Re: [PATCH 28/37] x86/mm/pti: Map kernel-text to user-space on 32 bit kernels
From: Kees Cook
Date: Mon Apr 23 2018 - 13:09:28 EST
On Mon, Apr 23, 2018 at 8:47 AM, Joerg Roedel <joro@xxxxxxxxxx> wrote:
> From: Joerg Roedel <jroedel@xxxxxxx>
>
> Keeping the kernel text mapped with G bit set keeps its
> entries in the TLB across kernel entry/exit and improved the
> performance. The 64 bit x86 kernels already do this when
> there is no PCID, so do this in 32 bit as well since PCID is
> not even supported there.
I think this should keep at least part of the logic as 64-bit since
there are other reasons to turn off the Global flag:
https://lkml.kernel.org/r/20180420222026.D0B4AAC9@xxxxxxxxxxxxxxxxxx
-Kees
>
> Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
> ---
> arch/x86/mm/init_32.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
> index c893c6a..8299b98 100644
> --- a/arch/x86/mm/init_32.c
> +++ b/arch/x86/mm/init_32.c
> @@ -956,4 +956,10 @@ void mark_rodata_ro(void)
> mark_nxdata_nx();
> if (__supported_pte_mask & _PAGE_NX)
> debug_checkwx();
> +
> + /*
> + * Do this after all of the manipulation of the
> + * kernel text page tables are complete.
> + */
> + pti_clone_kernel_text();
> }
> --
> 2.7.4
>
--
Kees Cook
Pixel Security