From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5E1F3C369D3 for ; Fri, 18 Apr 2025 18:48:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=T6rxFlo/hPCWLtCLwR3UaE+JW7XJ8IVSfcU3QpwR0Wo=; b=NkJ8Rx7BXQSumt7G4DO8iDw8n+ pGl//DIaGNWitre39srmRiRgRc3v9FExyit29ZU64ZLb6WcJ/+aaukws11q+nC5F/tvz5/Ypy/VkV ag9d2JXNjSBJ/YQH2wmUXpymQPHQczrW6w+eD1SOvG3dp83QBfD8ofhZDNJhkFDtNPW4y9yuMxqdq x7QriIg+ZCpQAPiANVLTrYXU2hlR7vGy/LoNKHqoOHIzuNZekxLqMektrt7JHA9jyIx29XiSLosQy PfTHfIJbVzlqJJeywuDotSlmdfdW6DzM2m8vrTs0g9T67JX5m2734mwFWag16m953CcU8YRO6Qi3B sOTAApkA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1u5qkt-0000000HVJQ-14E8; Fri, 18 Apr 2025 18:48:03 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1toHD6-0000000DZIN-2gm6; Sat, 01 Mar 2025 07:24:34 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 091475C1FDF; Sat, 1 Mar 2025 07:22:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 800D1C4CEDD; Sat, 1 Mar 2025 07:24:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1740813870; bh=zNyC5lhRK0Jp4F93R1ijsSaURdoFR2R28yW7mia17cM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=gtscTzalpXI+EBlbvhmEfLi9LdExvWsiMbsCojuFb6z7D6TJ+eIyI5Zu0dNVt1+Rt R7KC6887+sVZtgnQ19+IkfSlJqXOab6/YNi9aZBAtp/VgQU/JqRJpIH8eBc4GGjByG /iEET/+yluuuSKQHZY8L55Rx9HismpEadrVB6zyppH+G3FGWR/3bh3ot8dW5rcHNI7 NKKycvvnkEsnUXv1eFIzBBP8cwd+jkC4/L6TStK9cq+p4BvnEfW2RzlrWF5UZglu5h /IAlH97YxPUeMyrnxQe6BmmTiig5TOwLHznM4yMtuGGFo8JCLj5r1JCg4T+JRGSA6x kS+2S3GSKmFcQ== Date: Sat, 1 Mar 2025 09:23:51 +0200 From: Mike Rapoport To: Brendan Jackman Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Richard Henderson , Matt Turner , Vineet Gupta , Russell King , Catalin Marinas , Will Deacon , Guo Ren , Brian Cain , Huacai Chen , WANG Xuerui , Geert Uytterhoeven , Michal Simek , Thomas Bogendoerfer , Dinh Nguyen , Jonas Bonn , Stefan Kristiansson , Stafford Horne , "James E.J. Bottomley" , Helge Deller , Michael Ellerman , Nicholas Piggin , Christophe Leroy , Naveen N Rao , Madhavan Srinivasan , Paul Walmsley , Palmer Dabbelt , Albert Ou , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Yoshinori Sato , Rich Felker , John Paul Adrian Glaubitz , "David S. Miller" , Andreas Larsson , Richard Weinberger , Anton Ivanov , Johannes Berg , Chris Zankel , Max Filippov , Arnd Bergmann , Andrew Morton , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Valentin Schneider , Uladzislau Rezki , Christoph Hellwig , Masami Hiramatsu , Mathieu Desnoyers , Arnaldo Carvalho de Melo , Namhyung Kim , Mark Rutland , Alexander Shishkin , Jiri Olsa , Ian Rogers , Adrian Hunter , Dennis Zhou , Tejun Heo , Christoph Lameter , Sean Christopherson , Paolo Bonzini , Ard Biesheuvel , Josh Poimboeuf , Pawan Gupta , x86@kernel.org, linux-kernel@vger.kernel.org, linux-alpha@vger.kernel.org, linux-snps-arc@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-csky@vger.kernel.org, linux-hexagon@vger.kernel.org, loongarch@lists.linux.dev, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-openrisc@vger.kernel.org, linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, sparclinux@vger.kernel.org, linux-um@lists.infradead.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-trace-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, Junaid Shahid Subject: Re: [PATCH RFC v2 02/29] x86: Create CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION Message-ID: References: <20250110-asi-rfc-v2-v2-0-8419288bc805@google.com> <20250110-asi-rfc-v2-v2-2-8419288bc805@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250110-asi-rfc-v2-v2-2-8419288bc805@google.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250228_232432_764715_B34C7813 X-CRM114-Status: GOOD ( 33.83 ) X-Mailman-Approved-At: Fri, 18 Apr 2025 11:48:00 -0700 X-BeenThere: linux-um@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-um" Errors-To: linux-um-bounces+linux-um=archiver.kernel.org@lists.infradead.org Hi Brendan, On Fri, Jan 10, 2025 at 06:40:28PM +0000, Brendan Jackman wrote: > Currently a nop config. Keeping as a separate commit for easy review of > the boring bits. Later commits will use and enable this new config. > > This config is only added for non-UML x86_64 as other architectures do > not yet have pending implementations. It also has somewhat artificial > dependencies on !PARAVIRT and !KASAN which are explained in the Kconfig > file. > > Co-developed-by: Junaid Shahid > Signed-off-by: Junaid Shahid > Signed-off-by: Brendan Jackman > --- > arch/alpha/include/asm/Kbuild | 1 + > arch/arc/include/asm/Kbuild | 1 + > arch/arm/include/asm/Kbuild | 1 + > arch/arm64/include/asm/Kbuild | 1 + > arch/csky/include/asm/Kbuild | 1 + > arch/hexagon/include/asm/Kbuild | 1 + > arch/loongarch/include/asm/Kbuild | 3 +++ > arch/m68k/include/asm/Kbuild | 1 + > arch/microblaze/include/asm/Kbuild | 1 + > arch/mips/include/asm/Kbuild | 1 + > arch/nios2/include/asm/Kbuild | 1 + > arch/openrisc/include/asm/Kbuild | 1 + > arch/parisc/include/asm/Kbuild | 1 + > arch/powerpc/include/asm/Kbuild | 1 + > arch/riscv/include/asm/Kbuild | 1 + > arch/s390/include/asm/Kbuild | 1 + > arch/sh/include/asm/Kbuild | 1 + > arch/sparc/include/asm/Kbuild | 1 + > arch/um/include/asm/Kbuild | 2 +- > arch/x86/Kconfig | 14 ++++++++++++++ > arch/xtensa/include/asm/Kbuild | 1 + > include/asm-generic/asi.h | 5 +++++ > 22 files changed, 41 insertions(+), 1 deletion(-) I don't think this all is needed. You can put asi.h with stubs used outside of arch/x86 in include/linux and save you the hassle of updating every architecture. > diff --git a/arch/sparc/include/asm/Kbuild b/arch/sparc/include/asm/Kbuild > index 43b0ae4c2c2112d4d4d3cb3c60e787b175172dea..cb9062c9be17fe276cc92d2ac99d8b165f6297bf 100644 > --- a/arch/sparc/include/asm/Kbuild > +++ b/arch/sparc/include/asm/Kbuild > @@ -4,3 +4,4 @@ generated-y += syscall_table_64.h > generic-y += agp.h > generic-y += kvm_para.h > generic-y += mcs_spinlock.h > +generic-y += asi.h sparc already has include/asm/asi.h, this will break the build > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 7b9a7e8f39acc8e9aeb7d4213e87d71047865f5c..5a50582eb210e9d1309856a737d32b76fa1bfc85 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2519,6 +2519,20 @@ config MITIGATION_PAGE_TABLE_ISOLATION > > See Documentation/arch/x86/pti.rst for more details. > > +config MITIGATION_ADDRESS_SPACE_ISOLATION > + bool "Allow code to run with a reduced kernel address space" > + default n > + depends on X86_64 && !PARAVIRT && !UML > + help > + This feature provides the ability to run some kernel code > + with a reduced kernel address space. This can be used to > + mitigate some speculative execution attacks. > + > + The !PARAVIRT dependency is only because of lack of testing; in theory > + the code is written to work under paravirtualization. In practice > + there are likely to be unhandled cases, in particular concerning TLB > + flushes. > + If you expect other architectures might implement ASI the config would better fit into init/Kconfig or mm/Kconfig and in arch/x86/Kconfig will define ARCH_HAS_MITIGATION_ADDRESS_SPACE_ISOLATION. > config MITIGATION_RETPOLINE > bool "Avoid speculative indirect branches in kernel" > select OBJTOOL if HAVE_OBJTOOL > diff --git a/arch/xtensa/include/asm/Kbuild b/arch/xtensa/include/asm/Kbuild > index fa07c686cbcc2153776a478ac4093846f01eddab..07cea6902f98053be244d026ed594fe7246755a6 100644 > --- a/arch/xtensa/include/asm/Kbuild > +++ b/arch/xtensa/include/asm/Kbuild > @@ -8,3 +8,4 @@ generic-y += parport.h > generic-y += qrwlock.h > generic-y += qspinlock.h > generic-y += user.h > +generic-y += asi.h > diff --git a/include/asm-generic/asi.h b/include/asm-generic/asi.h > new file mode 100644 > index 0000000000000000000000000000000000000000..c4d9a5ff860a96428422a15000c622aeecc2d664 > --- /dev/null > +++ b/include/asm-generic/asi.h > @@ -0,0 +1,5 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +#ifndef __ASM_GENERIC_ASI_H > +#define __ASM_GENERIC_ASI_H > + > +#endif IMHO it should be include/linux/asi.h, with something like #infdef __LINUX_ASI_H #define __LINUX_ASI_H #ifdef CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION #include #else /* CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION */ /* stubs for functions used outside arch/ */ #endif /* CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION */ #endif /* __LINUX_ASI_H */ -- Sincerely yours, Mike.