Received: by 10.223.164.202 with SMTP id h10csp4392278wrb;
        Mon, 20 Nov 2017 14:51:52 -0800 (PST)
X-Google-Smtp-Source: AGs4zMafMl25Msb4XJflMXxnoyNJh1wWO/wOl2xVhXEuG78tdzPR0flPGTL2B6DVDHq6nwgCkQeR
X-Received: by 10.159.229.136 with SMTP id az8mr15340413plb.423.1511218312761;
        Mon, 20 Nov 2017 14:51:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1511218312; cv=none;
        d=google.com; s=arc-20160816;
        b=g1jHmVNDXwnoPSznh5KqMgiBPaHJkKsZyhdinmENf3ISi4B7MMXTmFiq3efVOt7ZzU
         jf9VmAR9xqpCE7qLTJSNWtbI/BK65vB2aVdCM9BvN45qfiEAKfWZxCoz7jd3JFOiCyHt
         1/7Q53MtzpwWgA/TkF3aSlGLReFa6Y0VIun1+BjTFmPegef8ExV4j35896lFJKR2y4E3
         B1r2D2XT3zeSNDiEo7U1BPTnQyeUqsUr7WDFQ/JQFT2cuNU1vsP1VNZ1PFsXaO22IzKV
         8lg1h0yIREA97oFs90IctBoq0OjOhlvfPHt2M2lE5yhb/UNtdsCGIfWHrrnqqFEzcmYB
         fdtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=PPp5D1mAamuhTxbtk4DMkaWruZiN0e2JtboBVjHVoY4=;
        b=bBhGxZ62mhXnLBaTUGt0AyXSARVZsj9Ma2mKGXBaNu2utYwYCbGJoGuYEtoG5mohDc
         amQqb77TpGO9E8qXHhGfATdimNqjJEe2DIP/94WSM12onZ6O/+V8C27pkOlnsY+F8peF
         KY/upQCPdH+oUuMGLTDpYGZ1c6iDNPCv70Q3IhPNV3FZIWJ7hJtQCqbXFv2UgKtPTUqh
         beIxnD4VypSkNdjKsMv3cGdBoX8qIujtyxpXB8XFbXfY7g9kgo3H4LoM8aymM87rCJ0l
         R6XrFIDJl88WQQ/eX8LagLhjDAbcPo4iEeQKjqogexdGiVoL3gPBZMDQgwgoVjT6mtfs
         nthg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 78si7016222pfq.361.2017.11.20.14.51.42;
        Mon, 20 Nov 2017 14:51:52 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751360AbdKTWvE (ORCPT <rfc822;plaguedbypenguins@gmail.com>
        + 68 others); Mon, 20 Nov 2017 17:51:04 -0500
Received: from mail-ot0-f193.google.com ([74.125.82.193]:38359 "EHLO
        mail-ot0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751159AbdKTWvC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 Nov 2017 17:51:02 -0500
Received: by mail-ot0-f193.google.com with SMTP id b49so8987802otj.5
        for <linux-kernel@vger.kernel.org>; Mon, 20 Nov 2017 14:51:02 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=PPp5D1mAamuhTxbtk4DMkaWruZiN0e2JtboBVjHVoY4=;
        b=YdG2gfa7BkOlJRw/gbfvzIZxVLeWYRdggMQt+q8i3+P9tiyRJu+irEH/wg3Lc0NE4e
         YxjhoMBrSnS4uPGodD9QZQ4vxtkPlgUGbA+Xf6fxY9x7aNiaNjaG6q5f7Wn68mSkSKyE
         pRYf7PRDAtMtiQZviMxuesbj9ZNqyJzyPQ4AfFSbRrDXBiWjZPb8W41RGSIGTIz0XISL
         9EnMyKqSPq9s/Ufjhe573Krc4/0s48PtCu9Ctso+KboxS8Hp6ocpNap1UAClyTn9DfVB
         0Mm8/61noaQ0hNIi5av1Y0PDSOjCNA3s9Q/gRT4/KsWElaRmTxokgcxxyZmprW0IzU1S
         SvLg==
X-Gm-Message-State: AJaThX5Qpy+p7wydF/keckh/7S8RXO74FvxBFSBPqVh5+QnXYGTu7Bxt
        k5C29/u2nDr/eT+Vk4PMwZXwQg==
X-Received: by 10.157.62.93 with SMTP id h29mr9953834otg.386.1511218261806;
        Mon, 20 Nov 2017 14:51:01 -0800 (PST)
Received: from ?IPv6:2601:602:9802:a8dc:4eb2:6dae:ab32:e5b0? ([2601:602:9802:a8dc:4eb2:6dae:ab32:e5b0])
        by smtp.gmail.com with ESMTPSA id v29sm5383433otf.2.2017.11.20.14.50.59
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 20 Nov 2017 14:51:00 -0800 (PST)
Subject: Re: [PATCH 00/18] arm64: Unmap the kernel whilst running in userspace
 (KAISER)
To:     Will Deacon <will.deacon@arm.com>,
        linux-arm-kernel@lists.infradead.org
Cc:     linux-kernel@vger.kernel.org, catalin.marinas@arm.com,
        mark.rutland@arm.com, ard.biesheuvel@linaro.org,
        sboyd@codeaurora.org, dave.hansen@linux.intel.com,
        keescook@chromium.org
References: <1510942921-12564-1-git-send-email-will.deacon@arm.com>
From:   Laura Abbott <labbott@redhat.com>
Message-ID: <c09d26b4-2612-fb2e-fb95-897c937793ec@redhat.com>
Date:   Mon, 20 Nov 2017 14:50:58 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <1510942921-12564-1-git-send-email-will.deacon@arm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 11/17/2017 10:21 AM, Will Deacon wrote:
> Hi all,
> 
> This patch series implements something along the lines of KAISER for arm64:
> 
>    https://gruss.cc/files/kaiser.pdf
> 
> although I wrote this from scratch because the paper has some funny
> assumptions about how the architecture works. There is a patch series
> in review for x86, which follows a similar approach:
> 
>    http://lkml.kernel.org/r/<20171110193058.BECA7D88@viggo.jf.intel.com>
> 
> and the topic was recently covered by LWN (currently subscriber-only):
> 
>    https://lwn.net/Articles/738975/
> 
> The basic idea is that transitions to and from userspace are proxied
> through a trampoline page which is mapped into a separate page table and
> can switch the full kernel mapping in and out on exception entry and
> exit respectively. This is a valuable defence against various KASLR and
> timing attacks, particularly as the trampoline page is at a fixed virtual
> address and therefore the kernel text can be randomized independently.
> 
> The major consequences of the trampoline are:
> 
>    * We can no longer make use of global mappings for kernel space, so
>      each task is assigned two ASIDs: one for user mappings and one for
>      kernel mappings
> 
>    * Our ASID moves into TTBR1 so that we can quickly switch between the
>      trampoline and kernel page tables
> 
>    * Switching TTBR0 always requires use of the zero page, so we can
>      dispense with some of our errata workaround code.
> 
>    * entry.S gets more complicated to read
> 
> The performance hit from this series isn't as bad as I feared: things
> like cyclictest and kernbench seem to be largely unaffected, although
> syscall micro-benchmarks appear to show that syscall overhead is roughly
> doubled, and this has an impact on things like hackbench which exhibits
> a ~10% hit due to its heavy context-switching.
> 
> Patches based on 4.14 and also pushed here:
> 
>    git://git.kernel.org/pub/scm/linux/kernel/git/will/linux.git kaiser
> 
> Feedback welcome,
> 
> Will
> 

Passed some basic tests on Hikey Android and my Mustang box. I'll
leave the Mustang building kernels for a few days. You're welcome
to add Tested-by or I can re-test on v2.

Thanks,
Laura

From 1584610267407721613@xxx Mon Nov 20 18:21:53 +0000 2017
X-GM-THRID: 1584366039367167465
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread