Commit 92ac6fd1 authored by Mark Brown's avatar Mark Brown Committed by Will Deacon

arm64: Don't use KPTI where we have E0PD

Since E0PD is intended to fulfil the same role as KPTI we don't need to
use KPTI on CPUs where E0PD is available, we can rely on E0PD instead.
Change the check that forces KPTI on when KASLR is enabled to check for
E0PD before doing so, CPUs with E0PD are not expected to be affected by
meltdown so should not need to enable KPTI for other reasons.

Since E0PD is a system capability we will still enable KPTI if any of
the CPUs in the system lacks E0PD, this will rewrite any global mappings
that were established in systems where some but not all CPUs support
E0PD.  We may transiently have a mix of global and non-global mappings
while booting since we use the local CPU when deciding if KPTI will be
required prior to completing CPU enumeration but any global mappings
will be converted to non-global ones when KPTI is applied.

KPTI can still be forced on from the command line if required.
Signed-off-by: default avatarMark Brown <broonie@kernel.org>
Reviewed-by: default avatarSuzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: default avatarWill Deacon <will@kernel.org>
parent c2d92353
...@@ -47,10 +47,21 @@ static inline bool arm64_kernel_unmapped_at_el0(void) ...@@ -47,10 +47,21 @@ static inline bool arm64_kernel_unmapped_at_el0(void)
static inline bool kaslr_requires_kpti(void) static inline bool kaslr_requires_kpti(void)
{ {
bool tx1_bug; bool tx1_bug;
u64 ftr;
if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE)) if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE))
return false; return false;
/*
* E0PD does a similar job to KPTI so can be used instead
* where available.
*/
if (IS_ENABLED(CONFIG_ARM64_E0PD)) {
ftr = read_sysreg_s(SYS_ID_AA64MMFR2_EL1);
if ((ftr >> ID_AA64MMFR2_E0PD_SHIFT) & 0xf)
return false;
}
/* /*
* Systems affected by Cavium erratum 24756 are incompatible * Systems affected by Cavium erratum 24756 are incompatible
* with KPTI. * with KPTI.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment