tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Thomas Gleixner:

- Correct the L1TF fallout on 32bit and the off by one in the 'too much
RAM for protection' calculation.

- Add a helpful kernel message for the 'too much RAM' case

- Unbreak the VDSO in case that the compiler desides to use indirect
jumps/calls and emits retpolines which cannot be resolved because the
kernel uses its own thunks, which does not work for the VDSO. Make it
use the builtin thunks.

- Re-export start_thread() which was unexported when the 32/64bit
implementation was unified. start_thread() is required by modular
binfmt handlers.

- Trivial cleanups

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/speculation/l1tf: Suggest what to do on systems with too much RAM
x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM
x86/kvm/vmx: Remove duplicate l1d flush definitions
x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
x86/process: Re-export start_thread()
x86/mce: Add notifier_block forward declaration
x86/vdso: Fix vDSO build if a retpoline is emitted

Linus Torvalds 2a8a2b7c de375035

+19 -10
+4
Makefile
··· 507 507 endif 508 508 509 509 RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register 510 + RETPOLINE_VDSO_CFLAGS_GCC := -mindirect-branch=thunk-inline -mindirect-branch-register 510 511 RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk 512 + RETPOLINE_VDSO_CFLAGS_CLANG := -mretpoline 511 513 RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG))) 514 + RETPOLINE_VDSO_CFLAGS := $(call cc-option,$(RETPOLINE_VDSO_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_VDSO_CFLAGS_CLANG))) 512 515 export RETPOLINE_CFLAGS 516 + export RETPOLINE_VDSO_CFLAGS 513 517 514 518 KBUILD_CFLAGS += $(call cc-option,-fno-PIE) 515 519 KBUILD_AFLAGS += $(call cc-option,-fno-PIE)
+4 -2
arch/x86/entry/vdso/Makefile
··· 68 68 CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \ 69 69 $(filter -g%,$(KBUILD_CFLAGS)) $(call cc-option, -fno-stack-protector) \ 70 70 -fno-omit-frame-pointer -foptimize-sibling-calls \ 71 - -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO 71 + -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO $(RETPOLINE_VDSO_CFLAGS) 72 72 73 - $(vobjs): KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) 73 + $(vobjs): KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) 74 74 75 75 # 76 76 # vDSO code runs in userspace and -pg doesn't help with profiling anyway. ··· 132 132 KBUILD_CFLAGS_32 := $(filter-out -fno-pic,$(KBUILD_CFLAGS_32)) 133 133 KBUILD_CFLAGS_32 := $(filter-out -mfentry,$(KBUILD_CFLAGS_32)) 134 134 KBUILD_CFLAGS_32 := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS_32)) 135 + KBUILD_CFLAGS_32 := $(filter-out $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS_32)) 135 136 KBUILD_CFLAGS_32 += -m32 -msoft-float -mregparm=0 -fpic 136 137 KBUILD_CFLAGS_32 += $(call cc-option, -fno-stack-protector) 137 138 KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls) 138 139 KBUILD_CFLAGS_32 += -fno-omit-frame-pointer 139 140 KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING 141 + KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS) 140 142 $(obj)/vdso32.so.dbg: KBUILD_CFLAGS = $(KBUILD_CFLAGS_32) 141 143 142 144 $(obj)/vdso32.so.dbg: FORCE \
+1
arch/x86/include/asm/mce.h
··· 148 148 MCE_PRIO_LOWEST = 0, 149 149 }; 150 150 151 + struct notifier_block; 151 152 extern void mce_register_decode_chain(struct notifier_block *nb); 152 153 extern void mce_unregister_decode_chain(struct notifier_block *nb); 153 154
+2 -2
arch/x86/include/asm/processor.h
··· 181 181 182 182 extern void cpu_detect(struct cpuinfo_x86 *c); 183 183 184 - static inline unsigned long l1tf_pfn_limit(void) 184 + static inline unsigned long long l1tf_pfn_limit(void) 185 185 { 186 - return BIT(boot_cpu_data.x86_phys_bits - 1 - PAGE_SHIFT) - 1; 186 + return BIT_ULL(boot_cpu_data.x86_phys_bits - 1 - PAGE_SHIFT); 187 187 } 188 188 189 189 extern void early_cpu_init(void);
+4
arch/x86/kernel/cpu/bugs.c
··· 702 702 half_pa = (u64)l1tf_pfn_limit() << PAGE_SHIFT; 703 703 if (e820__mapped_any(half_pa, ULLONG_MAX - half_pa, E820_TYPE_RAM)) { 704 704 pr_warn("System has more than MAX_PA/2 memory. L1TF mitigation not effective.\n"); 705 + pr_info("You may make it effective by booting the kernel with mem=%llu parameter.\n", 706 + half_pa); 707 + pr_info("However, doing so will make a part of your RAM unusable.\n"); 708 + pr_info("Reading https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html might help you decide.\n"); 705 709 return; 706 710 } 707 711
+1
arch/x86/kernel/process_64.c
··· 384 384 start_thread_common(regs, new_ip, new_sp, 385 385 __USER_CS, __USER_DS, 0); 386 386 } 387 + EXPORT_SYMBOL_GPL(start_thread); 387 388 388 389 #ifdef CONFIG_COMPAT 389 390 void compat_start_thread(struct pt_regs *regs, u32 new_ip, u32 new_sp)
-3
arch/x86/kvm/vmx.c
··· 10131 10131 * information but as all relevant affected CPUs have 32KiB L1D cache size 10132 10132 * there is no point in doing so. 10133 10133 */ 10134 - #define L1D_CACHE_ORDER 4 10135 - static void *vmx_l1d_flush_pages; 10136 - 10137 10134 static void vmx_l1d_flush(struct kvm_vcpu *vcpu) 10138 10135 { 10139 10136 int size = PAGE_SIZE << L1D_CACHE_ORDER;
+2 -2
arch/x86/mm/init.c
··· 930 930 931 931 if (boot_cpu_has_bug(X86_BUG_L1TF)) { 932 932 /* Limit the swap file size to MAX_PA/2 for L1TF workaround */ 933 - unsigned long l1tf_limit = l1tf_pfn_limit() + 1; 933 + unsigned long long l1tf_limit = l1tf_pfn_limit(); 934 934 /* 935 935 * We encode swap offsets also with 3 bits below those for pfn 936 936 * which makes the usable limit higher. ··· 938 938 #if CONFIG_PGTABLE_LEVELS > 2 939 939 l1tf_limit <<= PAGE_SHIFT - SWP_OFFSET_FIRST_BIT; 940 940 #endif 941 - pages = min_t(unsigned long, l1tf_limit, pages); 941 + pages = min_t(unsigned long long, l1tf_limit, pages); 942 942 } 943 943 return pages; 944 944 }
+1 -1
arch/x86/mm/mmap.c
··· 257 257 /* If it's real memory always allow */ 258 258 if (pfn_valid(pfn)) 259 259 return true; 260 - if (pfn > l1tf_pfn_limit() && !capable(CAP_SYS_ADMIN)) 260 + if (pfn >= l1tf_pfn_limit() && !capable(CAP_SYS_ADMIN)) 261 261 return false; 262 262 return true; 263 263 }