On Wed, 2018-01-03 at 21:11 +0100, Greg Kroah-Hartman wrote:
> 4.9-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Borislav Petkov <bp@xxxxxxx>
>
>
> AMD (and possibly other vendors) are not affected by the leak
> KAISER is protecting against.
[...]
> +void __init kaiser_check_boottime_disable(void)
> +{
> + bool enable = true;
> + char arg[5];
> + int ret;
> +
> + ret = cmdline_find_option(boot_command_line, "pti", arg, sizeof(arg));
> + if (ret > 0) {
> + if (!strncmp(arg, "on", 2))
> + goto enable;
> +
> + if (!strncmp(arg, "off", 3))
> + goto disable;
> +
> + if (!strncmp(arg, "auto", 4))
> + goto skip;
> + }
> +
> + if (cmdline_find_option_bool(boot_command_line, "nopti"))
> + goto disable;
> +
> +skip:
> + if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD)
> + goto disable;
[...]
No such exception has been added upstream, so I don't think it's
appropriate to add it in stable.
Ben.
--
Ben Hutchings
Quantity is no substitute for quality, but it's the only one we've got.
Attachment:
signature.asc
Description: This is a digitally signed message part