• Catalin Marinas's avatar
    arm64: Disable TTBR0_EL1 during normal kernel execution · 39bc88e5
    Catalin Marinas authored
    When the TTBR0 PAN feature is enabled, the kernel entry points need to
    disable access to TTBR0_EL1. The PAN status of the interrupted context
    is stored as part of the saved pstate, reusing the PSR_PAN_BIT (22).
    Restoring access to TTBR0_EL1 is done on exception return if returning
    to user or returning to a context where PAN was disabled.
    
    Context switching via switch_mm() must defer the update of TTBR0_EL1
    until a return to user or an explicit uaccess_enable() call.
    
    Special care needs to be taken for two cases where TTBR0_EL1 is set
    outside the normal kernel context switch operation: EFI run-time
    services (via efi_set_pgd) and CPU suspend (via cpu_(un)install_idmap).
    Code has been added to avoid deferred TTBR0_EL1 switching as in
    switch_mm() and restore the reserved TTBR0_EL1 when uninstalling the
    special TTBR0_EL1.
    
    User cache maintenance (user_cache_maint_handler and
    __flush_cache_user_range) needs the TTBR0_EL1 re-instated since the
    operations are performed by user virtual address.
    
    This patch also removes a stale comment on the switch_mm() function.
    
    Cc: Will Deacon <will.deacon@arm.com>
    Cc: James Morse <james.morse@arm.com>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Mark Rutland <mark.rutland@arm.com>
    Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
    39bc88e5
efi.h 3.06 KB