From patchwork Wed Feb 28 03:56:39 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alex Shi <alex.shi@linaro.org>
X-Patchwork-Id: 10246747
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	1788A60362 for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:06:26 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 06B2128CD9
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:06:26 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id EF7B828CE0; Wed, 28 Feb 2018 04:06:25 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID autolearn=ham version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.133])
	(using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 7B66928CD9
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:06:25 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:
	List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References:
	In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=87HF+AXi6UcHOo4gY5KNHOU50jsykHr+M7MMxvhNv20=;
	b=IixCI8XoGVgtY4GdFzCWCl3sMm
	9UNK+z3H3Bc66s4eCnSXWfWn5pxQwKO3Ltmc6oSrOOnHXlIqeE1ugAGA7uEmlsWVo+wHOkLyYpDZC
	WrOJY+V0C0SufUmEX76sNWZa+z84DHMhEb5NzkCbox+TK/GAbObwLUn+izQ/4dvTYsHaQnhPZGcK6
	42lJVKrFrvOh4JsladrPnbiPb0eQBylrlou93iNRT0jX1m14s0lJ4vJsfXAG7aSGp/+8mRfrH8LuT
	byUlSx7e9/hkOTMa0F3mBm2qwlXS6WaJ5kRoePu2R2KYS3ecq9RP71L45sFfAvKSpix1mSvI9p7Cy
	ZLDYmhXg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux))
	id 1eqt0K-0005PV-R9; Wed, 28 Feb 2018 04:06:08 +0000
Received: from mail-pl0-x242.google.com ([2607:f8b0:400e:c01::242])
	by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux))
	id 1eqsuB-0007mM-Na for linux-arm-kernel@lists.infradead.org;
	Wed, 28 Feb 2018 04:00:34 +0000
Received: by mail-pl0-x242.google.com with SMTP id 93-v6so769107plc.9
	for <linux-arm-kernel@lists.infradead.org>;
	Tue, 27 Feb 2018 19:59:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=95Iv0nJp083o8oUFCW7XEWIw7Oc3xuvo6wFQkXWVNj4=;
	b=dnHsb0lkyUAzCef0hhzZgt+tMQS2Wkc6UzQyLyPDkjmwGFPyA3FjnmeApi342yzp+W
	sb3C0gPIn+IcLSeyYfvSv99FPlms/Yr5yq6KpZgXTVVeN4olcrFgKoABaA4jyBlWd0uh
	FfmLGE3SCuzwfHiJUM6ar39xKpXq4OQjuh77s=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=95Iv0nJp083o8oUFCW7XEWIw7Oc3xuvo6wFQkXWVNj4=;
	b=bdlLWUe+kyV8qBoYob5cTrEPTYV/qcAQ0rYTYYB3mnS9oggdzN9T1bVbQvL4UpIBm3
	78cFLYV71BsrKZGeSowvTLD54FKwAKg6SJcm4uH6tf5AesX7kdjfZFVyYB//19xsQQjB
	XEtg3y7vOYWP1NIIoNH88q3JYE/HuAwGQyiJE3lweJxL3gB0AhAl/+3LXMfzasmggIqD
	aDBunkjmXP9sqxXTEZV7XYHzAqIoADQxeItgU8pPGKxlYne5VSEB/dNa9e8PkNx2/Q9W
	90e/y6O/B9D5Jh6JHmDMgsmYZPAdri64Bbry0VgZe3Omn3kBOsgpd5sn12IeMJ4CBt+J
	35Bw==
X-Gm-Message-State: APf1xPCVn+tPW12Wk2kiFwohaM/O2bN7YnZh1GT+LEclFW41darRSZJB
	+8cqVLygGUCw8Nsqkbc3jpOsbg==
X-Google-Smtp-Source: 
 AH8x227t8jgmj3CkRh0ZdkIGQrrcoAjiVJiWQUfXR51URc5Q4FrDgRMeJCiQ8odK8SaJ9tskj9nqLQ==
X-Received: by 2002:a17:902:f81:: with SMTP id
	1-v6mr16025516plz.265.1519790377200;
	Tue, 27 Feb 2018 19:59:37 -0800 (PST)
Received: from localhost.localdomain (176.122.172.82.16clouds.com.
	[176.122.172.82]) by smtp.gmail.com with ESMTPSA id
	q17sm739911pgt.7.2018.02.27.19.59.30
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 27 Feb 2018 19:59:36 -0800 (PST)
From: Alex Shi <alex.shi@linaro.org>
To: Marc Zyngier <marc.zyngier@arm.com>, Will Deacon <will.deacon@arm.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Catalin Marinas <catalin.marinas@arm.com>, stable@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: [PATCH 17/29] arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
Date: Wed, 28 Feb 2018 11:56:39 +0800
Message-Id: <1519790211-16582-18-git-send-email-alex.shi@linaro.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1519790211-16582-1-git-send-email-alex.shi@linaro.org>
References: <1519790211-16582-1-git-send-email-alex.shi@linaro.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20180227_195948_515217_EF6FEC9F 
X-CRM114-Status: GOOD (  13.96  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Alex Shi <alex.shi@linaro.org>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Will Deacon <will.deacon@arm.com>

commit 084eb77cd3a8 upstream.

Add a Kconfig entry to control use of the entry trampoline, which allows
us to unmap the kernel whilst running in userspace and improve the
robustness of KASLR.

Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Tested-by: Laura Abbott <labbott@redhat.com>
Tested-by: Shanker Donthineni <shankerd@codeaurora.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Alex Shi <alex.shi@linaro.org>
---
 arch/arm64/Kconfig | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 7769c2e..6b6e9f8 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -733,6 +733,19 @@ config FORCE_MAX_ZONEORDER
 	  However for 4K, we choose a higher default value, 11 as opposed to 10, giving us
 	  4M allocations matching the default size used by generic code.
 
+config UNMAP_KERNEL_AT_EL0
+	bool "Unmap kernel when running in userspace (aka \"KAISER\")"
+	default y
+	help
+	  Some attacks against KASLR make use of the timing difference between
+	  a permission fault which could arise from a page table entry that is
+	  present in the TLB, and a translation fault which always requires a
+	  page table walk. This option defends against these attacks by unmapping
+	  the kernel whilst running in userspace, therefore forcing translation
+	  faults for all of kernel space.
+
+	  If unsure, say Y.
+
 menuconfig ARMV8_DEPRECATED
 	bool "Emulate deprecated/obsolete ARMv8 instructions"
 	depends on COMPAT