Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-08 Thread Dave Martin
On Wed, Feb 07, 2018 at 06:15:58PM +, Suzuki K Poulose wrote: > On 07/02/18 10:38, Dave Martin wrote: > >On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: > >>KPTI is treated as a system wide feature, where we enable the feature > >>when all the CPUs on the system suffers from

Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-08 Thread Dave Martin
On Wed, Feb 07, 2018 at 06:15:58PM +, Suzuki K Poulose wrote: > On 07/02/18 10:38, Dave Martin wrote: > >On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: > >>KPTI is treated as a system wide feature, where we enable the feature > >>when all the CPUs on the system suffers from

Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-07 Thread Suzuki K Poulose
On 07/02/18 10:38, Dave Martin wrote: On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: KPTI is treated as a system wide feature, where we enable the feature when all the CPUs on the system suffers from the security vulnerability, Should that be "when any CPU"? Without this

Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-07 Thread Suzuki K Poulose
On 07/02/18 10:38, Dave Martin wrote: On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: KPTI is treated as a system wide feature, where we enable the feature when all the CPUs on the system suffers from the security vulnerability, Should that be "when any CPU"? Without this

Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-07 Thread Dave Martin
On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: > KPTI is treated as a system wide feature, where we enable the feature > when all the CPUs on the system suffers from the security vulnerability, Should that be "when any CPU"? > unless it is forced via kernel command line. Also,

Re: [PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-02-07 Thread Dave Martin
On Wed, Jan 31, 2018 at 06:27:57PM +, Suzuki K Poulose wrote: > KPTI is treated as a system wide feature, where we enable the feature > when all the CPUs on the system suffers from the security vulnerability, Should that be "when any CPU"? > unless it is forced via kernel command line. Also,

[PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-01-31 Thread Suzuki K Poulose
KPTI is treated as a system wide feature, where we enable the feature when all the CPUs on the system suffers from the security vulnerability, unless it is forced via kernel command line. Also, if a late CPU needs KPTI but KPTI was not enabled at boot time, the CPU is currently allowed to boot,

[PATCH v2 10/20] arm64: capabilities: Restrict KPTI detection to boot-time CPUs

2018-01-31 Thread Suzuki K Poulose
KPTI is treated as a system wide feature, where we enable the feature when all the CPUs on the system suffers from the security vulnerability, unless it is forced via kernel command line. Also, if a late CPU needs KPTI but KPTI was not enabled at boot time, the CPU is currently allowed to boot,