
cpu_errata.c arm64: capabilities: Add flags to handle the conflicts on late CPU 2018-03-26 18:01:37 +01:00
cpu_ops.c arm64: cpu_ops: Add missing 'const' qualifiers 2017-12-01 13:05:08 +00:00
cpu-reset.h arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
cpu-reset.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
cpufeature.c arm64: capabilities: Restrict KPTI detection to boot-time CPUs 2018-03-26 18:01:40 +01:00
cpuidle.c ARM64 / cpuidle: Use new cpuidle macro for entering retention state 2018-01-02 13:50:34 +00:00
cpuinfo.c arm64: Expose Arm v8.4 features 2018-03-19 18:14:27 +00:00
crash_dump.c arm64: kdump: provide /proc/vmcore file 2017-04-05 18:31:38 +01:00
debug-monitors.c arm64: Use arm64_force_sig_info instead of force_sig_info 2018-03-06 18:52:32 +00:00
efi-entry.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
efi-header.S arm64: efi: split Image code and data into separate PE/COFF sections 2017-04-04 17:50:59 +01:00
efi.c arm64: mm: Use READ_ONCE/WRITE_ONCE when accessing page tables 2018-02-16 18:13:57 +00:00
entry32.S arm64: entry32: remove pointless register assignment 2015-07-10 16:47:13 +01:00
entry-fpsimd.S arm64/sve: Low-level SVE architectural state manipulation functions 2017-11-03 15:24:14 +00:00
entry-ftrace.S arm64: Fix static use of function graph 2017-11-03 12:05:23 +00:00
entry.S 2nd set of arm64 updates for 4.16: 2018-02-08 10:44:25 -08:00
fpsimd.c arm64: capabilities: Update prototype for enable call back 2018-03-26 18:00:37 +01:00
ftrace.c arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
head.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
hibernate-asm.S arm64: assembler: Change order of macro arguments in phys_to_ttbr 2018-02-06 22:53:21 +00:00
hibernate.c arm64: mm: Use READ_ONCE/WRITE_ONCE when accessing page tables 2018-02-16 18:13:57 +00:00
hw_breakpoint.c arm64: hw_breakpoint: Use linux/uaccess.h instead of asm/uaccess.h 2017-12-12 11:53:26 +00:00
hyp-stub.S arm64: hyp-stub: Zero x0 on successful stub handling 2017-04-09 07:49:35 -07:00
image.h arm64 updates for 4.7: 2016-05-16 17:17:24 -07:00
insn.c arm64 updates for 4.13: 2017-07-05 17:09:27 -07:00
io.c arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io 2017-10-24 16:23:07 +01:00
irq.c arm64: Add vmap_stack header file 2018-01-13 10:45:03 +00:00
jump_label.c jump_label: Rename JUMP_LABEL_{EN,DIS}ABLE to JUMP_LABEL_{JMP,NOP} 2015-08-03 11:34:12 +02:00
kaslr.c arm64/kernel: kaslr: reduce module randomization range to 4 GB 2018-03-08 13:49:26 +00:00
kgdb.c arm64/debug: Fix registers on sleeping tasks 2018-03-06 18:52:34 +00:00
kuser32.S
machine_kexec.c arm64: explicitly mask all exceptions 2017-11-02 15:55:40 +00:00
Makefile arm64: kernel: Add arch-specific SDEI entry code and CPU masking 2018-01-13 10:45:17 +00:00
module-plts.c arm64/kernel: enable A53 erratum #8434319 handling at runtime 2018-03-09 13:23:09 +00:00
module.c arm64/kernel: enable A53 erratum #8434319 handling at runtime 2018-03-09 13:23:09 +00:00
module.lds arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
paravirt.c arm64: introduce CONFIG_PARAVIRT, PARAVIRT_TIME_ACCOUNTING and pv_time_ops 2015-12-21 14:40:54 +00:00
pci.c PCI: Add a generic weak pcibios_align_resource() 2017-08-02 14:53:16 -05:00
perf_callchain.c arm64: unwind: remove sp from struct stackframe 2017-08-09 14:10:29 +01:00
perf_event.c arm64: perf: correct PMUVer probing 2018-02-20 11:34:54 +00:00
perf_regs.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
process.c arm64: __show_regs: Only resolve kernel symbols when running at EL1 2018-02-19 17:07:12 +00:00
psci.c arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
ptrace.c arm64: Use arm64_force_sig_info instead of force_sig_info 2018-03-06 18:52:32 +00:00
reloc_test_core.c arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
reloc_test_syms.S arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
relocate_kernel.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
return_address.c arm64: unwind: remove sp from struct stackframe 2017-08-09 14:10:29 +01:00
sdei.c arm64: sdei: Add trampoline code for remapping the kernel 2018-01-14 18:49:50 +00:00
setup.c arm64: Move the async/fiq helpers to explicitly set process context flags 2017-11-02 15:55:41 +00:00
signal32.c arm64: signal: Call arm64_notify_segfault when failing to deliver signal 2018-03-06 18:52:25 +00:00
signal.c arm64: signal: Call arm64_notify_segfault when failing to deliver signal 2018-03-06 18:52:25 +00:00
sleep.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
smccc-call.S firmware: qcom: scm: Fix interrupted SCM calls 2017-02-03 18:46:33 +00:00
smp_spin_table.c arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
smp.c arm64: capabilities: Move errata work around check on boot CPU 2018-03-26 18:01:36 +01:00
stacktrace.c arm64: fix unwind_frame() for filtered out fn for function graph tracing 2018-02-23 13:46:38 +00:00
suspend.c arm64: uaccess: Add PAN helper 2018-01-13 10:45:10 +00:00
sys32.c
sys_compat.c arm64: Mirror arm for unimplemented compat syscalls 2018-03-05 12:06:43 +00:00
sys.c arm64: compat: Check for AArch32 state 2016-04-20 12:22:42 +01:00
time.c arm64: fix unwind_frame() for filtered out fn for function graph tracing 2018-02-23 13:46:38 +00:00
topology.c arm64: Use of_cpu_node_to_id helper for CPU topology parsing 2018-01-02 16:43:12 +00:00
trace-events-emulation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.c arm64: capabilities: Update prototype for enable call back 2018-03-26 18:00:37 +01:00
vdso.c arm64/vdso: Support mremap() for vDSO 2017-08-09 12:16:28 +01:00
vmlinux.lds.S arm64: Extend early page table code to allow for larger kernels 2018-01-14 18:49:52 +00:00