4.9-stable review patch.  If anyone has any objections, please let me know.


From: Jayachandran C <jn...@caviumnetworks.com>

commit 0ba2e29c7fc1 upstream.

Whitelist Broadcom Vulcan/Cavium ThunderX2 processors in
unmap_kernel_at_el0(). These CPUs are not vulnerable to
CVE-2017-5754 and do not need KPTI when KASLR is off.

Acked-by: Will Deacon <will.dea...@arm.com>
Signed-off-by: Jayachandran C <jn...@caviumnetworks.com>
Signed-off-by: Catalin Marinas <catalin.mari...@arm.com>
Signed-off-by: Will Deacon <will.dea...@arm.com>
Signed-off-by: Alex Shi <alex....@linaro.org> [v4.9 backport]
Signed-off-by: Mark Rutland <mark.rutl...@arm.com> [v4.9 backport]
Tested-by: Will Deacon <will.dea...@arm.com>
Tested-by: Greg Hackmann <ghackm...@google.com>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
 arch/arm64/kernel/cpufeature.c |    7 +++++++
 1 file changed, 7 insertions(+)

--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -766,6 +766,13 @@ static bool unmap_kernel_at_el0(const st
                return true;
+       /* Don't force KPTI for CPUs that are not vulnerable */
+       switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) {
+       case MIDR_BRCM_VULCAN:
+               return false;
+       }
        /* Defer to CPU feature registers */
        return !cpuid_feature_extract_unsigned_field(pfr0,

Reply via email to