From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 083A6FEFB70 for ; Fri, 27 Feb 2026 17:57:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=qmAOheVzY4EJtPhDd1MwnpIiIYG+yRKhpRaW+JKu0CY=; b=mMDSmh3frrFiQdkMa0oCjeJEaq 4IWKTTXU7FOzirnCuzS/EBuwwfleT1Hs982CGX7BXYqPNMaC8RZJNXD3VEFbZUIDyvk/cGQVRRF+b IXIl9UG2gzw5aobYFDsgsd4FYSgRhzwMn3KAjTGJZ55dpuUex2sp+4vhOMoH181Zu+DNDeh9m9dee ruhhLJiD/U5Yzyerea3orxPkJ5PQD4vmmI0TiK4avELUuENOwK3qsc0mmsSN73RASPwMdrE0JHmjA zPVens0lzNdU7YKcrcfBa9ig60egWVbn0R0tjSATRQxazOPeqVjsWreD15SYde8wSTmW/GV6Krj+Y tyX7U84w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1vw25z-00000008ryt-27HZ; Fri, 27 Feb 2026 17:57:47 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1vw25j-00000008riF-45gW for linux-arm-kernel@lists.infradead.org; Fri, 27 Feb 2026 17:57:44 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 239D714BF; Fri, 27 Feb 2026 09:57:25 -0800 (PST) Received: from e123572-lin.arm.com (e123572-lin.cambridge.arm.com [10.1.194.54]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 112383F73B; Fri, 27 Feb 2026 09:57:26 -0800 (PST) From: Kevin Brodsky To: linux-hardening@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Kevin Brodsky , Andrew Morton , Andy Lutomirski , Catalin Marinas , Dave Hansen , David Hildenbrand , Ira Weiny , Jann Horn , Jeff Xu , Joey Gouly , Kees Cook , Linus Walleij , Lorenzo Stoakes , Marc Zyngier , Mark Brown , Matthew Wilcox , Maxwell Bland , "Mike Rapoport (IBM)" , Peter Zijlstra , Pierre Langlois , Quentin Perret , Rick Edgecombe , Ryan Roberts , Thomas Gleixner , Vlastimil Babka , Will Deacon , Yang Shi , Yeoreum Yun , linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, x86@kernel.org Subject: [PATCH v6 23/30] arm64: kpkeys: Ensure the linear map can be modified Date: Fri, 27 Feb 2026 17:55:11 +0000 Message-ID: <20260227175518.3728055-24-kevin.brodsky@arm.com> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20260227175518.3728055-1-kevin.brodsky@arm.com> References: <20260227175518.3728055-1-kevin.brodsky@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20260227_095733_363858_E2A27908 X-CRM114-Status: GOOD ( 14.82 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org When the kpkeys_hardened_pgtables feature is enabled, we need to be able to modify attributes (specifically the pkey/POIndex) in the linear map at page granularity. Add the appropriate check to can_set_direct_map() and force_pte_mapping(), on the same principle as rodata_full and other features. These functions can be called very early, before POE is actually detected. Introduce a helper that returns whether the hardening feature is/will be enabled, by checking whether POE is supported by the CPU if it hasn't been detected yet. Signed-off-by: Kevin Brodsky --- arch/arm64/include/asm/kpkeys.h | 18 ++++++++++++++++++ arch/arm64/mm/mmu.c | 3 ++- arch/arm64/mm/pageattr.c | 3 ++- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/kpkeys.h b/arch/arm64/include/asm/kpkeys.h index 64d6e22740ec..eeebbdfe239a 100644 --- a/arch/arm64/include/asm/kpkeys.h +++ b/arch/arm64/include/asm/kpkeys.h @@ -57,6 +57,24 @@ static __always_inline void arch_kpkeys_restore_pkey_reg(u64 pkey_reg) #endif /* CONFIG_ARM64_POE */ +#ifdef CONFIG_KPKEYS_HARDENED_PGTABLES + +static inline bool arm64_supports_kpkeys_hardened_pgtables(void) +{ + /* POE is a boot feature */ + return boot_capabilities_finalized() ? + system_supports_poe() : cpu_has_poe(); +} + +#else /* CONFIG_KPKEYS_HARDENED_PGTABLES */ + +static inline bool arm64_supports_kpkeys_hardened_pgtables(void) +{ + return false; +} + +#endif /* CONFIG_KPKEYS_HARDENED_PGTABLES */ + #endif /* __ASSEMBLY__ */ #endif /* __ASM_KPKEYS_H */ diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index a8e982ac5079..ea1cb1875257 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -764,7 +764,8 @@ static inline bool force_pte_mapping(void) return true; if (bbml2) return false; - return rodata_full || arm64_kfence_can_set_direct_map() || is_realm_world(); + return rodata_full || arm64_kfence_can_set_direct_map() || is_realm_world() || + arm64_supports_kpkeys_hardened_pgtables(); } static DEFINE_MUTEX(pgtable_split_lock); diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c index d2a7e104a5c2..05e57387c0b5 100644 --- a/arch/arm64/mm/pageattr.c +++ b/arch/arm64/mm/pageattr.c @@ -96,7 +96,8 @@ bool can_set_direct_map(void) * Realms need to make pages shared/protected at page granularity. */ return rodata_full || debug_pagealloc_enabled() || - arm64_kfence_can_set_direct_map() || is_realm_world(); + arm64_kfence_can_set_direct_map() || is_realm_world() || + arm64_supports_kpkeys_hardened_pgtables(); } static int update_range_prot(unsigned long start, unsigned long size, -- 2.51.2