[PATCH] arm64: fix KASLR boot-time I-cache maintenance
Mark Rutland
mark.rutland at arm.com
Tue Mar 15 04:22:57 PDT 2016
Commit f80fb3a3d50843a4 ("arm64: add support for kernel ASLR") missed a
DSB necessary to complete I-cache maintenance in the primary boot path,
and hence stale instructions may still be present in the I-cache and may
be executed until the I-cache maintenance naturally completes.
Since commit 8ec41987436d566f ("arm64: mm: ensure patched kernel text is
fetched from PoU"), all CPUs invalidate their I-caches after their MMU
is enabled. Prior a CPU's MMU having been enabled, arbitrary lines may
have been fetched from the PoC into I-caches. We never patch text
expected to be executed with the MMU off. Thus, it is unnecessary to
perform broadcast I-cache maintenance in the primary boot path.
This patch reduces the scope of the I-cache maintenance to the local
CPU, and adds the missing DSB with similar scope, matching prior
maintenance in the primary boot path.
Signed-off-by: Mark Rutland <mark.rutland at arm.com>
Cc: Ard Biesehvuel <ard.biesheuvel at linaro.org>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Will Deacon <will.deacon at arm.com>
---
arch/arm64/kernel/head.S | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Note: this applies atop of the arm64 for-next/core branch.
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index 50c2134..1672ca9 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -766,8 +766,9 @@ __enable_mmu:
msr sctlr_el1, x19 // re-enable the MMU
isb
- ic ialluis // flush instructions fetched
- isb // via old mapping
+ ic iallu // flush instructions fetched
+ dsb nsh // via old mapping
+ isb
add x27, x27, x23 // relocated __mmap_switched
#endif
br x27
--
1.9.1
More information about the linux-arm-kernel
mailing list