Re: [patch 33/60] x86/mm/kpti: Allocate a separate user PGD

From: Ingo Molnar
Date: Wed Dec 06 2017 - 15:56:13 EST



* Borislav Petkov <bp@xxxxxxx> wrote:

> On Mon, Dec 04, 2017 at 03:07:39PM +0100, Thomas Gleixner wrote:
> > From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> >
> > Kernel page table isolation requires to have two PGDs. One for the kernel,
> > which contains the full kernel mapping plus the user space mapping and one
> > for user space which contains the user space mappings and the minimal set
> > of kernel mappings which are required by the architecture to be able to
> > transition from and to user space.
> >
> > Add the necessary preliminaries.
> >
> > [ tglx: Split out from the big kaiser dump ]
> >
> > Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> > Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> >
> > ---
> > arch/x86/kernel/head_64.S | 30 +++++++++++++++++++++++++++---
> > arch/x86/mm/pgtable.c | 16 ++++++++++++++--
> > 2 files changed, 41 insertions(+), 5 deletions(-)
>
> ...
>
> > --- a/arch/x86/mm/pgtable.c
> > +++ b/arch/x86/mm/pgtable.c
> > @@ -355,14 +355,26 @@ static inline void _pgd_free(pgd_t *pgd)
> > kmem_cache_free(pgd_cache, pgd);
> > }
> > #else
> > +
> > +#ifdef CONFIG_KERNEL_PAGE_TABLE_ISOLATION
> > +/*
> > + * Instead of one pgd, we aquire two pgds. Being order-1, it is
>
> "acquire"

Fixed. I also did a s/pgd/PGD

> Otherwise:
>
> Reviewed-by: Borislav Petkov <bp@xxxxxxx>

Thanks!

Ingo