Received: by 10.223.185.116 with SMTP id b49csp2259661wrg; Thu, 15 Feb 2018 08:54:55 -0800 (PST) X-Google-Smtp-Source: AH8x2254MwViI+cZskGiNITMGH6w5NqNWjeXPdqIdQw/nwf+5+E6avHd+ZHA2sbHPezQgJRxGJlJ X-Received: by 10.99.125.22 with SMTP id y22mr2256660pgc.125.1518713695740; Thu, 15 Feb 2018 08:54:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518713695; cv=none; d=google.com; s=arc-20160816; b=CNyPXLhnNHPVGkCpq/v46R1drouqJbiRk52I8RaJABNjn0S14a9SITj92zuMWpuXuP qWZrpBKGoUyMaojhuofInczEHmWjE3hVa2iLnJElwlk33FponX1A90uLceLNUoRWw7q6 7tLsZttpqVBBvhacjKUjeRtZVtMQPjkrV3CZk3HNXGedUrSEMYSpPEdz+MljIgEppz59 22oDR3i1y1AuRuAcofn7TvBpWEtN1WcEtNIAC87rj1XhTGArGvLZHHd6BUo7V8ZwKyvJ aCadsrsfTPUMq43+bbh404CQxCQxY0++tGLf+EBIziKqio7c2EShHuZpwhnVvszwXQv1 W+aA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=5lJaiqZQ7PeZ2CLWdHj3jbhrUk3OSbvCTM5QCMIyPOo=; b=zLGZP3+py57blvzWwOHLNAm0Ob7wJnXlwIO8khMnZNGLOBDWByWPo4CTUrZ0O3ImXY azSsjmXFqTUqwQZXb3cipAifQK+k6xsNTGRtFwRH8XnIL3P4FYc2NGK9arnJUcjtA+Rn cCX02lrhnRx3hGt0Ue/Fk207S1zhgcydKAKmva7dIFiETNEXfIVv4tJJhZ6JV/jfQ4mQ wMJ8U9WBhjwLRxDpwD22+1sAN5yufSTFxHBba15Un5ZU1zZfgILk4IDksNTf0BH4uoFD Ui/GD6oeKNpfcTc7beLS3OussBaR1LNTWq6MyxfBaf5ofE4dimFWinAfaDTkDq43TZ+r MUfA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n10-v6si317962pls.112.2018.02.15.08.54.41; Thu, 15 Feb 2018 08:54:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1426508AbeBOQxh (ORCPT + 99 others); Thu, 15 Feb 2018 11:53:37 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:60016 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1423370AbeBOPkK (ORCPT ); Thu, 15 Feb 2018 10:40:10 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id BA3A7114A; Thu, 15 Feb 2018 15:40:09 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Will Deacon , Catalin Marinas Subject: [PATCH 4.15 035/202] [Variant 3/Meltdown] arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry Date: Thu, 15 Feb 2018 16:15:35 +0100 Message-Id: <20180215151714.840722419@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180215151712.768794354@linuxfoundation.org> References: <20180215151712.768794354@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Will Deacon Commit 0617052ddde3 upstream. Although CONFIG_UNMAP_KERNEL_AT_EL0 does make KASLR more robust, it's actually more useful as a mitigation against speculation attacks that can leak arbitrary kernel data to userspace through speculation. Reword the Kconfig help message to reflect this, and make the option depend on EXPERT so that it is on by default for the majority of users. Signed-off-by: Will Deacon Signed-off-by: Catalin Marinas Signed-off-by: Greg Kroah-Hartman --- arch/arm64/Kconfig | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -844,15 +844,14 @@ config FORCE_MAX_ZONEORDER 4M allocations matching the default size used by generic code. config UNMAP_KERNEL_AT_EL0 - bool "Unmap kernel when running in userspace (aka \"KAISER\")" + bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT default y help - Some attacks against KASLR make use of the timing difference between - a permission fault which could arise from a page table entry that is - present in the TLB, and a translation fault which always requires a - page table walk. This option defends against these attacks by unmapping - the kernel whilst running in userspace, therefore forcing translation - faults for all of kernel space. + Speculation attacks against some high-performance processors can + be used to bypass MMU permission checks and leak kernel data to + userspace. This can be defended against by unmapping the kernel + when running in userspace, mapping it back in on exception entry + via a trampoline page in the vector table. If unsure, say Y.