* [PATCH] arm64: Avoid enabling KPTI unnecessarily
@ 2023-11-27 10:21 Ard Biesheuvel
2023-11-27 10:33 ` Marc Zyngier
2023-11-27 11:10 ` Mark Rutland
0 siblings, 2 replies; 4+ messages in thread
From: Ard Biesheuvel @ 2023-11-27 10:21 UTC (permalink / raw)
To: linux-arm-kernel; +Cc: catalin.marinas, will, maz, mark.rutland, Ard Biesheuvel
From: Ard Biesheuvel <ardb@kernel.org>
Commit 42c5a3b04bf6 refactored the KPTI init code in a way that results
in the use of non-global kernel mappings even on systems that have no
need for it, and even when KPTI has been disabled explicitly via the
command line.
Ensure that this only happens when we have decided (based on the
detected CPU features) that KPTI should be enabled.
Fixes: 42c5a3b04bf6 ("arm64: Split kpti_install_ng_mappings()")
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/arm64/kernel/cpufeature.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 646591c67e7a..4b1762b9c37c 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -3352,7 +3352,8 @@ void __init setup_system_features(void)
*/
enable_cpu_capabilities(SCOPE_ALL & ~SCOPE_BOOT_CPU);
- kpti_install_ng_mappings();
+ if (arm64_kernel_unmapped_at_el0())
+ kpti_install_ng_mappings();
sve_setup();
sme_setup();
--
2.39.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Avoid enabling KPTI unnecessarily
2023-11-27 10:21 [PATCH] arm64: Avoid enabling KPTI unnecessarily Ard Biesheuvel
@ 2023-11-27 10:33 ` Marc Zyngier
2023-11-27 10:55 ` Ard Biesheuvel
2023-11-27 11:10 ` Mark Rutland
1 sibling, 1 reply; 4+ messages in thread
From: Marc Zyngier @ 2023-11-27 10:33 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: linux-arm-kernel, catalin.marinas, will, mark.rutland,
Ard Biesheuvel
On Mon, 27 Nov 2023 10:21:42 +0000,
Ard Biesheuvel <ardb@google.com> wrote:
>
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Commit 42c5a3b04bf6 refactored the KPTI init code in a way that results
> in the use of non-global kernel mappings even on systems that have no
> need for it, and even when KPTI has been disabled explicitly via the
> command line.
>
> Ensure that this only happens when we have decided (based on the
> detected CPU features) that KPTI should be enabled.
>
> Fixes: 42c5a3b04bf6 ("arm64: Split kpti_install_ng_mappings()")
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> arch/arm64/kernel/cpufeature.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 646591c67e7a..4b1762b9c37c 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -3352,7 +3352,8 @@ void __init setup_system_features(void)
> */
> enable_cpu_capabilities(SCOPE_ALL & ~SCOPE_BOOT_CPU);
>
> - kpti_install_ng_mappings();
> + if (arm64_kernel_unmapped_at_el0())
> + kpti_install_ng_mappings();
>
> sve_setup();
> sme_setup();
Reviewed-by: Marc Zyngier <maz@kernel.org>
Tested-by: Marc Zyngier <maz@kernel.org>
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Avoid enabling KPTI unnecessarily
2023-11-27 10:33 ` Marc Zyngier
@ 2023-11-27 10:55 ` Ard Biesheuvel
0 siblings, 0 replies; 4+ messages in thread
From: Ard Biesheuvel @ 2023-11-27 10:55 UTC (permalink / raw)
To: Marc Zyngier
Cc: Ard Biesheuvel, linux-arm-kernel, catalin.marinas, will,
mark.rutland
On Mon, 27 Nov 2023 at 11:34, Marc Zyngier <maz@kernel.org> wrote:
>
> On Mon, 27 Nov 2023 10:21:42 +0000,
> Ard Biesheuvel <ardb@google.com> wrote:
> >
> > From: Ard Biesheuvel <ardb@kernel.org>
> >
> > Commit 42c5a3b04bf6 refactored the KPTI init code in a way that results
> > in the use of non-global kernel mappings even on systems that have no
> > need for it, and even when KPTI has been disabled explicitly via the
> > command line.
> >
> > Ensure that this only happens when we have decided (based on the
> > detected CPU features) that KPTI should be enabled.
> >
> > Fixes: 42c5a3b04bf6 ("arm64: Split kpti_install_ng_mappings()")
> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > ---
> > arch/arm64/kernel/cpufeature.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> > index 646591c67e7a..4b1762b9c37c 100644
> > --- a/arch/arm64/kernel/cpufeature.c
> > +++ b/arch/arm64/kernel/cpufeature.c
> > @@ -3352,7 +3352,8 @@ void __init setup_system_features(void)
> > */
> > enable_cpu_capabilities(SCOPE_ALL & ~SCOPE_BOOT_CPU);
> >
> > - kpti_install_ng_mappings();
> > + if (arm64_kernel_unmapped_at_el0())
> > + kpti_install_ng_mappings();
> >
> > sve_setup();
> > sme_setup();
>
> Reviewed-by: Marc Zyngier <maz@kernel.org>
> Tested-by: Marc Zyngier <maz@kernel.org>
>
Bah now kpti=on is broken ...
Will respin,
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Avoid enabling KPTI unnecessarily
2023-11-27 10:21 [PATCH] arm64: Avoid enabling KPTI unnecessarily Ard Biesheuvel
2023-11-27 10:33 ` Marc Zyngier
@ 2023-11-27 11:10 ` Mark Rutland
1 sibling, 0 replies; 4+ messages in thread
From: Mark Rutland @ 2023-11-27 11:10 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: linux-arm-kernel, catalin.marinas, will, maz, Ard Biesheuvel
Hi Ard,
On Mon, Nov 27, 2023 at 11:21:42AM +0100, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Commit 42c5a3b04bf6 refactored the KPTI init code in a way that results
> in the use of non-global kernel mappings even on systems that have no
> need for it, and even when KPTI has been disabled explicitly via the
> command line.
>
> Ensure that this only happens when we have decided (based on the
> detected CPU features) that KPTI should be enabled.
>
> Fixes: 42c5a3b04bf6 ("arm64: Split kpti_install_ng_mappings()")
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> arch/arm64/kernel/cpufeature.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 646591c67e7a..4b1762b9c37c 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -3352,7 +3352,8 @@ void __init setup_system_features(void)
> */
> enable_cpu_capabilities(SCOPE_ALL & ~SCOPE_BOOT_CPU);
>
> - kpti_install_ng_mappings();
> + if (arm64_kernel_unmapped_at_el0())
> + kpti_install_ng_mappings();
My bad; I had intended that kpti_install_ng_mappings() checked everything
necessary, but clearly I missed this.
Modulo breakage, could we move the conditionality into
kpti_install_ng_mappings()?
Thanks,
Mark.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-11-27 11:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-27 10:21 [PATCH] arm64: Avoid enabling KPTI unnecessarily Ard Biesheuvel
2023-11-27 10:33 ` Marc Zyngier
2023-11-27 10:55 ` Ard Biesheuvel
2023-11-27 11:10 ` Mark Rutland
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).