1 files changed, 0 insertions, 78 deletions

diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0050-x86-cpufeatures-Add-X86_BUG_CPU_INSECURE.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0050-x86-cpufeatures-Add-X86_BUG_CPU_INSECURE.patch
deleted file mode 100644
index e1a6c9c2..00000000
--- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0050-x86-cpufeatures-Add-X86_BUG_CPU_INSECURE.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From fe82bc0584bd60ca76418293ee2c3436b56ce3eb Mon Sep 17 00:00:00 2001
-From: Thomas Gleixner <tglx@linutronix.de>
-Date: Mon, 4 Dec 2017 15:07:33 +0100
-Subject: [PATCH 050/103] x86/cpufeatures: Add X86_BUG_CPU_INSECURE
-
-commit a89f040fa34ec9cd682aed98b8f04e3c47d998bd upstream.
-
-Many x86 CPUs leak information to user space due to missing isolation of
-user space and kernel space page tables. There are many well documented
-ways to exploit that.
-
-The upcoming software migitation of isolating the user and kernel space
-page tables needs a misfeature flag so code can be made runtime
-conditional.
-
-Add the BUG bits which indicates that the CPU is affected and add a feature
-bit which indicates that the software migitation is enabled.
-
-Assume for now that _ALL_ x86 CPUs are affected by this. Exceptions can be
-made later.
-
-Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
-Cc: Andy Lutomirski <luto@kernel.org>
-Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
-Cc: Borislav Petkov <bp@alien8.de>
-Cc: Brian Gerst <brgerst@gmail.com>
-Cc: Dave Hansen <dave.hansen@linux.intel.com>
-Cc: David Laight <David.Laight@aculab.com>
-Cc: Denys Vlasenko <dvlasenk@redhat.com>
-Cc: Eduardo Valentin <eduval@amazon.com>
-Cc: Greg KH <gregkh@linuxfoundation.org>
-Cc: H. Peter Anvin <hpa@zytor.com>
-Cc: Josh Poimboeuf <jpoimboe@redhat.com>
-Cc: Juergen Gross <jgross@suse.com>
-Cc: Linus Torvalds <torvalds@linux-foundation.org>
-Cc: Peter Zijlstra <peterz@infradead.org>
-Cc: Will Deacon <will.deacon@arm.com>
-Cc: aliguori@amazon.com
-Cc: daniel.gruss@iaik.tugraz.at
-Cc: hughd@google.com
-Cc: keescook@google.com
-Signed-off-by: Ingo Molnar <mingo@kernel.org>
-Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- arch/x86/include/asm/cpufeatures.h | 1 +
- arch/x86/kernel/cpu/common.c       | 4 ++++
- 2 files changed, 5 insertions(+)
-
-diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
-index 454a37a..57bd52c 100644
---- a/arch/x86/include/asm/cpufeatures.h
-+++ b/arch/x86/include/asm/cpufeatures.h
-@@ -316,5 +316,6 @@
- #define X86_BUG_SWAPGS_FENCE	X86_BUG(11) /* SWAPGS without input dep on GS */
- #define X86_BUG_MONITOR		X86_BUG(12) /* IPI required to wake up remote CPU */
- #define X86_BUG_AMD_E400	X86_BUG(13) /* CPU is among the affected by Erratum 400 */
-+#define X86_BUG_CPU_INSECURE	X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
- 
- #endif /* _ASM_X86_CPUFEATURES_H */
-diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
-index ba9b601..8c81adc 100644
---- a/arch/x86/kernel/cpu/common.c
-+++ b/arch/x86/kernel/cpu/common.c
-@@ -882,6 +882,10 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
- 	}
- 
- 	setup_force_cpu_cap(X86_FEATURE_ALWAYS);
-+
-+	/* Assume for now that ALL x86 CPUs are insecure */
-+	setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
-+
- 	fpu__init_system(c);
- }
- 
--- 
-2.7.4
-