[RFC PATCH v5 00/18] pkeys-based page table hardening
Kevin Brodsky
kevin.brodsky at arm.com
Wed Oct 1 05:22:12 PDT 2025
On 18/09/2025 16:57, Will Deacon wrote:
> On Thu, Sep 18, 2025 at 04:15:52PM +0200, Kevin Brodsky wrote:
>> [...]
>>
>> For now, my plan is to stick to solution 3 from [2], i.e. force the
>> linear map to be PTE-mapped. This is easily done on arm64 as it is the
>> default, and is required for rodata=full, unless [1] is applied and the
>> system supports BBML2_NOABORT. See [1] for the potential performance
>> improvements we'd be missing out on (~5% ballpark). I'm not quite sure
>> what the picture looks like on x86 - it may well be more significant as
>> Rick suggested.
> Just as a data point, but forcing the linear map down to 4k would likely
> prevent us from being able to enable this on Android. We've measured a
> considerable (double digit %) increase in CPU power consumption for some
> real-life camera workloads when mapping the linear map at 4k granularity
> thanks to the additional memory traffic from the PTW.
Good to know!
> At some point, KFENCE required 4k granularity for the linear map, but we
> fixed it. rodata=full requires 4k granularity, but there are patches to
> fix that too. So I think we should avoid making the same mistake from
> the start for this series.
Understood, makes sense. I'll be looking into implementing the custom
PTP allocator I suggested above then.
- Kevin
More information about the linux-arm-kernel
mailing list