arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN

This patch adds the Kconfig option to enable support for TTBR0 PAN emulation. The option is default off because of a slight performance hit when enabled, caused by the additional TTBR0_EL1 switching during user access operations or exception entry/exit code. Cc: Will Deacon <will.deacon@arm.com> Cc: James Morse <james.morse@arm.com> Cc: Kees Cook <keescook@chromium.org> Cc: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>

arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN
This patch adds the Kconfig option to enable support for TTBR0 PAN emulation. The option is default off because of a slight performance hit when enabled, caused by the additional TTBR0_EL1 switching during user access operations or exception entry/exit code. Cc: Will Deacon <will.deacon@arm.com> Cc: James Morse <james.morse@arm.com> Cc: Kees Cook <keescook@chromium.org> Cc: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
ba42822a · Catalin Marinas · 9cf09d68 · ba42822a
Commit ba42822a authored Jul 01, 2016 by Catalin Marinas
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 0 deletions

arch/arm64/Kconfig arch/arm64/Kconfig +8 -0

No files found.
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -794,6 +794,14 @@ config SETEND_EMULATION
 	  If unsure, say Y
 endif

+config ARM64_SW_TTBR0_PAN
+	bool "Emulate Privileged Access Never using TTBR0_EL1 switching"
+	help
+	  Enabling this option prevents the kernel from accessing
+	  user-space memory directly by pointing TTBR0_EL1 to a reserved
+	  zeroed area and reserved ASID. The user access routines
+	  restore the valid TTBR0_EL1 temporarily.
+
 menu "ARMv8.1 architectural features"

 config ARM64_HW_AFDBM