Received: by 10.223.185.116 with SMTP id b49csp542608wrg; Fri, 16 Feb 2018 03:17:00 -0800 (PST) X-Google-Smtp-Source: AH8x227fhDMmJdLelduLW4JZMxVXNm5GE/RB4FTkEskla4HL0QUInYxaoyJnOLciwAOckHfIDw65 X-Received: by 10.99.126.19 with SMTP id z19mr4851539pgc.108.1518779820496; Fri, 16 Feb 2018 03:17:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518779820; cv=none; d=google.com; s=arc-20160816; b=VTKiGbe0Q9E4578PxFwjr+CYDeigIwdRERVtikPVRVod2zyGZ01vnmuIFrE68f3sJs d8//bTc5KZlE7Qs7WyjzjOH3D7pXNCz3ljIK7D7xW215DYD57Uxcn5TtfxXKchUINXG1 SolGSlosCooRwyx2/2JpDw1uxudfH55CL/WyLuEmBfHW0kV+sdSNlIDQrgsRSJxcUppl /MLtlGq0upryah8ka2KFPf/dJfnnwRjbALo6KtbK0E9Roq+RGEgSxUBKtfy2M2POoI18 QP5BejPIs8Oo3YGyqrHE2/0ss31GlakpP9FENys567jTcRPxXKgryGrgqKZAgxMIC4Gf W0PA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=DqFph+7kPoNlnWNSKGnASAednUU1dNLEsQ0RGZk5xPg=; b=fLmnGnkwsRqyWLEOxHBqXpGS2bhhpIJ6m7m70RyOzztKAb7tpTIst4umebv951w183 l/FBLAbgDtjinuqc6e/2+uEgtoFjz3WmM0LI8npS0qiYzQwITy2SRMJMkmmN6rNsWf0F nN4iDrUQVa+M+JxbUTaMeyWNXuL90T/ULScEGecXMXu3HIyoPu9uRE8oh2BugXjI+7q2 DmD40ddsURRHLvLiBCy8neaYFjmmT76u3INhv+YGUXJ/ZrzNvKq5jp8k9PA4U9kJQ6Py Jtpu8rDR89z9uGSE48BDr5dTPZxtOs2Xbc2HPILQwEbiLgKWrzFVPKLMCNpDCghrEaPX 85PQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s196si2692820pgc.129.2018.02.16.03.16.45; Fri, 16 Feb 2018 03:17:00 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1165094AbeBORqe (ORCPT + 99 others); Thu, 15 Feb 2018 12:46:34 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:55762 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1164425AbeBOPb2 (ORCPT ); Thu, 15 Feb 2018 10:31:28 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 1AE8ED57; Thu, 15 Feb 2018 15:31:27 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Will Deacon , Catalin Marinas , Ard Biesheuvel Subject: [PATCH 4.14 043/195] [Variant 3/Meltdown] arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry Date: Thu, 15 Feb 2018 16:15:34 +0100 Message-Id: <20180215151707.897042366@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180215151705.738773577@linuxfoundation.org> References: <20180215151705.738773577@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Will Deacon Commit 0617052ddde3 upstream. Although CONFIG_UNMAP_KERNEL_AT_EL0 does make KASLR more robust, it's actually more useful as a mitigation against speculation attacks that can leak arbitrary kernel data to userspace through speculation. Reword the Kconfig help message to reflect this, and make the option depend on EXPERT so that it is on by default for the majority of users. Signed-off-by: Will Deacon Signed-off-by: Catalin Marinas Signed-off-by: Ard Biesheuvel Signed-off-by: Greg Kroah-Hartman --- arch/arm64/Kconfig | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -807,15 +807,14 @@ config FORCE_MAX_ZONEORDER 4M allocations matching the default size used by generic code. config UNMAP_KERNEL_AT_EL0 - bool "Unmap kernel when running in userspace (aka \"KAISER\")" + bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT default y help - Some attacks against KASLR make use of the timing difference between - a permission fault which could arise from a page table entry that is - present in the TLB, and a translation fault which always requires a - page table walk. This option defends against these attacks by unmapping - the kernel whilst running in userspace, therefore forcing translation - faults for all of kernel space. + Speculation attacks against some high-performance processors can + be used to bypass MMU permission checks and leak kernel data to + userspace. This can be defended against by unmapping the kernel + when running in userspace, mapping it back in on exception entry + via a trampoline page in the vector table. If unsure, say Y.