pti: Rename X86_FEATURE_KAISER to X86_FEATURE_PTI

cat /proc/cpuinfo still shows kaiser feature, and want only pti
to be visible to users. Therefore, rename this macro to get
correct user visible output.

Orabug: 27333760
CVE: CVE-2017-5754

Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>

diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index e9844bd47588306080b9282dbeee513920c0eac5..3afc42414a4cbf1edfa9b7a63f1340e7483e7ad7 100644 (file)
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -208,7 +208,7 @@
 
 
 /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
-#define X86_FEATURE_KAISER     ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */
+#define X86_FEATURE_PTI        ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nopti */
 
 /* Virtualization flags: Linux defined, word 8 */
 #define X86_FEATURE_TPR_SHADOW  ( 8*32+ 0) /* Intel TPR Shadow */

diff --git a/arch/x86/include/asm/kaiser.h b/arch/x86/include/asm/kaiser.h
index 802bbbdfe14313eed1c3bdb1235475aed472de00..5d85ddf261667e1ebee793827d7b6fc509250633 100644 (file)
--- a/arch/x86/include/asm/kaiser.h
+++ b/arch/x86/include/asm/kaiser.h
@@ -47,14 +47,14 @@ movq \reg, %cr3
 .endm
 
 .macro SWITCH_KERNEL_CR3
-ALTERNATIVE "jmp 8f", "pushq %rax", X86_FEATURE_KAISER
+ALTERNATIVE "jmp 8f", "pushq %rax", X86_FEATURE_PTI
 _SWITCH_TO_KERNEL_CR3 %rax
 popq %rax
 8:
 .endm
 
 .macro SWITCH_USER_CR3
-ALTERNATIVE "jmp 8f", "pushq %rax", X86_FEATURE_KAISER
+ALTERNATIVE "jmp 8f", "pushq %rax", X86_FEATURE_PTI
 _SWITCH_TO_USER_CR3 %rax %al
 popq %rax
 8:
@@ -63,7 +63,7 @@ popq %rax
 .macro SWITCH_KERNEL_CR3_NO_STACK
 ALTERNATIVE "jmp 8f", \
        __stringify(movq %rax, PER_CPU_VAR(unsafe_stack_register_backup)), \
-       X86_FEATURE_KAISER
+       X86_FEATURE_PTI
 _SWITCH_TO_KERNEL_CR3 %rax
 movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
 8:

diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
index b0b13f6ed83275804088b2204009e95a60921b3d..d52ec3c33b41e3d53e397a0c98a96dc1f1026edc 100644 (file)
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -1498,7 +1498,7 @@ ENTRY(paranoid_entry)
         * unconditionally, but we need to find out whether the reverse
         * should be done on return (conveyed to paranoid_exit in %ebx).
         */
-       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
+       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_PTI
        testl   $KAISER_SHADOW_PGD_OFFSET, %eax
        jz      2f
        orl     $2, %ebx
@@ -1533,7 +1533,7 @@ ENTRY(paranoid_exit)
        TRACE_IRQS_OFF_DEBUG
        TRACE_IRQS_IRETQ_DEBUG
 #ifdef CONFIG_PAGE_TABLE_ISOLATION
-       /* No ALTERNATIVE for X86_FEATURE_KAISER: paranoid_entry sets %ebx */
+       /* No ALTERNATIVE for X86_FEATURE_PTI: paranoid_entry sets %ebx */
        testl   $2, %ebx                        /* SWITCH_USER_CR3 needed? */
        jz      paranoid_exit_no_switch
        SWITCH_USER_CR3
@@ -1743,7 +1743,7 @@ ENTRY(nmi)
 #ifdef CONFIG_PAGE_TABLE_ISOLATION
        /* Unconditionally use kernel CR3 for do_nmi() */
        /* %rax is saved above, so OK to clobber here */
-       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
+       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_PTI
        /* If PCID enabled, NOFLUSH now and NOFLUSH on return */
        ALTERNATIVE "", "bts $63, %rax", X86_FEATURE_PCID
        pushq   %rax
@@ -1761,7 +1761,7 @@ ENTRY(nmi)
         * kernel code that needs user CR3, but do we ever return
         * to "user mode" where we need the kernel CR3?
         */
-       ALTERNATIVE "", "popq %rax; movq %rax, %cr3", X86_FEATURE_KAISER
+       ALTERNATIVE "", "popq %rax; movq %rax, %cr3", X86_FEATURE_PTI
 #endif
        /*
         * Return back to user mode.  We must *not* do the normal exit
@@ -1984,7 +1984,7 @@ end_repeat_nmi:
 #ifdef CONFIG_PAGE_TABLE_ISOLATION
        /* Unconditionally use kernel CR3 for do_nmi() */
        /* %rax is saved above, so OK to clobber here */
-       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER
+       ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_PTI
        /* If PCID enabled, NOFLUSH now and NOFLUSH on return */
        ALTERNATIVE "", "bts $63, %rax", X86_FEATURE_PCID
        pushq   %rax
@@ -2004,7 +2004,7 @@ end_repeat_nmi:
         * kernel code that needs user CR3, like just just before
         * a sysret.
         */
-       ALTERNATIVE "", "popq %rax; movq %rax, %cr3", X86_FEATURE_KAISER
+       ALTERNATIVE "", "popq %rax; movq %rax, %cr3", X86_FEATURE_PTI
 #endif
        testl %ebx,%ebx                         /* swapgs needed? */
        jnz nmi_restore

diff --git a/arch/x86/mm/kaiser.c b/arch/x86/mm/kaiser.c
index e978ae1c2a2758323d6f611bad937a4432804e20..9946a34130d94d1d15efd3ab6c456637dd2527f8 100644 (file)
--- a/arch/x86/mm/kaiser.c
+++ b/arch/x86/mm/kaiser.c
@@ -291,14 +291,14 @@ skip:
 
 enable:
        if (enable)
-               setup_force_cpu_cap(X86_FEATURE_KAISER);
+               setup_force_cpu_cap(X86_FEATURE_PTI);
 
        return;
 
 disable:
        pr_info("disabled\n");
        kaiser_enabled = 0;
-       setup_clear_cpu_cap(X86_FEATURE_KAISER);
+       setup_clear_cpu_cap(X86_FEATURE_PTI);
 }
 
 /*