From: Ard Biesheuvel <ardb+git@google.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-kernel@vger.kernel.org, will@kernel.org,
catalin.marinas@arm.com, mark.rutland@arm.com,
Ard Biesheuvel <ardb@kernel.org>,
Ryan Roberts <ryan.roberts@arm.com>,
Anshuman Khandual <anshuman.khandual@arm.com>,
Liz Prucka <lizprucka@google.com>,
Seth Jenkins <sethjenkins@google.com>,
Kees Cook <kees@kernel.org>, Mike Rapoport <rppt@kernel.org>,
David Hildenbrand <david@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Jann Horn <jannh@google.com>,
linux-mm@kvack.org, linux-hardening@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-sh@vger.kernel.org
Subject: [PATCH v6 06/15] arm64: mm: Permit contiguous descriptors to be manipulated
Date: Tue, 26 May 2026 19:58:53 +0200 [thread overview]
Message-ID: <20260526175846.2694125-23-ardb+git@google.com> (raw)
In-Reply-To: <20260526175846.2694125-17-ardb+git@google.com>
From: Ard Biesheuvel <ardb@kernel.org>
Currently, pgattr_change_is_safe() is overly pedantic when it comes to
descriptors with the contiguous hint attribute set, as it rejects
assignments even if the old and the new value are the same.
In fact, as per ARM ARM RJQQTC, manipulating descriptors with the
contiguous bit set is safe as long as the bit itself does not change
value, in the sense that no TLB conflict aborts or other exceptions may
be raised as a result. Inconsistent permission attributes within the
contiguous region may result in any of the alternatives to be taken to
apply to the entire region, which might be a programming error, but it
does not constitute an unsafe manipulation in terms of what
pgattr_change_is_safe() is intended to detect.
So drop the special PTE_CONT check, but still omit PTE_CONT from 'mask'
so that modifying the bit is still regarded as unsafe.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/arm64/mm/mmu.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 6b42d724bd1b..d7a6991e1844 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -134,10 +134,6 @@ bool pgattr_change_is_safe(pteval_t old, pteval_t new)
if (pte_pfn(__pte(old)) != pte_pfn(__pte(new)))
return false;
- /* live contiguous mappings may not be manipulated at all */
- if ((old | new) & PTE_CONT)
- return false;
-
/* Transitioning from Non-Global to Global is unsafe */
if (old & ~new & PTE_NG)
return false;
--
2.54.0.794.g4f17f83d09-goog
next prev parent reply other threads:[~2026-05-26 18:22 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-26 17:58 [PATCH v6 00/15] arm64: Unmap linear alias of kernel data/bss Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 01/15] arm64: mm: Remove bogus stop condition from map_mem() loop Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 02/15] arm64: mm: Drop redundant pgd_t* argument from map_mem() Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 03/15] arm64: mm: Check for pud_/pmd_set_huge() failures on kernel mappings Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 04/15] arm64: mm: Preserve existing table mappings when mapping DRAM Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 05/15] arm64: mm: Preserve non-contiguous descriptors " Ard Biesheuvel
2026-05-26 17:58 ` Ard Biesheuvel [this message]
2026-05-26 17:58 ` [PATCH v6 07/15] arm64: kfence: Avoid NOMAP tricks when mapping the early pool Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 08/15] arm64: mm: Permit contiguous attribute for preliminary mappings Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 09/15] arm64: Move fixmap and kasan page tables to end of kernel image Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 10/15] arm64: mm: Don't abuse memblock NOMAP to check for overlaps Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 11/15] arm64: mm: Map the kernel data/bss read-only in the linear map Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 12/15] powerpc/code-patching: Avoid r/w mapping of the zero page Ard Biesheuvel
2026-05-26 17:59 ` [PATCH v6 13/15] sh: cast away constness from the zero page when flushing it from the cache Ard Biesheuvel
2026-05-26 17:59 ` [PATCH v6 14/15] mm: Make empty_zero_page[] const Ard Biesheuvel
2026-05-26 17:59 ` [PATCH v6 15/15] arm64: mm: Unmap kernel data/bss entirely from the linear map Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260526175846.2694125-23-ardb+git@google.com \
--to=ardb+git@google.com \
--cc=akpm@linux-foundation.org \
--cc=anshuman.khandual@arm.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=david@kernel.org \
--cc=jannh@google.com \
--cc=kees@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-sh@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=lizprucka@google.com \
--cc=mark.rutland@arm.com \
--cc=rppt@kernel.org \
--cc=ryan.roberts@arm.com \
--cc=sethjenkins@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox