Thread (9 messages) 9 messages, 3 authors, 2018-05-31
DORMANTno replies
Revisions (4)
  1. v1 [diff vs current]
  2. v1 [diff vs current]
  3. v1 current
  4. v2 [diff vs current]

[PATCH 1/4] arm64: capabilities: add nopti command line argument

From: Mark Langsdorf <hidden>
Date: 2018-05-31 13:45:38 

On 05/30/2018 03:59 AM, Suzuki K Poulose wrote:

Hi Mark,

On 24/05/18 20:09, Mark Langsdorf wrote:
quoted
The x86 kernel and the documentation use 'nopti' as the kernel command
line argument to disable kernel page table isolation, so add nopti to
the arm64 kernel for compatibility.

Signed-off-by: Mark Langsdorf <redacted>
---
? Documentation/admin-guide/kernel-parameters.txt |? 6 +++---
? arch/arm64/kernel/cpufeature.c????????????????? | 11 ++++++++++-
? 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/Documentation/admin-guide/kernel-parameters.txt 
b/Documentation/admin-guide/kernel-parameters.txt
index f2040d4..a987725 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -3342,8 +3342,8 @@
????? pt.??????? [PARIDE]
????????????? See Documentation/blockdev/paride.txt.
-??? pti=??????? [X86_64] Control Page Table Isolation of user and
-??????????? kernel address spaces.? Disabling this feature
+??? pti=??????? [X86_64, ARM64] Control Page Table Isolation of user
+??????????? and kernel address spaces.? Disabling this feature
????????????? removes hardening, but improves performance of
????????????? system calls and interrupts.
...
quoted
@@ -3354,7 +3354,7 @@
????????????? Not specifying this option is equivalent to pti=auto.
-??? nopti??????? [X86_64]
+??? nopti??????? [X86_64, ARM64]
????????????? Equivalent to pti=off
????? pty.legacy_count=
diff --git a/arch/arm64/kernel/cpufeature.c 
b/arch/arm64/kernel/cpufeature.c
index 9d1b06d..7c5d8712 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -934,10 +934,19 @@ static int __init parse_kpti(char *str)
????? if (ret)
????????? return ret;
-??? __kpti_forced = enabled ? 1 : -1;
+??? if (!__kpti_forced)
+??????? __kpti_forced = enabled ? 1 : -1;
????? return 0;
? }
? __setup("kpti=", parse_kpti);
The arm64 kernel parameter is named "kpti", while the Documentation 
update above says "pti". We may want to keep both in sync here.
Good point. I think I will add a new kpti entry for ARM64 in 
kernel-parameters. Then the docs match the code, instead of trying to 
match the code to the docs.

--Mark Langsdorf
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help