linux

mirror of https://github.com/torvalds/linux synced 2024-10-03 09:48:02 +00:00

History

Linus Walleij 7af5b901e8 ARM: 9358/2: Implement PAN for LPAE by TTBR0 page table walks disablement With LPAE enabled, privileged no-access cannot be enforced using CPU domains as such feature is not available. This patch implements PAN by disabling TTBR0 page table walks while in kernel mode. The ARM architecture allows page table walks to be split between TTBR0 and TTBR1. With LPAE enabled, the split is defined by a combination of TTBCR T0SZ and T1SZ bits. Currently, an LPAE-enabled kernel uses TTBR0 for user addresses and TTBR1 for kernel addresses with the VMSPLIT_2G and VMSPLIT_3G configurations. The main advantage for the 3:1 split is that TTBR1 is reduced to 2 levels, so potentially faster TLB refill (though usually the first level entries are already cached in the TLB). The PAN support on LPAE-enabled kernels uses TTBR0 when running in user space or in kernel space during user access routines (TTBCR T0SZ and T1SZ are both 0). When running user accesses are disabled in kernel mode, TTBR0 page table walks are disabled by setting TTBCR.EPD0. TTBR1 is used for kernel accesses (including loadable modules; anything covered by swapper_pg_dir) by reducing the TTBCR.T0SZ to the minimum (2^(32-7) = 32MB). To avoid user accesses potentially hitting stale TLB entries, the ASID is switched to 0 (reserved) by setting TTBCR.A1 and using the ASID value in TTBR1. The difference from a non-PAN kernel is that with the 3:1 memory split, TTBR1 always uses 3 levels of page tables. As part of the change we are using preprocessor elif definied() clauses so balance these clauses by converting relevant precedingt ifdef clauses to if defined() clauses. Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Reviewed-by: Kees Cook <keescook@chromium.org> Tested-by: Florian Fainelli <florian.fainelli@broadcom.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>		2024-04-18 12:10:46 +01:00
..
ashldi3.S	Revert "arm: move exports to definitions"	2016-11-23 10:00:03 +00:00
ashrdi3.S	Revert "arm: move exports to definitions"	2016-11-23 10:00:03 +00:00
backtrace-clang.S	ARM: implement IRQ stacks	2021-12-03 15:11:31 +01:00
backtrace.S	ARM: implement IRQ stacks	2021-12-03 15:11:31 +01:00
bitops.h	locking/atomic: arm: fix sync ops	2023-06-05 09:57:13 +02:00
bswapsdi2.S	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
call_with_stack.S	ARM: 9233/1: stacktrace: Skip frame pointer boundary check for call_with_stack()	2022-10-04 11:09:47 +01:00
changebit.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
clear_user.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
clearbit.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
copy_from_user.S	ARM: memcpy: use frame pointer as unwind anchor	2021-12-03 15:11:32 +01:00
copy_page.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
copy_template.S	ARM: memcpy: use frame pointer as unwind anchor	2021-12-03 15:11:32 +01:00
copy_to_user.S	ARM: memcpy: use frame pointer as unwind anchor	2021-12-03 15:11:32 +01:00
csumipv6.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
csumpartial.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
csumpartialcopy.S	arm: propagate the calling convention changes down to csum_partial_copy_from_user()	2020-08-20 15:45:16 -04:00
csumpartialcopygeneric.S	arm: propagate the calling convention changes down to csum_partial_copy_from_user()	2020-08-20 15:45:16 -04:00
csumpartialcopyuser.S	ARM: 9358/2: Implement PAN for LPAE by TTBR0 page table walks disablement	2024-04-18 12:10:46 +01:00
delay-loop.S	ARM: 9263/1: use .arch directives instead of assembler command line flags	2022-11-08 18:36:17 +00:00
delay.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333	2019-06-05 17:37:06 +02:00
div64.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
error-inject.c	ARM: 9279/1: support function error injection	2022-12-07 14:08:38 +00:00
findbit.S	ARM: findbit: add unwinder information	2022-11-14 12:00:58 +00:00
getuser.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-readsb.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-readsl.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-readsw-armv3.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-readsw-armv4.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-writesb.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-writesl.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-writesw-armv3.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
io-writesw-armv4.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
lib1funcs.S	ARM: 8844/1: use unified assembler in assembly files	2019-02-26 11:26:07 +00:00
lshrdi3.S	Revert "arm: move exports to definitions"	2016-11-23 10:00:03 +00:00
Makefile	ARM: 9279/1: support function error injection	2022-12-07 14:08:38 +00:00
memchr.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
memcpy.S	ARM: memcpy: use frame pointer as unwind anchor	2021-12-03 15:11:32 +01:00
memmove.S	ARM: memmove: use frame pointer as unwind anchor	2021-12-03 15:11:32 +01:00
memset.S	ARM: 9321/1: memset: cast the constant byte to unsigned char	2023-10-05 16:15:41 +01:00
muldi3.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
putuser.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
setbit.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
strchr.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
strrchr.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
testchangebit.S	locking/atomic: arm: fix sync ops	2023-06-05 09:57:13 +02:00
testclearbit.S	locking/atomic: arm: fix sync ops	2023-06-05 09:57:13 +02:00
testsetbit.S	locking/atomic: arm: fix sync ops	2023-06-05 09:57:13 +02:00
uaccess_with_memcpy.c	arm: allow pte_offset_map[_lock]() to fail	2023-06-19 16:19:05 -07:00
ucmpdi2.S	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
xor-neon.c	crypto: arm/xor - make vectorized C code Clang-friendly	2022-02-11 20:39:39 +11:00