[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20171128090219.7256F849@viggo.jf.intel.com>
Date: Tue, 28 Nov 2017 01:02:19 -0800
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: linux-kernel@...r.kernel.org
Cc: linux-mm@...ck.org, Dave Hansen <dave.hansen@...ux.intel.com>,
moritz.lipp@...k.tugraz.at, daniel.gruss@...k.tugraz.at,
michael.schwarz@...k.tugraz.at, richard.fellner@...dent.tugraz.at,
luto@...nel.org, torvalds@...ux-foundation.org,
keescook@...gle.com, bp@...en8.de, hughd@...gle.com, x86@...nel.org
Subject: [PATCH] x86/mm/kaiser: remove no-INVPCID user ASID flushing
From: Dave Hansen <dave.hansen@...ux.intel.com>
As the comment says, there are systems that have PCIDs but no
support for the INVPCID instruction to help flush individual
PCIDs. Flushing the TLB on those systems is awkward, and even
worse with KAISER. If faced with one of these when KAISER is
enabled, we simply fall back as if we have no PCID support.
However, there is a remnant in the code from trying to support
these systems. Remove it, but leave the warning.
Andy Lutomirski points out that the code that this removes
has a hole that could leave entries from the kernel page tables
tagged with the user asid, leaving them vulnerable to being
used to weaken KASLR.
Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: Moritz Lipp <moritz.lipp@...k.tugraz.at>
Cc: Daniel Gruss <daniel.gruss@...k.tugraz.at>
Cc: Michael Schwarz <michael.schwarz@...k.tugraz.at>
Cc: Richard Fellner <richard.fellner@...dent.tugraz.at>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Kees Cook <keescook@...gle.com>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Hugh Dickins <hughd@...gle.com>
Cc: x86@...nel.org
---
b/arch/x86/mm/tlb.c | 9 ---------
1 file changed, 9 deletions(-)
diff -puN arch/x86/mm/tlb.c~kaiser-remove-unused-tlb-flush-code arch/x86/mm/tlb.c
--- a/arch/x86/mm/tlb.c~kaiser-remove-unused-tlb-flush-code 2017-11-28 00:53:41.391460358 -0800
+++ b/arch/x86/mm/tlb.c 2017-11-28 00:55:28.084460092 -0800
@@ -127,15 +127,6 @@ static void flush_user_asid(pgd_t *pgd,
invpcid_flush_single_context(user_asid(kern_asid));
} else {
/*
- * On systems with PCIDs, but no INVPCID, the only
- * way to flush a PCID is a CR3 write. Note that
- * we use the kernel page tables with the *user*
- * ASID here.
- */
- unsigned long user_asid_flush_cr3;
- user_asid_flush_cr3 = build_cr3(pgd, user_asid(kern_asid));
- write_cr3(user_asid_flush_cr3);
- /*
* We do not use PCIDs with KAISER unless we also
* have INVPCID. Getting here is unexpected.
*/
_
Powered by blists - more mailing lists