From patchwork Fri Jul 12 17:00:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brendan Jackman X-Patchwork-Id: 13731988 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BE14C2BD09 for ; Fri, 12 Jul 2024 17:01:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A57236B009A; Fri, 12 Jul 2024 13:01:10 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9D5426B009B; Fri, 12 Jul 2024 13:01:10 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 73B5F6B009C; Fri, 12 Jul 2024 13:01:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 4D83E6B009A for ; Fri, 12 Jul 2024 13:01:10 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id F03D6140BE7 for ; Fri, 12 Jul 2024 17:01:09 +0000 (UTC) X-FDA: 82331715858.26.5C4AFCC Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) by imf15.hostedemail.com (Postfix) with ESMTP id 850A4A0041 for ; Fri, 12 Jul 2024 17:01:07 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=tGm+1uMo; spf=pass (imf15.hostedemail.com: domain of 3UWGRZggKCJQ7y08AyBz4CC492.0CA96BIL-AA8Jy08.CF4@flex--jackmanb.bounces.google.com designates 209.85.221.74 as permitted sender) smtp.mailfrom=3UWGRZggKCJQ7y08AyBz4CC492.0CA96BIL-AA8Jy08.CF4@flex--jackmanb.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1720803633; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=A+jkQL2bLgnd1dA3asyFJ85yKqjjPIZgiPP4ZLm28ds=; b=FUBEUGo4Au0vqnrbH8Axf+hpqti3Aa4uTG84OEbQISIi+CKVDXs55jcOkpYoImitR4vGAn dKOByZ0rkcv0whFhah3xNV84E2B3UJA5xE7N/QKLTs8GnHgj9TnGyjndOg86ijxvgwH/6n H6GfTiIRYrxYWhCxkKQuRYtX3u30xgA= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1720803633; a=rsa-sha256; cv=none; b=d/LxYiR+CnDhcjoCBBkMRPQgFbfLKkwyzqtEOEzAy7s98HAfYk9kbyH9noRfG96KrZQJL3 kzD4p3l8i3z6ApDgT47ISs0YEk/jJNmC+rvkAowGNzTJjIyBFlGzOMF+Um7BpAbTEkEBW9 hISKHDAH9/JJoN1sPF9RDZwyPiqaV+0= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=tGm+1uMo; spf=pass (imf15.hostedemail.com: domain of 3UWGRZggKCJQ7y08AyBz4CC492.0CA96BIL-AA8Jy08.CF4@flex--jackmanb.bounces.google.com designates 209.85.221.74 as permitted sender) smtp.mailfrom=3UWGRZggKCJQ7y08AyBz4CC492.0CA96BIL-AA8Jy08.CF4@flex--jackmanb.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-36785e6c1e6so411012f8f.3 for ; Fri, 12 Jul 2024 10:01:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1720803666; x=1721408466; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=A+jkQL2bLgnd1dA3asyFJ85yKqjjPIZgiPP4ZLm28ds=; b=tGm+1uMojNvOSR9u6g2CEu74tVHYlqZdyiYKgd4ooUfnCIgTdTN04FvGsHxahmCR7J 9G4ERkrAF6vCYMtVD8KF3r5HczIq8muAloXu6XadDILhQd4Ms9TWvvistJ4g0gLbuR/3 f1k2gmB198BbozZLraGYXndM+IZHoHGObRtcw+WAzxeWp1jSVWEGXDsg+FUqhrP51ugU DW49udhtmwJrNBuXT6jFmesnfy8xHMv5izNeb7Gb3b1EYYpx8Pph1syEo8nSfvgAZPRH XegKKk7JrmeXsXrX2QFYoJVbYGpWMSKRnFOSeUs1nGTcQHHWogTpmnTEdGT8Q/K14u8+ KjaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720803666; x=1721408466; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=A+jkQL2bLgnd1dA3asyFJ85yKqjjPIZgiPP4ZLm28ds=; b=VjRJYJUGI+78mjbJ+p7WvLRcB28o2kwxJQmC+sFFemLKpb0Anrzb7h4OPl4nRyUebX jb7shCdEEETq3/G5hMhBxQTVjJcAXsy2cXFuKdOhTiurZWQWdpcVhduOclIqGMMY8hyu mUSJKWtoeIBYz0/u9nhqoJZYru/a8f/1DZFSAX5q016e0lp1cBoq5YPpDewIMR4ATd4v wf4m1kDEFpHGuzu54zZVagRc0Dd0P/+mSBwH9+KzAa4tu+S2V/REt6JM6ipL8xTKV06c opcNDiRRIS7yRmh6MVXzJhk6R9/La4c8fXxTgHVEoPgcBEziW853dQKeXJDP8oiITgo6 ruCA== X-Forwarded-Encrypted: i=1; AJvYcCVbZbSvoP3estjWEP76i/mstV8e5XsxSNMhCtkZo7aW4pi6+m+AsxgiiqXEIXdrcJ8NmMI3D5TDph4JPuqNyu43FIE= X-Gm-Message-State: AOJu0Yw65IU6O8+6ouTaw7IAfa22/TXbGosxf30E000/z53VlywNmPTt SouhNOvFQ3fQbyb8gUKIND+IPyrFuXKtA/UbsZvegTifRFsSSY51fpX/0CfIFTrvOmIt5DLMepC kA8ISLDeo0g== X-Google-Smtp-Source: AGHT+IHocE6UCQJXGH4jW5S1f1i1qM0rmNw/QM4OyMtcRUe5WUau/3oluaHQD6zUlZ5KVAkubOggLQncuc63kw== X-Received: from beeg.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:11db]) (user=jackmanb job=sendgmr) by 2002:adf:ea0c:0:b0:367:8147:25c5 with SMTP id ffacd0b85a97d-367cea8ef32mr16488f8f.8.1720803665595; Fri, 12 Jul 2024 10:01:05 -0700 (PDT) Date: Fri, 12 Jul 2024 17:00:23 +0000 In-Reply-To: <20240712-asi-rfc-24-v1-0-144b319a40d8@google.com> Mime-Version: 1.0 References: <20240712-asi-rfc-24-v1-0-144b319a40d8@google.com> X-Mailer: b4 0.14-dev Message-ID: <20240712-asi-rfc-24-v1-5-144b319a40d8@google.com> Subject: [PATCH 05/26] mm: asi: Add infrastructure for boot-time enablement From: Brendan Jackman To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Sean Christopherson , Paolo Bonzini , Alexandre Chartre , Liran Alon , Jan Setje-Eilers , Catalin Marinas , Will Deacon , Mark Rutland , Andrew Morton , Mel Gorman , Lorenzo Stoakes , David Hildenbrand , Vlastimil Babka , Michal Hocko , Khalid Aziz , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Valentin Schneider , Paul Turner , Reiji Watanabe , Junaid Shahid , Ofir Weisse , Yosry Ahmed , Patrick Bellasi , KP Singh , Alexandra Sandulescu , Matteo Rizzo , Jann Horn Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, kvm@vger.kernel.org, Brendan Jackman X-Stat-Signature: npwiqtuwjs7aa1dxd5kzuprhpmpi3xwf X-Rspamd-Queue-Id: 850A4A0041 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1720803667-946999 X-HE-Meta: U2FsdGVkX1+BmKkbqP1jq6FzE3vfbo7r72bCbdr/u8ZTq114s3bAKp87Hjq2B2VjJobWPifm2KKiZFjwQYGvsLteY3x601NPxZgW3Ml0+BfjQaIsUdrVjUZassgy0M3LhvZ/iqWAmzQaf3e+WCWxUHdJETZFRyeKQ5X7A22FlSkd1gVa0aiYPRYfwyld8PE+euuEUddQ6xaHQucJvrOKeQ2cJVposuENKr5aJRxE3v5jHdgQbKXQk5Y9GImVMmvYQ6w38S4o272rzYm7WIDW7B8PD8N7/ev+8UJn1RLFqVM3/HvnKlm353z4BvATNBvR6WXzTigWUU+g9UmkrRXLNPjR4UAcT9CN1Uo49z+h5pqGrJJLnJ6TJEpAUBd2ugrGDL9qT1KSA6UsvS9+VkD66zYLgRtPwO6cAQqIO9e3lAEJHnj9GAR96widiJCIloJ4P74NCCxZNfex/uS/ED5lo22+rzkWUpKOOvI+4umpmk990loScfdaOThiDTW6m5SRo1ZXC7QlPqjYUXNGp94zm/46nbr5J7//SWN5cg3KB+VvQoLeDUGtaQari9ZfHecPLVAl1OustWNH78xmpwC7oML/Cphd1ncNkg7ua0qPmXaf7AidXYZCs3wcHDC3SA6MDrcf/vEcaRs0YOSgrWPocCE5Nda0q93bCmkioxUAUUV4SqShAsY6LOPsf9XEtnPfdevHIZ2nHUj78M0YwTQeCaS3Clk/uyEeqQY0unX2RWwM+qSYl1ggIiuv9Q7YUmoJubtxkYuIhaUChmvcxuFX2kSKjGUcyuTV7XZkWn6ShM/lO5/NdzMd5F4Sfki5gYDuR2Ubz9dgGAhADqRjHh8mZI57dsaQYDOqjBd39yss5ZysiLlTyCNMdXWa0MkZs224vhwonQ3oWVJX2r0agF7h9R0jaWIFDb91IXMbXNktDa0D8YwtIuQBpV2Y+R9kGv1bNZdWuC7wKRtzE/P/yxr SvD6Airi VFMDfYMVDwQiW22u/mOn8W+cJ4CK3VCg1a5kbtH2KGFXupWe2gAR9yVAQseek/ReJVT0yVqisniDRXTnhaVAF2iSFu0UyaL3X11CHgrVMINoTdsl0qlW60pahBo0lu/w1L5WSSjry+SnYKKREQzs6zAsS5UP7KzwfcOz/Yl7IFK05fbS7OSb2Qv/ZTAwYf/gPiZUQrF29d+gK1HFGcO74BSPOaUS19aC7brVhdKMGvAbTjs6tC7ob0yyZBCFw+h48sojq5NymbY1c9kegEMyRtcDk6yESohUYmJ+HrU18du9DeUNbNAbPD+Nyzqdf+6VH6T14Hs/tP2L3VvMXFmxtbMRk23ftrSVvJrEYJ24mQqfJsj6yaX0jy7vbyEa36mZZ0SlXWmYM8LWeMZKfuOyVIGVmFcR02fBlFejRxonVEOTVLhc8URJpkcSbF6nnxl3yJcK+1thaS4OIp+W1ySJiDnalkKMBLcoiXYTuzxtL96zmP97C79l8vgeOxAATSdDWXiGtrHkzdUQV6cvuvSIyyzcbgsOdBU66lBYY X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add a boot time parameter to control the newly added X86_FEATURE_ASI. "asi=on" or "asi=off" can be used in the kernel command line to enable or disable ASI at boot time. If not specified, ASI enablement depends on CONFIG_ADDRESS_SPACE_ISOLATION_DEFAULT_ON, which is off by default. asi_check_boottime_disable() is modeled after pti_check_boottime_disable(). The boot parameter is currently ignored until ASI is fully functional. Once we have a set of ASI features checked in that we have actually tested, we will stop ignoring the flag. But for now let's just add the infrastructure so we can implement the usage code. Co-developed-by: Junaid Shahid Co-developed-by: Yosry Ahmed Signed-off-by: Brendan Jackman --- arch/x86/Kconfig | 8 +++++ arch/x86/include/asm/asi.h | 20 +++++++++-- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/disabled-features.h | 8 ++++- arch/x86/mm/asi.c | 61 +++++++++++++++++++++++++++----- arch/x86/mm/init.c | 4 ++- include/asm-generic/asi.h | 4 +++ 7 files changed, 92 insertions(+), 14 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index ff74aa53842e..7f21de55d6ac 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2535,6 +2535,14 @@ config MITIGATION_ADDRESS_SPACE_ISOLATION This dependencies will later be removed with extensions to the KASAN implementation. +config ADDRESS_SPACE_ISOLATION_DEFAULT_ON + bool "Enable address space isolation by default" + default n + depends on ADDRESS_SPACE_ISOLATION + help + If selected, ASI is enabled by default at boot if the asi=on or + asi=off are not specified. + config MITIGATION_RETPOLINE bool "Avoid speculative indirect branches in kernel" select OBJTOOL if HAVE_OBJTOOL diff --git a/arch/x86/include/asm/asi.h b/arch/x86/include/asm/asi.h index a052e561b2b7..04ba2ec7fd28 100644 --- a/arch/x86/include/asm/asi.h +++ b/arch/x86/include/asm/asi.h @@ -6,6 +6,7 @@ #include #include +#include #include #include @@ -64,6 +65,9 @@ * the N ASI classes. */ +/* Try to avoid this outside of hot code (see comment on _static_cpu_has). */ +#define static_asi_enabled() cpu_feature_enabled(X86_FEATURE_ASI) + #define ASI_MAX_NUM_ORDER 2 #define ASI_MAX_NUM (1 << ASI_MAX_NUM_ORDER) @@ -101,6 +105,8 @@ struct asi { DECLARE_PER_CPU_ALIGNED(struct asi *, curr_asi); +void asi_check_boottime_disable(void); + void asi_init_mm_state(struct mm_struct *mm); int asi_register_class(const char *name, const struct asi_hooks *ops); @@ -124,7 +130,9 @@ void asi_exit(void); /* The target is the domain we'll enter when returning to process context. */ static __always_inline struct asi *asi_get_target(struct task_struct *p) { - return p->thread.asi_state.target; + return static_asi_enabled() + ? p->thread.asi_state.target + : NULL; } static __always_inline void asi_set_target(struct task_struct *p, @@ -135,7 +143,9 @@ static __always_inline void asi_set_target(struct task_struct *p, static __always_inline struct asi *asi_get_current(void) { - return this_cpu_read(curr_asi); + return static_asi_enabled() + ? this_cpu_read(curr_asi) + : NULL; } /* Are we currently in a restricted address space? */ @@ -144,7 +154,11 @@ static __always_inline bool asi_is_restricted(void) return (bool)asi_get_current(); } -/* If we exit/have exited, can we stay that way until the next asi_enter? */ +/* + * If we exit/have exited, can we stay that way until the next asi_enter? + * + * When ASI is disabled, this returns true. + */ static __always_inline bool asi_is_relaxed(void) { return !asi_get_target(current); diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 3c7434329661..a6b213c7df44 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -470,6 +470,7 @@ #define X86_FEATURE_BHI_CTRL (21*32+ 2) /* "" BHI_DIS_S HW control available */ #define X86_FEATURE_CLEAR_BHB_HW (21*32+ 3) /* "" BHI_DIS_S HW control enabled */ #define X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT (21*32+ 4) /* "" Clear branch history at vmexit using SW loop */ +#define X86_FEATURE_ASI (21*32+5) /* Kernel Address Space Isolation */ /* * BUG word(s) diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index c492bdc97b05..c7964ed4fef8 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -50,6 +50,12 @@ # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) #endif +#ifdef CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION +# define DISABLE_ASI 0 +#else +# define DISABLE_ASI (1 << (X86_FEATURE_ASI & 31)) +#endif + #ifdef CONFIG_MITIGATION_RETPOLINE # define DISABLE_RETPOLINE 0 #else @@ -154,7 +160,7 @@ #define DISABLED_MASK17 0 #define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK19 (DISABLE_SEV_SNP) -#define DISABLED_MASK20 0 +#define DISABLED_MASK20 (DISABLE_ASI) #define DISABLED_MASK21 0 #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22) diff --git a/arch/x86/mm/asi.c b/arch/x86/mm/asi.c index c5979d78fdbb..21207a3e8b17 100644 --- a/arch/x86/mm/asi.c +++ b/arch/x86/mm/asi.c @@ -4,7 +4,9 @@ #include #include +#include #include +#include #include #include @@ -28,6 +30,9 @@ int asi_register_class(const char *name, const struct asi_hooks *ops) { int i; + if (!boot_cpu_has(X86_FEATURE_ASI)) + return 0; + VM_BUG_ON(name == NULL); spin_lock(&asi_class_lock); @@ -52,6 +57,9 @@ EXPORT_SYMBOL_GPL(asi_register_class); void asi_unregister_class(int index) { + if (!boot_cpu_has(X86_FEATURE_ASI)) + return; + BUG_ON(!asi_index_valid(index)); spin_lock(&asi_class_lock); @@ -63,11 +71,36 @@ void asi_unregister_class(int index) } EXPORT_SYMBOL_GPL(asi_unregister_class); +void __init asi_check_boottime_disable(void) +{ + bool enabled = IS_ENABLED(CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION_DEFAULT_ON); + char arg[4]; + int ret; + + ret = cmdline_find_option(boot_command_line, "asi", arg, sizeof(arg)); + if (ret == 3 && !strncmp(arg, "off", 3)) { + enabled = false; + pr_info("ASI disabled through kernel command line.\n"); + } else if (ret == 2 && !strncmp(arg, "on", 2)) { + enabled = true; + pr_info("Ignoring asi=on param while ASI implementation is incomplete.\n"); + } else { + pr_info("ASI %s by default.\n", + enabled ? "enabled" : "disabled"); + } + + if (enabled) + pr_info("ASI enablement ignored due to incomplete implementation.\n"); +} static void __asi_destroy(struct asi *asi) { - lockdep_assert_held(&asi->mm->asi_init_lock); + WARN_ON_ONCE(asi->ref_count <= 0); + if (--(asi->ref_count) > 0) + return; + free_pages((ulong)asi->pgd, PGD_ALLOCATION_ORDER); + memset(asi, 0, sizeof(struct asi)); } int asi_init(struct mm_struct *mm, int asi_index, struct asi **out_asi) @@ -77,6 +110,9 @@ int asi_init(struct mm_struct *mm, int asi_index, struct asi **out_asi) *out_asi = NULL; + if (!boot_cpu_has(X86_FEATURE_ASI)) + return 0; + BUG_ON(!asi_index_valid(asi_index)); asi = &mm->asi[asi_index]; @@ -121,7 +157,7 @@ void asi_destroy(struct asi *asi) { struct mm_struct *mm; - if (!asi) + if (!boot_cpu_has(X86_FEATURE_ASI) || !asi) return; mm = asi->mm; @@ -130,11 +166,7 @@ void asi_destroy(struct asi *asi) * to block concurrent asi_init calls. */ mutex_lock(&mm->asi_init_lock); - WARN_ON_ONCE(asi->ref_count <= 0); - if (--(asi->ref_count) == 0) { - free_pages((ulong)asi->pgd, PGD_ALLOCATION_ORDER); - memset(asi, 0, sizeof(struct asi)); - } + __asi_destroy(asi); mutex_unlock(&mm->asi_init_lock); } EXPORT_SYMBOL_GPL(asi_destroy); @@ -178,6 +210,9 @@ static noinstr void __asi_enter(void) noinstr void asi_enter(struct asi *asi) { + if (!static_asi_enabled()) + return; + VM_WARN_ON_ONCE(!asi); asi_set_target(current, asi); @@ -189,8 +224,10 @@ EXPORT_SYMBOL_GPL(asi_enter); inline_or_noinstr void asi_relax(void) { - barrier(); - asi_set_target(current, NULL); + if (static_asi_enabled()) { + barrier(); + asi_set_target(current, NULL); + } } EXPORT_SYMBOL_GPL(asi_relax); @@ -199,6 +236,9 @@ noinstr void asi_exit(void) u64 unrestricted_cr3; struct asi *asi; + if (!static_asi_enabled()) + return; + preempt_disable_notrace(); VM_BUG_ON(this_cpu_read(cpu_tlbstate.loaded_mm) == @@ -229,6 +269,9 @@ EXPORT_SYMBOL_GPL(asi_exit); void asi_init_mm_state(struct mm_struct *mm) { + if (!boot_cpu_has(X86_FEATURE_ASI)) + return; + memset(mm->asi, 0, sizeof(mm->asi)); mutex_init(&mm->asi_init_lock); } diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index 5b06d30dee67..e2a29f6779d9 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -27,6 +27,7 @@ #include #include #include +#include /* * We need to define the tracepoints somewhere, and tlb.c @@ -250,7 +251,7 @@ static void __init probe_page_size_mask(void) __default_kernel_pte_mask = __supported_pte_mask; /* Except when with PTI where the kernel is mostly non-Global: */ if (cpu_feature_enabled(X86_FEATURE_PTI) || - IS_ENABLED(CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION)) + cpu_feature_enabled(X86_FEATURE_ASI)) __default_kernel_pte_mask &= ~_PAGE_GLOBAL; /* Enable 1 GB linear kernel mappings if available: */ @@ -757,6 +758,7 @@ void __init init_mem_mapping(void) unsigned long end; pti_check_boottime_disable(); + asi_check_boottime_disable(); probe_page_size_mask(); setup_pcid(); diff --git a/include/asm-generic/asi.h b/include/asm-generic/asi.h index 3660fc1defe8..d0a451f9d0b7 100644 --- a/include/asm-generic/asi.h +++ b/include/asm-generic/asi.h @@ -48,6 +48,10 @@ static inline struct asi *asi_get_target(struct task_struct *p) { return NULL; } static inline pgd_t *asi_pgd(struct asi *asi) { return NULL; } +#define static_asi_enabled() false + +static inline void asi_check_boottime_disable(void) { } + #endif /* !_ASSEMBLY_ */ #endif /* !CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION */