From 72b9cb4f823e5558be6b3d572ada5d2b6151a2b4 Mon Sep 17 00:00:00 2001 From: Laura Abbott Date: Wed, 3 Jan 2018 09:46:35 -0800 Subject: [PATCH] KPTI Fix --- kernel.spec | 8 +++++++- kpti-fix.patch | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 kpti-fix.patch diff --git a/kernel.spec b/kernel.spec index 82c224534..c794cea75 100644 --- a/kernel.spec +++ b/kernel.spec @@ -42,7 +42,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 1 +%global baserelease 2 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -647,6 +647,9 @@ Patch636: 0001-ahci-Annotate-PCI-ids-for-mobile-Intel-chipsets-as-s.patch Patch637: 0002-ahci-Add-PCI-ids-for-Intel-Bay-Trail-Cherry-Trail-an.patch Patch638: 0003-ahci-Allow-setting-a-default-LPM-policy-for-mobile-c.patch +# KPTI Fixups +Patch639: kpti-fix.patch + # END OF PATCH DEFINITIONS %endif @@ -2198,6 +2201,9 @@ fi # # %changelog +* Wed Jan 03 2018 Laura Abbott - 4.15.0-0.rc6.git0.2 +- KPTI Fix + * Mon Jan 01 2018 Laura Abbott - 4.15.0-0.rc6.git0.1 - Linux v4.15-rc6 diff --git a/kpti-fix.patch b/kpti-fix.patch new file mode 100644 index 000000000..601940bb2 --- /dev/null +++ b/kpti-fix.patch @@ -0,0 +1,56 @@ +From 52994c256df36fda9a715697431cba9daecb6b11 Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner +Date: Wed, 3 Jan 2018 15:57:59 +0100 +Subject: x86/pti: Make sure the user/kernel PTEs match + +Meelis reported that his K8 Athlon64 emits MCE warnings when PTI is +enabled: + +[Hardware Error]: Error Addr: 0x0000ffff81e000e0 +[Hardware Error]: MC1 Error: L1 TLB multimatch. +[Hardware Error]: cache level: L1, tx: INSN + +The address is in the entry area, which is mapped into kernel _AND_ user +space. That's special because we switch CR3 while we are executing +there. + +User mapping: +0xffffffff81e00000-0xffffffff82000000 2M ro PSE GLB x pmd + +Kernel mapping: +0xffffffff81000000-0xffffffff82000000 16M ro PSE x pmd + +So the K8 is complaining that the TLB entries differ. They differ in the +GLB bit. + +Drop the GLB bit when installing the user shared mapping. + +Fixes: 6dc72c3cbca0 ("x86/mm/pti: Share entry text PMD") +Reported-by: Meelis Roos +Signed-off-by: Thomas Gleixner +Tested-by: Meelis Roos +Cc: Borislav Petkov +Cc: Tom Lendacky +Cc: stable@vger.kernel.org +Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801031407180.1957@nanos +--- + arch/x86/mm/pti.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c +index bce8aea..2da28ba 100644 +--- a/arch/x86/mm/pti.c ++++ b/arch/x86/mm/pti.c +@@ -367,7 +367,8 @@ static void __init pti_setup_espfix64(void) + static void __init pti_clone_entry_text(void) + { + pti_clone_pmds((unsigned long) __entry_text_start, +- (unsigned long) __irqentry_text_end, _PAGE_RW); ++ (unsigned long) __irqentry_text_end, ++ _PAGE_RW | _PAGE_GLOBAL); + } + + /* +-- +cgit v1.1 +