1. Patchew
  2. linux
  3. View series

[PATCH v2 0/1] x86/pti: Fix kernel warnings for pti= and nopti cmdline options.

Jo Van Bulck posted 1 patch 2 years, 4 months ago
There is a newer version of this series
arch/x86/mm/pti.c | 55 ++++++++++++++++++++++++-----------------------
1 file changed, 28 insertions(+), 27 deletions(-)
[PATCH v2 0/1] x86/pti: Fix kernel warnings for pti= and nopti cmdline options.
Posted by Jo Van Bulck 2 years, 4 months ago 
Hi,

This is the third iteration of a patch to improve the cmdline option parsing
for PTI. This reverts largely back to the first iteration and cleans up the
code to remove any attempts at backwards compatible behavior for clearly
conflicting options when users erroneously combine pti= nopti and
mitigations=off as per Dave's suggestions [1].

[1] https://lore.kernel.org/all/b9bbb279-fa8f-0784-900f-114ce186cbb3@intel.com/

Behavior
--------

For reference, behavior with this patch is now as follows in case of any
conflicting options.

1. Latest in order of nopti pti= takes priority:

KERNEL_CMDLINE="nopti pti=on"
[    0.021779] Kernel/User page tables isolation: enabled
Mitigation: PTI

KERNEL_CMDLINE="pti=on nopti"
[    0.010289] Kernel/User page tables isolation: disabled on command line.
Vulnerable

2. Passing mitigations=off will unconditionally disable PTI:

KERNEL_CMDLINE="mitigations=off pti=on"
[    0.008331] Kernel/User page tables isolation: disabled on command line.
Vulnerable

KERNEL_CMDLINE="pti=on mitigations=off"
[    0.008495] Kernel/User page tables isolation: disabled on command line.
Vulnerable

Changelog
---------

v3
  - Revert backwards compatibility ugliness for conflicting options (Dave)

v2
  - Split pti=off and mitigations=off checks (Sohil)
  - Ensure backwards compatibility for conflicting options (Sohil)

Best,
Jo

Jo Van Bulck (1):
  x86/pti: Fix kernel warnings for pti= and nopti cmdline options.

 arch/x86/mm/pti.c | 55 ++++++++++++++++++++++++-----------------------
 1 file changed, 28 insertions(+), 27 deletions(-)

-- 
2.25.1
Re: [PATCH v2 0/1] x86/pti: Fix kernel warnings for pti= and nopti cmdline options.
Posted by Sohil Mehta 2 years, 4 months ago 
Hi Jo,

On 8/12/2023 8:54 AM, Jo Van Bulck wrote:
> Hi,
> 
> This is the third iteration of a patch to improve the cmdline option parsing
> for PTI.

You missed updating the version number in the cover letter subject.
Also, it is useful to have the version number in the individual patch
subject as well. (Just something to keep in mind for future patches.)

Usually git takes care of it automatically, if you do this:

	git format-patch --cover-letter -v3 -1 -o patches/

Sohil
Re: [PATCH v2 0/1] x86/pti: Fix kernel warnings for pti= and nopti cmdline options.
Posted by Jo Van Bulck 2 years, 4 months ago 
On 14.08.23 13:43, Sohil Mehta wrote:
> You missed updating the version number in the cover letter subject.
> Also, it is useful to have the version number in the individual patch
> subject as well. (Just something to keep in mind for future patches.)
> 
> Usually git takes care of it automatically, if you do this:
> 
> 	git format-patch --cover-letter -v3 -1 -o patches/

Thank you for catching this and pointing out the git option, this is 
indeed very helpful to keep in mind!

Best,
Jo

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.