releases/3.2.98/kpti-rename-to-page_table_isolation.patch - pub/scm/linux/kernel/git/bwh/linux-stable-queue - Git at Google

 From: Kees Cook <keescook@chromium.org>
 Date: Thu, 4 Jan 2018 01:14:24 +0000
 Subject: KPTI: Rename to PAGE_TABLE_ISOLATION

 This renames CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION.

 Signed-off-by: Kees Cook <keescook@chromium.org>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 [bwh: Backported to 3.2]
 Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 ---
  arch/x86/boot/compressed/misc.h           |  2 +-
  arch/x86/include/asm/cpufeature.h         |  2 +-
  arch/x86/include/asm/kaiser.h             | 12 ++++++------
  arch/x86/include/asm/pgtable.h            |  4 ++--
  arch/x86/include/asm/pgtable_64.h         |  4 ++--
  arch/x86/include/asm/pgtable_types.h      |  2 +-
  arch/x86/include/asm/tlbflush.h           |  2 +-
  arch/x86/kernel/cpu/perf_event_intel_ds.c |  4 ++--
  arch/x86/kernel/entry_64.S                |  6 +++---
  arch/x86/kernel/head_64.S                 |  2 +-
  arch/x86/mm/Makefile                      |  2 +-
  include/linux/kaiser.h                    |  6 +++---
  include/linux/percpu-defs.h               |  2 +-
  security/Kconfig                          |  2 +-
  14 files changed, 26 insertions(+), 26 deletions(-)

 diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
 index 2fa2635ee539..ac9ae2289f23 100644
 --- a/arch/x86/boot/compressed/misc.h
 +++ b/arch/x86/boot/compressed/misc.h
 @@ -7,7 +7,7 @@
   * we just keep it from happening
   */
  #undef CONFIG_PARAVIRT
 -#undef CONFIG_KAISER
 +#undef CONFIG_PAGE_TABLE_ISOLATION
  #ifdef CONFIG_X86_32
  #define _ASM_X86_DESC_H 1
  #endif
 diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
 index cb967c9db459..5d1b51652d3a 100644
 --- a/arch/x86/include/asm/cpufeature.h
 +++ b/arch/x86/include/asm/cpufeature.h
 @@ -179,7 +179,7 @@
  #define X86_FEATURE_INVPCID_SINGLE (7*32+ 8) /* Effectively INVPCID && CR4.PCIDE=1 */

  /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
 -#define X86_FEATURE_KAISER	( 7*32+31) /* "" CONFIG_KAISER w/o nokaiser */
 +#define X86_FEATURE_KAISER	( 7*32+31) /* "" CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */

  /* Virtualization flags: Linux defined, word 8 */
  #define X86_FEATURE_TPR_SHADOW  (8*32+ 0) /* Intel TPR Shadow */
 diff --git a/arch/x86/include/asm/kaiser.h b/arch/x86/include/asm/kaiser.h
 index c71a481ee20a..de6fd8166662 100644
 --- a/arch/x86/include/asm/kaiser.h
 +++ b/arch/x86/include/asm/kaiser.h
 @@ -20,7 +20,7 @@
  #define KAISER_SHADOW_PGD_OFFSET 0x1000

  #ifdef __ASSEMBLY__
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION

  .macro _SWITCH_TO_KERNEL_CR3 reg
  movq %cr3, \reg
 @@ -69,7 +69,7 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
  8:
  .endm

 -#else /* CONFIG_KAISER */
 +#else /* CONFIG_PAGE_TABLE_ISOLATION */

  .macro SWITCH_KERNEL_CR3
  .endm
 @@ -78,11 +78,11 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
  .macro SWITCH_KERNEL_CR3_NO_STACK
  .endm

 -#endif /* CONFIG_KAISER */
 +#endif /* CONFIG_PAGE_TABLE_ISOLATION */

  #else /* __ASSEMBLY__ */

 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  /*
   * Upon kernel/user mode switch, it may happen that the address
   * space has to be switched before the registers have been
 @@ -100,10 +100,10 @@ extern void __init kaiser_check_boottime_disable(void);
  #else
  #define kaiser_enabled	0
  static inline void __init kaiser_check_boottime_disable(void) {}
 -#endif /* CONFIG_KAISER */
 +#endif /* CONFIG_PAGE_TABLE_ISOLATION */

  /*
 - * Kaiser function prototypes are needed even when CONFIG_KAISER is not set,
 + * Kaiser function prototypes are needed even when CONFIG_PAGE_TABLE_ISOLATION is not set,
   * so as to build with tests on kaiser_enabled instead of #ifdefs.
   */

 diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
 index a467c19e64b5..859dc4ae92ea 100644
 --- a/arch/x86/include/asm/pgtable.h
 +++ b/arch/x86/include/asm/pgtable.h
 @@ -17,7 +17,7 @@
  #ifndef __ASSEMBLY__

  #include <asm/x86_init.h>
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  extern int kaiser_enabled;
  #else
  #define kaiser_enabled 0
 @@ -786,7 +786,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
  static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count)
  {
  	memcpy(dst, src, count * sizeof(pgd_t));
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	if (kaiser_enabled) {
  		/* Clone the shadow pgd part as well */
  		memcpy(native_get_shadow_pgd(dst),
 diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h
 index a4a2b700a4e6..f810cca32c51 100644
 --- a/arch/x86/include/asm/pgtable_64.h
 +++ b/arch/x86/include/asm/pgtable_64.h
 @@ -105,7 +105,7 @@ static inline void native_pud_clear(pud_t *pud)
  	native_set_pud(pud, native_make_pud(0));
  }

 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  extern pgd_t kaiser_set_shadow_pgd(pgd_t *pgdp, pgd_t pgd);

  static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp)
 @@ -125,7 +125,7 @@ static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp)
  {
  	return NULL;
  }
 -#endif /* CONFIG_KAISER */
 +#endif /* CONFIG_PAGE_TABLE_ISOLATION */

  static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
  {
 diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h
 index 3a3c6d014696..34501e647214 100644
 --- a/arch/x86/include/asm/pgtable_types.h
 +++ b/arch/x86/include/asm/pgtable_types.h
 @@ -81,7 +81,7 @@
  #define X86_CR3_PCID_MASK       (X86_CR3_PCID_NOFLUSH | X86_CR3_PCID_ASID_MASK)
  #define X86_CR3_PCID_ASID_KERN  (_AC(0x0,UL))

 -#if defined(CONFIG_KAISER) && defined(CONFIG_X86_64)
 +#if defined(CONFIG_PAGE_TABLE_ISOLATION) && defined(CONFIG_X86_64)
  /* Let X86_CR3_PCID_ASID_USER be usable for the X86_CR3_PCID_NOFLUSH bit */
  #define X86_CR3_PCID_ASID_USER	(_AC(0x80,UL))

 diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
 index 88d849e51d72..e680388b0ea7 100644
 --- a/arch/x86/include/asm/tlbflush.h
 +++ b/arch/x86/include/asm/tlbflush.h
 @@ -68,7 +68,7 @@ static inline void invpcid_flush_all_nonglobals(void)
   * Declare a couple of kaiser interfaces here for convenience,
   * to avoid the need for asm/kaiser.h in unexpected places.
   */
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  extern int kaiser_enabled;
  extern void kaiser_setup_pcid(void);
  extern void kaiser_flush_tlb_on_return_to_user(void);
 diff --git a/arch/x86/kernel/cpu/perf_event_intel_ds.c b/arch/x86/kernel/cpu/perf_event_intel_ds.c
 index fb933cdca184..721d236d0c1e 100644
 --- a/arch/x86/kernel/cpu/perf_event_intel_ds.c
 +++ b/arch/x86/kernel/cpu/perf_event_intel_ds.c
 @@ -66,7 +66,7 @@ void fini_debug_store_on_cpu(int cpu)

  static void *dsalloc(size_t size, gfp_t flags, int node)
  {
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	unsigned int order = get_order(size);
  	struct page *page;
  	unsigned long addr;
 @@ -87,7 +87,7 @@ static void *dsalloc(size_t size, gfp_t flags, int node)

  static void dsfree(const void *buffer, size_t size)
  {
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	if (!buffer)
  		return;
  	kaiser_remove_mapping((unsigned long)buffer, size);
 diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
 index 81049db49e37..b232bfcf44fb 100644
 --- a/arch/x86/kernel/entry_64.S
 +++ b/arch/x86/kernel/entry_64.S
 @@ -398,7 +398,7 @@ ENTRY(save_paranoid)
  	SWAPGS
  	xorl %ebx,%ebx
  1:
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	/*
  	 * We might have come in between a swapgs and a SWITCH_KERNEL_CR3
  	 * on entry, or between a SWITCH_USER_CR3 and a swapgs on exit.
 @@ -1430,7 +1430,7 @@ ENTRY(paranoid_exit)
  paranoid_kernel:
  	movq	%r12, %rbx		/* restore after paranoid_userspace */
  	TRACE_IRQS_IRETQ 0
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	/* No ALTERNATIVE for X86_FEATURE_KAISER: save_paranoid sets %ebx */
  	testl	$2, %ebx		/* SWITCH_USER_CR3 needed? */
  	jz	paranoid_exit_no_switch
 @@ -1600,7 +1600,7 @@ ENTRY(nmi)
  	jnz	nmi_userspace
  nmi_kernel:
  	movq	%r12, %rbx		/* restore after nmi_userspace */
 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  	/* No ALTERNATIVE for X86_FEATURE_KAISER: save_paranoid sets %ebx */
  	testl	$2, %ebx		/* SWITCH_USER_CR3 needed? */
  	jz	nmi_exit_no_switch
 diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
 index 28aef29c42de..1de317b20fac 100644
 --- a/arch/x86/kernel/head_64.S
 +++ b/arch/x86/kernel/head_64.S
 @@ -338,7 +338,7 @@ ENTRY(early_idt_handler)
  	.balign	PAGE_SIZE; \
  ENTRY(name)

 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  /*
   * Each PGD needs to be 8k long and 8k aligned.  We do not
   * ever go out to userspace with these, so we do not
 diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile
 index c9a00a5e0b87..08505d201bbe 100644
 --- a/arch/x86/mm/Makefile
 +++ b/arch/x86/mm/Makefile
 @@ -29,4 +29,4 @@ obj-$(CONFIG_NUMA_EMU)		+= numa_emulation.o
  obj-$(CONFIG_HAVE_MEMBLOCK)		+= memblock.o

  obj-$(CONFIG_MEMTEST)		+= memtest.o
 -obj-$(CONFIG_KAISER)		+= kaiser.o
 +obj-$(CONFIG_PAGE_TABLE_ISOLATION)		+= kaiser.o
 diff --git a/include/linux/kaiser.h b/include/linux/kaiser.h
 index 4a4d6d911a14..58c55b1589d0 100644
 --- a/include/linux/kaiser.h
 +++ b/include/linux/kaiser.h
 @@ -1,7 +1,7 @@
  #ifndef _LINUX_KAISER_H
  #define _LINUX_KAISER_H

 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  #include <asm/kaiser.h>

  static inline int kaiser_map_thread_stack(void *stack)
 @@ -24,7 +24,7 @@ static inline void kaiser_unmap_thread_stack(void *stack)
  #else

  /*
 - * These stubs are used whenever CONFIG_KAISER is off, which
 + * These stubs are used whenever CONFIG_PAGE_TABLE_ISOLATION is off, which
   * includes architectures that support KAISER, but have it disabled.
   */

 @@ -48,5 +48,5 @@ static inline void kaiser_unmap_thread_stack(void *stack)
  {
  }

 -#endif /* !CONFIG_KAISER */
 +#endif /* !CONFIG_PAGE_TABLE_ISOLATION */
  #endif /* _LINUX_KAISER_H */
 diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h
 index 56f5eeb78d1d..ea0c9148f624 100644
 --- a/include/linux/percpu-defs.h
 +++ b/include/linux/percpu-defs.h
 @@ -28,7 +28,7 @@
  	(void)__vpp_verify;						\
  } while (0)

 -#ifdef CONFIG_KAISER
 +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  #define USER_MAPPED_SECTION "..user_mapped"
  #else
  #define USER_MAPPED_SECTION ""
 diff --git a/security/Kconfig b/security/Kconfig
 index 4b05ddcce22c..b9bc07d97b15 100644
 --- a/security/Kconfig
 +++ b/security/Kconfig
 @@ -96,7 +96,7 @@ config SECURITY

  	  If you are unsure how to answer this question, answer N.

 -config KAISER
 +config PAGE_TABLE_ISOLATION
  	bool "Remove the kernel mapping in user mode"
  	default y
  	depends on X86_64 && SMP
	From: Kees Cook <keescook@chromium.org>
	Date: Thu, 4 Jan 2018 01:14:24 +0000
	Subject: KPTI: Rename to PAGE_TABLE_ISOLATION

	This renames CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION.

	Signed-off-by: Kees Cook <keescook@chromium.org>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	[bwh: Backported to 3.2]
	Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
	---
	arch/x86/boot/compressed/misc.h \| 2 +-
	arch/x86/include/asm/cpufeature.h \| 2 +-
	arch/x86/include/asm/kaiser.h \| 12 ++++++------
	arch/x86/include/asm/pgtable.h \| 4 ++--
	arch/x86/include/asm/pgtable_64.h \| 4 ++--
	arch/x86/include/asm/pgtable_types.h \| 2 +-
	arch/x86/include/asm/tlbflush.h \| 2 +-
	arch/x86/kernel/cpu/perf_event_intel_ds.c \| 4 ++--
	arch/x86/kernel/entry_64.S \| 6 +++---
	arch/x86/kernel/head_64.S \| 2 +-
	arch/x86/mm/Makefile \| 2 +-
	include/linux/kaiser.h \| 6 +++---
	include/linux/percpu-defs.h \| 2 +-
	security/Kconfig \| 2 +-
	14 files changed, 26 insertions(+), 26 deletions(-)

	diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
	index 2fa2635ee539..ac9ae2289f23 100644
	--- a/arch/x86/boot/compressed/misc.h
	+++ b/arch/x86/boot/compressed/misc.h
	@@ -7,7 +7,7 @@
	* we just keep it from happening
	*/
	#undef CONFIG_PARAVIRT
	-#undef CONFIG_KAISER
	+#undef CONFIG_PAGE_TABLE_ISOLATION
	#ifdef CONFIG_X86_32
	#define _ASM_X86_DESC_H 1
	#endif
	diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
	index cb967c9db459..5d1b51652d3a 100644
	--- a/arch/x86/include/asm/cpufeature.h
	+++ b/arch/x86/include/asm/cpufeature.h
	@@ -179,7 +179,7 @@
	#define X86_FEATURE_INVPCID_SINGLE (732+ 8) / Effectively INVPCID && CR4.PCIDE=1 */

	/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
	-#define X86_FEATURE_KAISER ( 732+31) / "" CONFIG_KAISER w/o nokaiser */
	+#define X86_FEATURE_KAISER ( 732+31) / "" CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */

	/* Virtualization flags: Linux defined, word 8 */
	#define X86_FEATURE_TPR_SHADOW (832+ 0) / Intel TPR Shadow */
	diff --git a/arch/x86/include/asm/kaiser.h b/arch/x86/include/asm/kaiser.h
	index c71a481ee20a..de6fd8166662 100644
	--- a/arch/x86/include/asm/kaiser.h
	+++ b/arch/x86/include/asm/kaiser.h
	@@ -20,7 +20,7 @@
	#define KAISER_SHADOW_PGD_OFFSET 0x1000

	#ifdef __ASSEMBLY__
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION

	.macro _SWITCH_TO_KERNEL_CR3 reg
	movq %cr3, \reg
	@@ -69,7 +69,7 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
	8:
	.endm

	-#else /* CONFIG_KAISER */
	+#else /* CONFIG_PAGE_TABLE_ISOLATION */

	.macro SWITCH_KERNEL_CR3
	.endm
	@@ -78,11 +78,11 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
	.macro SWITCH_KERNEL_CR3_NO_STACK
	.endm

	-#endif /* CONFIG_KAISER */
	+#endif /* CONFIG_PAGE_TABLE_ISOLATION */

	#else /* __ASSEMBLY__ */

	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	/*
	* Upon kernel/user mode switch, it may happen that the address
	* space has to be switched before the registers have been
	@@ -100,10 +100,10 @@ extern void __init kaiser_check_boottime_disable(void);
	#else
	#define kaiser_enabled 0
	static inline void __init kaiser_check_boottime_disable(void) {}
	-#endif /* CONFIG_KAISER */
	+#endif /* CONFIG_PAGE_TABLE_ISOLATION */

	/*
	- * Kaiser function prototypes are needed even when CONFIG_KAISER is not set,
	+ * Kaiser function prototypes are needed even when CONFIG_PAGE_TABLE_ISOLATION is not set,
	* so as to build with tests on kaiser_enabled instead of #ifdefs.
	*/

	diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
	index a467c19e64b5..859dc4ae92ea 100644
	--- a/arch/x86/include/asm/pgtable.h
	+++ b/arch/x86/include/asm/pgtable.h
	@@ -17,7 +17,7 @@
	#ifndef __ASSEMBLY__

	#include <asm/x86_init.h>
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	extern int kaiser_enabled;
	#else
	#define kaiser_enabled 0
	@@ -786,7 +786,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
	static inline void clone_pgd_range(pgd_t dst, pgd_t src, int count)
	{
	memcpy(dst, src, count * sizeof(pgd_t));
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	if (kaiser_enabled) {
	/* Clone the shadow pgd part as well */
	memcpy(native_get_shadow_pgd(dst),
	diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h
	index a4a2b700a4e6..f810cca32c51 100644
	--- a/arch/x86/include/asm/pgtable_64.h
	+++ b/arch/x86/include/asm/pgtable_64.h
	@@ -105,7 +105,7 @@ static inline void native_pud_clear(pud_t *pud)
	native_set_pud(pud, native_make_pud(0));
	}

	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	extern pgd_t kaiser_set_shadow_pgd(pgd_t *pgdp, pgd_t pgd);

	static inline pgd_t native_get_shadow_pgd(pgd_t pgdp)
	@@ -125,7 +125,7 @@ static inline pgd_t native_get_shadow_pgd(pgd_t pgdp)
	{
	return NULL;
	}
	-#endif /* CONFIG_KAISER */
	+#endif /* CONFIG_PAGE_TABLE_ISOLATION */

	static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
	{
	diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h
	index 3a3c6d014696..34501e647214 100644
	--- a/arch/x86/include/asm/pgtable_types.h
	+++ b/arch/x86/include/asm/pgtable_types.h
	@@ -81,7 +81,7 @@
	#define X86_CR3_PCID_MASK (X86_CR3_PCID_NOFLUSH \| X86_CR3_PCID_ASID_MASK)
	#define X86_CR3_PCID_ASID_KERN (_AC(0x0,UL))

	-#if defined(CONFIG_KAISER) && defined(CONFIG_X86_64)
	+#if defined(CONFIG_PAGE_TABLE_ISOLATION) && defined(CONFIG_X86_64)
	/* Let X86_CR3_PCID_ASID_USER be usable for the X86_CR3_PCID_NOFLUSH bit */
	#define X86_CR3_PCID_ASID_USER (_AC(0x80,UL))

	diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
	index 88d849e51d72..e680388b0ea7 100644
	--- a/arch/x86/include/asm/tlbflush.h
	+++ b/arch/x86/include/asm/tlbflush.h
	@@ -68,7 +68,7 @@ static inline void invpcid_flush_all_nonglobals(void)
	* Declare a couple of kaiser interfaces here for convenience,
	* to avoid the need for asm/kaiser.h in unexpected places.
	*/
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	extern int kaiser_enabled;
	extern void kaiser_setup_pcid(void);
	extern void kaiser_flush_tlb_on_return_to_user(void);
	diff --git a/arch/x86/kernel/cpu/perf_event_intel_ds.c b/arch/x86/kernel/cpu/perf_event_intel_ds.c
	index fb933cdca184..721d236d0c1e 100644
	--- a/arch/x86/kernel/cpu/perf_event_intel_ds.c
	+++ b/arch/x86/kernel/cpu/perf_event_intel_ds.c
	@@ -66,7 +66,7 @@ void fini_debug_store_on_cpu(int cpu)

	static void *dsalloc(size_t size, gfp_t flags, int node)
	{
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	unsigned int order = get_order(size);
	struct page *page;
	unsigned long addr;
	@@ -87,7 +87,7 @@ static void *dsalloc(size_t size, gfp_t flags, int node)

	static void dsfree(const void *buffer, size_t size)
	{
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	if (!buffer)
	return;
	kaiser_remove_mapping((unsigned long)buffer, size);
	diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
	index 81049db49e37..b232bfcf44fb 100644
	--- a/arch/x86/kernel/entry_64.S
	+++ b/arch/x86/kernel/entry_64.S
	@@ -398,7 +398,7 @@ ENTRY(save_paranoid)
	SWAPGS
	xorl %ebx,%ebx
	1:
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	/*
	* We might have come in between a swapgs and a SWITCH_KERNEL_CR3
	* on entry, or between a SWITCH_USER_CR3 and a swapgs on exit.
	@@ -1430,7 +1430,7 @@ ENTRY(paranoid_exit)
	paranoid_kernel:
	movq %r12, %rbx /* restore after paranoid_userspace */
	TRACE_IRQS_IRETQ 0
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	/* No ALTERNATIVE for X86_FEATURE_KAISER: save_paranoid sets %ebx */
	testl $2, %ebx /* SWITCH_USER_CR3 needed? */
	jz paranoid_exit_no_switch
	@@ -1600,7 +1600,7 @@ ENTRY(nmi)
	jnz nmi_userspace
	nmi_kernel:
	movq %r12, %rbx /* restore after nmi_userspace */
	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	/* No ALTERNATIVE for X86_FEATURE_KAISER: save_paranoid sets %ebx */
	testl $2, %ebx /* SWITCH_USER_CR3 needed? */
	jz nmi_exit_no_switch
	diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
	index 28aef29c42de..1de317b20fac 100644
	--- a/arch/x86/kernel/head_64.S
	+++ b/arch/x86/kernel/head_64.S
	@@ -338,7 +338,7 @@ ENTRY(early_idt_handler)
	.balign PAGE_SIZE; \
	ENTRY(name)

	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	/*
	* Each PGD needs to be 8k long and 8k aligned. We do not
	* ever go out to userspace with these, so we do not
	diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile
	index c9a00a5e0b87..08505d201bbe 100644
	--- a/arch/x86/mm/Makefile
	+++ b/arch/x86/mm/Makefile
	@@ -29,4 +29,4 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o
	obj-$(CONFIG_HAVE_MEMBLOCK) += memblock.o

	obj-$(CONFIG_MEMTEST) += memtest.o
	-obj-$(CONFIG_KAISER) += kaiser.o
	+obj-$(CONFIG_PAGE_TABLE_ISOLATION) += kaiser.o
	diff --git a/include/linux/kaiser.h b/include/linux/kaiser.h
	index 4a4d6d911a14..58c55b1589d0 100644
	--- a/include/linux/kaiser.h
	+++ b/include/linux/kaiser.h
	@@ -1,7 +1,7 @@
	#ifndef _LINUX_KAISER_H
	#define _LINUX_KAISER_H

	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	#include <asm/kaiser.h>

	static inline int kaiser_map_thread_stack(void *stack)
	@@ -24,7 +24,7 @@ static inline void kaiser_unmap_thread_stack(void *stack)
	#else

	/*
	- * These stubs are used whenever CONFIG_KAISER is off, which
	+ * These stubs are used whenever CONFIG_PAGE_TABLE_ISOLATION is off, which
	* includes architectures that support KAISER, but have it disabled.
	*/

	@@ -48,5 +48,5 @@ static inline void kaiser_unmap_thread_stack(void *stack)
	{
	}

	-#endif /* !CONFIG_KAISER */
	+#endif /* !CONFIG_PAGE_TABLE_ISOLATION */
	#endif /* _LINUX_KAISER_H */
	diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h
	index 56f5eeb78d1d..ea0c9148f624 100644
	--- a/include/linux/percpu-defs.h
	+++ b/include/linux/percpu-defs.h
	@@ -28,7 +28,7 @@
	(void)__vpp_verify; \
	} while (0)

	-#ifdef CONFIG_KAISER
	+#ifdef CONFIG_PAGE_TABLE_ISOLATION
	#define USER_MAPPED_SECTION "..user_mapped"
	#else
	#define USER_MAPPED_SECTION ""
	diff --git a/security/Kconfig b/security/Kconfig
	index 4b05ddcce22c..b9bc07d97b15 100644
	--- a/security/Kconfig
	+++ b/security/Kconfig
	@@ -96,7 +96,7 @@ config SECURITY

	If you are unsure how to answer this question, answer N.

	-config KAISER
	+config PAGE_TABLE_ISOLATION
	bool "Remove the kernel mapping in user mode"
	default y
	depends on X86_64 && SMP