cacheflush completely broken, suspecting PAN+LPAE
Linus Walleij
linus.walleij at linaro.org
Tue Nov 12 05:58:23 PST 2024
On Tue, Nov 12, 2024 at 11:46 AM Michał Pecio <michal.pecio at gmail.com> wrote:
> By the way, do you know why it wasn't broken without LPAE? It looks
> like either those specific coprocessor operations somehow bypass the
> protection, or maybe all of PAN is a big, expensive no-op...
PAN is supposed to stop the kernel from reading or writing into
userspace memory and that works.
Nobody really said we can't flush caches for some random
userspace memory, and so, that works.
It's what we call a grey area.
But with the TTBR0 thing for PAN on LPAE we completely
disable the page walks on userspace pages from the kernel
(unless explicitly allowed) and that means this now also blocks
cacheflush, because we can't flush caches for a piece of memory
we don't even map.
Russell's patch looks like it fixes the issue, I was gonna write
something similar but he quickly beat me to it, so test that!
Yours,
Linus Walleij
More information about the linux-arm-kernel
mailing list