[PATCH v6 00/41] arm64: Reorganize kernel VA space for LPA2
Ard Biesheuvel
ardb at google.com
Wed Nov 29 03:15:56 PST 2023
From: Ard Biesheuvel <ardb at kernel.org>
At the request of Catalin, this series was split off from my LPA2 series
[0] in order to make the changes a bit more manageable.
This series reorganizes the kernel VA space, and refactors/replaces the
early mapping code so that:
- everything is done only once, in the appropriate order;
- everything is done with the MMU and caches enabled (*)
- everything is done from C code (notably, 100s of lines of
incomprehensible asm code are removed from head.S).
(*) the initial ID map will be populated with the MMU and caches
disabled if that is how we entered from the bootloader.
This is important for LPA2, but also for other future extensions to the
page table format, as managing this entirely in early asm code as we do
today would become intractable. This applies also to things such as
copying the KAsan shadow or the fixmap from the early page tables into
the permanent ones - this is all being removed by this series. This
approach also ensures that we never execute from writable memory, or
parse the DT (which is external input) while the text/rodata segments
are mapped writable; this is an important general hardening principle,
but also a prerequisite for adding WXN support (which is implemented in
the second half of the series that has been omitted from this drop)
Another notable difference implemented by this series is the fact that
the permanent ID map always covers 48 bits of VA space, and is no longer
tied to the size of the kernel VA space. This removes awkward logic to
add a translation level above PGD level, and will be beneficial for
other reasons too (it permits future changes in the EFI logic to get rid
of SetVirtualAddressMap() entirely)
Changes since v5 [1]:
- add helpers to deal with CPU feature overrides, rather than applying
the value and mask directly - this is necessary because an override
may be invalid for the field that we care about or for another field
that shares the same CPUID system register
- add missing patch to make __cpu_replace_ttbr1() out of line and insert
it in the correct place in the series to ensure bisectability
- incorporate maz's strict type changes (and more) into the prel64
handling in the early idreg override code
Changes since v4:
- merge a couple of followup tweaks for issues that were reported while
the v4 was briefly queued up and pulled into -next
- rebase onto v6.7-rc1
- omit LVA/LPA2 and WXN related changes
[0] https://lore.kernel.org/all/20230912141549.278777-63-ardb@google.com/
[1] https://lore.kernel.org/all/20231124101840.944737-41-ardb@google.com/
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Will Deacon <will at kernel.org>
Cc: Marc Zyngier <maz at kernel.org>
Cc: Mark Rutland <mark.rutland at arm.com>
Cc: Ryan Roberts <ryan.roberts at arm.com>
Cc: Anshuman Khandual <anshuman.khandual at arm.com>
Cc: Kees Cook <keescook at chromium.org>
Ard Biesheuvel (41):
arm64: kernel: Disable latent_entropy GCC plugin in early C runtime
arm64: mm: Take potential load offset into account when KASLR is off
arm64: mm: get rid of kimage_vaddr global variable
arm64: mm: Move PCI I/O emulation region above the vmemmap region
arm64: mm: Move fixmap region above vmemmap region
arm64: ptdump: Allow all region boundaries to be defined at boot time
arm64: ptdump: Discover start of vmemmap region at runtime
arm64: vmemmap: Avoid base2 order of struct page size to dimension
region
arm64: mm: Reclaim unused vmemmap region for vmalloc use
arm64: kaslr: Adjust randomization range dynamically
arm64: kernel: Manage absolute relocations in code built under pi/
arm64: kernel: Don't rely on objcopy to make code under pi/ __init
arm64: head: move relocation handling to C code
arm64: idreg-override: Omit non-NULL checks for override pointer
arm64: idreg-override: Prepare for place relative reloc patching
arm64: idreg-override: Avoid parameq() and parameqn()
arm64: idreg-override: avoid strlen() to check for empty strings
arm64: idreg-override: Avoid sprintf() for simple string concatenation
arm64: idreg-override: Avoid kstrtou64() to parse a single hex digit
arm64/kernel: Move 'nokaslr' parsing out of early idreg code
arm64: idreg-override: Move to early mini C runtime
arm64: kernel: Remove early fdt remap code
arm64: head: Clear BSS and the kernel page tables in one go
arm64: Move feature overrides into the BSS section
arm64: head: Run feature override detection before mapping the kernel
arm64: head: move dynamic shadow call stack patching into early C
runtime
arm64: cpufeature: Add helper to test for CPU feature overrides
arm64: kaslr: Use feature override instead of parsing the cmdline
again
arm64: idreg-override: Create a pseudo feature for rodata=off
arm64: Add helpers to probe local CPU for PAC and BTI support
arm64: head: allocate more pages for the kernel mapping
arm64: head: move memstart_offset_seed handling to C code
arm64: mm: Make kaslr_requires_kpti() a static inline
arm64: mmu: Make __cpu_replace_ttbr1() out of line
arm64: head: Move early kernel mapping routines into C code
arm64: mm: Use 48-bit virtual addressing for the permanent ID map
arm64: pgtable: Decouple PGDIR size macros from PGD/PUD/PMD levels
arm64: kernel: Create initial ID map from C code
arm64: mm: avoid fixmap for early swapper_pg_dir updates
arm64: mm: omit redundant remap of kernel image
arm64: Revert "mm: provide idmap pointer to cpu_replace_ttbr1()"
arch/arm64/include/asm/archrandom.h | 2 -
arch/arm64/include/asm/assembler.h | 14 -
arch/arm64/include/asm/cpufeature.h | 77 ++++
arch/arm64/include/asm/fixmap.h | 1 -
arch/arm64/include/asm/kasan.h | 2 -
arch/arm64/include/asm/kernel-pgtable.h | 128 +++---
arch/arm64/include/asm/memory.h | 20 +-
arch/arm64/include/asm/mmu.h | 40 +-
arch/arm64/include/asm/mmu_context.h | 53 +--
arch/arm64/include/asm/pgtable.h | 10 +-
arch/arm64/include/asm/scs.h | 36 +-
arch/arm64/include/asm/setup.h | 3 -
arch/arm64/kernel/Makefile | 7 +-
arch/arm64/kernel/cpufeature.c | 65 +--
arch/arm64/kernel/head.S | 428 ++------------------
arch/arm64/kernel/image-vars.h | 33 ++
arch/arm64/kernel/kaslr.c | 11 +-
arch/arm64/kernel/module.c | 2 +-
arch/arm64/kernel/pi/Makefile | 28 +-
arch/arm64/kernel/{ => pi}/idreg-override.c | 182 +++++----
arch/arm64/kernel/pi/kaslr_early.c | 78 +---
arch/arm64/kernel/pi/map_kernel.c | 186 +++++++++
arch/arm64/kernel/pi/map_range.c | 100 +++++
arch/arm64/kernel/{ => pi}/patch-scs.c | 36 +-
arch/arm64/kernel/pi/pi.h | 36 ++
arch/arm64/kernel/pi/relacheck.c | 130 ++++++
arch/arm64/kernel/pi/relocate.c | 64 +++
arch/arm64/kernel/setup.c | 22 -
arch/arm64/kernel/vmlinux.lds.S | 17 +-
arch/arm64/kvm/mmu.c | 15 +-
arch/arm64/mm/fixmap.c | 34 --
arch/arm64/mm/kasan_init.c | 19 +-
arch/arm64/mm/mmu.c | 167 ++++----
arch/arm64/mm/proc.S | 13 +-
arch/arm64/mm/ptdump.c | 56 ++-
35 files changed, 1070 insertions(+), 1045 deletions(-)
rename arch/arm64/kernel/{ => pi}/idreg-override.c (59%)
create mode 100644 arch/arm64/kernel/pi/map_kernel.c
create mode 100644 arch/arm64/kernel/pi/map_range.c
rename arch/arm64/kernel/{ => pi}/patch-scs.c (89%)
create mode 100644 arch/arm64/kernel/pi/pi.h
create mode 100644 arch/arm64/kernel/pi/relacheck.c
create mode 100644 arch/arm64/kernel/pi/relocate.c
--
2.43.0.rc1.413.gea7ed67945-goog
More information about the linux-arm-kernel
mailing list