aboutsummarylogtreecommitdiffstats
path: root/0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch
diff options
context:
space:
mode:
Diffstat (limited to '0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch')
-rw-r--r--0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch42
1 files changed, 0 insertions, 42 deletions
diff --git a/0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch b/0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch
deleted file mode 100644
index f3af870c7889..000000000000
--- a/0007-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 51786b65797aed683ca72293a3cb86a2cab987c0 Mon Sep 17 00:00:00 2001
-Message-Id: <51786b65797aed683ca72293a3cb86a2cab987c0.1514959852.git.jan.steffens@gmail.com>
-In-Reply-To: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com>
-References: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com>
-From: Tom Lendacky <thomas.lendacky@amd.com>
-Date: Tue, 26 Dec 2017 23:43:54 -0600
-Subject: [PATCH 7/7] x86/cpu, x86/pti: Do not enable PTI on AMD processors
-
-AMD processors are not subject to the types of attacks that the kernel
-page table isolation feature protects against. The AMD microarchitecture
-does not allow memory references, including speculative references, that
-access higher privileged data when running in a lesser privileged mode
-when that access would result in a page fault.
-
-Disable page table isolation by default on AMD processors by not setting
-the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI
-is set.
-
-Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
-Reviewed-by: Borislav Petkov <bp@suse.de>
----
- arch/x86/kernel/cpu/common.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
-index f2a94dfb434e9a7c..b1be494ab4e8badf 100644
---- a/arch/x86/kernel/cpu/common.c
-+++ b/arch/x86/kernel/cpu/common.c
-@@ -899,8 +899,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
-
- setup_force_cpu_cap(X86_FEATURE_ALWAYS);
-
-- /* Assume for now that ALL x86 CPUs are insecure */
-- setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
-+ if (c->x86_vendor != X86_VENDOR_AMD)
-+ setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
-
- fpu__init_system(c);
-
---
-2.15.1
-