Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

+1 -1

arch/arm64/include/asm/asm-prototypes.h

··· 2 2 #ifndef __ASM_PROTOTYPES_H 3 3 #define __ASM_PROTOTYPES_H 4 4 /* 5 - * CONFIG_MODEVERIONS requires a C declaration to generate the appropriate CRC 5 + * CONFIG_MODVERSIONS requires a C declaration to generate the appropriate CRC 6 6 * for each symbol. Since commit: 7 7 * 8 8 * 4efca4ed05cbdfd1 ("kbuild: modversions for EXPORT_SYMBOL() for asm")

+41

arch/arm64/include/asm/mmu.h

··· 16 16 #ifndef __ASM_MMU_H 17 17 #define __ASM_MMU_H 18 18 19 + #include <asm/cputype.h> 20 + 19 21 #define MMCF_AARCH32 0x1 /* mm context flag for AArch32 executables */ 20 22 #define USER_ASID_BIT 48 21 23 #define USER_ASID_FLAG (UL(1) << USER_ASID_BIT) ··· 44 42 { 45 43 return IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0) && 46 44 cpus_have_const_cap(ARM64_UNMAP_KERNEL_AT_EL0); 45 + } 46 + 47 + static inline bool arm64_kernel_use_ng_mappings(void) 48 + { 49 + bool tx1_bug; 50 + 51 + /* What's a kpti? Use global mappings if we don't know. */ 52 + if (!IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) 53 + return false; 54 + 55 + /* 56 + * Note: this function is called before the CPU capabilities have 57 + * been configured, so our early mappings will be global. If we 58 + * later determine that kpti is required, then 59 + * kpti_install_ng_mappings() will make them non-global. 60 + */ 61 + if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE)) 62 + return arm64_kernel_unmapped_at_el0(); 63 + 64 + /* 65 + * KASLR is enabled so we're going to be enabling kpti on non-broken 66 + * CPUs regardless of their susceptibility to Meltdown. Rather 67 + * than force everybody to go through the G -> nG dance later on, 68 + * just put down non-global mappings from the beginning. 69 + */ 70 + if (!IS_ENABLED(CONFIG_CAVIUM_ERRATUM_27456)) { 71 + tx1_bug = false; 72 + #ifndef MODULE 73 + } else if (!static_branch_likely(&arm64_const_caps_ready)) { 74 + extern const struct midr_range cavium_erratum_27456_cpus[]; 75 + 76 + tx1_bug = is_midr_in_range_list(read_cpuid_id(), 77 + cavium_erratum_27456_cpus); 78 + #endif 79 + } else { 80 + tx1_bug = __cpus_have_const_cap(ARM64_WORKAROUND_CAVIUM_27456); 81 + } 82 + 83 + return !tx1_bug && kaslr_offset() > 0; 47 84 } 48 85 49 86 typedef void (*bp_hardening_cb_t)(void);

+2 -2

arch/arm64/include/asm/pgtable-prot.h

··· 37 37 #define _PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) 38 38 #define _PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) 39 39 40 - #define PTE_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PTE_NG : 0) 41 - #define PMD_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PMD_SECT_NG : 0) 40 + #define PTE_MAYBE_NG (arm64_kernel_use_ng_mappings() ? PTE_NG : 0) 41 + #define PMD_MAYBE_NG (arm64_kernel_use_ng_mappings() ? PMD_SECT_NG : 0) 42 42 43 43 #define PROT_DEFAULT (_PROT_DEFAULT | PTE_MAYBE_NG) 44 44 #define PROT_SECT_DEFAULT (_PROT_SECT_DEFAULT | PMD_MAYBE_NG)

+1 -1

arch/arm64/kernel/cpu_errata.c

··· 553 553 #endif 554 554 555 555 #ifdef CONFIG_CAVIUM_ERRATUM_27456 556 - static const struct midr_range cavium_erratum_27456_cpus[] = { 556 + const struct midr_range cavium_erratum_27456_cpus[] = { 557 557 /* Cavium ThunderX, T88 pass 1.x - 2.1 */ 558 558 MIDR_RANGE(MIDR_THUNDERX, 0, 0, 1, 1), 559 559 /* Cavium ThunderX, T81 pass 1.0 */

+7 -2

arch/arm64/kernel/cpufeature.c

··· 983 983 984 984 /* Useful for KASLR robustness */ 985 985 if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) 986 - return true; 986 + return kaslr_offset() > 0; 987 987 988 988 /* Don't force KPTI for CPUs that are not vulnerable */ 989 989 if (is_midr_in_range_list(read_cpuid_id(), kpti_safe_list)) ··· 1003 1003 static bool kpti_applied = false; 1004 1004 int cpu = smp_processor_id(); 1005 1005 1006 - if (kpti_applied) 1006 + /* 1007 + * We don't need to rewrite the page-tables if either we've done 1008 + * it already or we have KASLR enabled and therefore have not 1009 + * created any global mappings at all. 1010 + */ 1011 + if (kpti_applied || kaslr_offset() > 0) 1007 1012 return; 1008 1013 1009 1014 remap_fn = (void *)__pa_symbol(idmap_kpti_install_ng_mappings);

+1

arch/arm64/kernel/head.S

··· 475 475 476 476 ENTRY(kimage_vaddr) 477 477 .quad _text - TEXT_OFFSET 478 + EXPORT_SYMBOL(kimage_vaddr) 478 479 479 480 /* 480 481 * If we're fortunate enough to boot at EL2, ensure that the world is

+3 -1

arch/arm64/kernel/machine_kexec_file.c

··· 87 87 88 88 /* add kaslr-seed */ 89 89 ret = fdt_delprop(dtb, off, FDT_PROP_KASLR_SEED); 90 - if (ret && (ret != -FDT_ERR_NOTFOUND)) 90 + if (ret == -FDT_ERR_NOTFOUND) 91 + ret = 0; 92 + else if (ret) 91 93 goto out; 92 94 93 95 if (rng_is_initialized()) {

+3 -2

drivers/acpi/arm64/iort.c

··· 876 876 return (resv == its->its_count) ? resv : -ENODEV; 877 877 } 878 878 #else 879 - static inline const struct iommu_ops *iort_fwspec_iommu_ops(struct device *dev); 879 + static inline const struct iommu_ops *iort_fwspec_iommu_ops(struct device *dev) 880 880 { return NULL; } 881 881 static inline int iort_add_device_replay(const struct iommu_ops *ops, 882 882 struct device *dev) ··· 952 952 { 953 953 struct acpi_iort_node *node; 954 954 struct acpi_iort_root_complex *rc; 955 + struct pci_bus *pbus = to_pci_dev(dev)->bus; 955 956 956 957 node = iort_scan_node(ACPI_IORT_NODE_PCI_ROOT_COMPLEX, 957 - iort_match_node_callback, dev); 958 + iort_match_node_callback, &pbus->dev); 958 959 if (!node || node->revision < 1) 959 960 return -ENODEV; 960 961

Configure Feed

Configure Feed