[PATCH] arm64: Avoid enabling KPTI unnecessarily
Mark Rutland
mark.rutland at arm.com
Mon Nov 27 03:10:07 PST 2023
Hi Ard,
On Mon, Nov 27, 2023 at 11:21:42AM +0100, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb at kernel.org>
>
> Commit 42c5a3b04bf6 refactored the KPTI init code in a way that results
> in the use of non-global kernel mappings even on systems that have no
> need for it, and even when KPTI has been disabled explicitly via the
> command line.
>
> Ensure that this only happens when we have decided (based on the
> detected CPU features) that KPTI should be enabled.
>
> Fixes: 42c5a3b04bf6 ("arm64: Split kpti_install_ng_mappings()")
> Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
> ---
> arch/arm64/kernel/cpufeature.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 646591c67e7a..4b1762b9c37c 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -3352,7 +3352,8 @@ void __init setup_system_features(void)
> */
> enable_cpu_capabilities(SCOPE_ALL & ~SCOPE_BOOT_CPU);
>
> - kpti_install_ng_mappings();
> + if (arm64_kernel_unmapped_at_el0())
> + kpti_install_ng_mappings();
My bad; I had intended that kpti_install_ng_mappings() checked everything
necessary, but clearly I missed this.
Modulo breakage, could we move the conditionality into
kpti_install_ng_mappings()?
Thanks,
Mark.
More information about the linux-arm-kernel
mailing list