diff options
Diffstat (limited to 'x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch')
| -rw-r--r-- | x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch b/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch deleted file mode 100644 index a7e0accb6..000000000 --- a/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch +++ /dev/null @@ -1,46 +0,0 @@ -From patchwork Wed Dec 27 05:43:54 2017 -Content-Type: text/plain; charset="utf-8" -MIME-Version: 1.0 -Content-Transfer-Encoding: 7bit -Subject: x86/cpu, x86/pti: Do not enable PTI on AMD processors -From: Tom Lendacky <thomas.lendacky@amd.com> -X-Patchwork-Id: 10133447 -Message-Id: <20171227054354.20369.94587.stgit@tlendack-t1.amdoffice.net> -To: x86@kernel.org -Cc: Dave Hansen <dave.hansen@linux.intel.com>, - linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>, - Andy Lutomirski <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, - Thomas Gleixner <tglx@linutronix.de>, Borislav Petkov <bp@suse.de> -Date: Tue, 26 Dec 2017 23:43:54 -0600 - -AMD processors are not subject to the types of attacks that the kernel -page table isolation feature protects against. The AMD microarchitecture -does not allow memory references, including speculative references, that -access higher privileged data when running in a lesser privileged mode -when that access would result in a page fault. - -Disable page table isolation by default on AMD processors by not setting -the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI -is set. - -Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> -Reviewed-by: Borislav Petkov <bp@suse.de> ---- - arch/x86/kernel/cpu/common.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c -index c47de4e..7d9e3b0 100644 ---- a/arch/x86/kernel/cpu/common.c -+++ b/arch/x86/kernel/cpu/common.c -@@ -923,8 +923,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) - - setup_force_cpu_cap(X86_FEATURE_ALWAYS); - -- /* Assume for now that ALL x86 CPUs are insecure */ -- setup_force_cpu_bug(X86_BUG_CPU_INSECURE); -+ if (c->x86_vendor != X86_VENDOR_AMD) -+ setup_force_cpu_bug(X86_BUG_CPU_INSECURE); - - fpu__init_system(c); - |