Revert "x86/mm/legacy: Populate the user page-table with user pgd's"

joergroedel · KAGA-KOKO · commit 61a6bd83abf2 · 2018-09-14T17:08:45.000+02:00
This reverts commit 1f40a46. It turned out that this patch is not sufficient to enable PTI on 32 bit systems with legacy 2-level page-tables. In this paging mode the huge-page PTEs are in the top-level page-table directory, where also the mirroring to the user-space page-table happens. So every huge PTE exits twice, in the kernel and in the user page-table. That means that accessed/dirty bits need to be fetched from two PTEs in this mode to be safe, but this is not trivial to implement because it needs changes to generic code just for the sake of enabling PTI with 32-bit legacy paging. As all systems that need PTI should support PAE anyway, remove support for PTI when 32-bit legacy paging is used. Fixes: 7757d60 ('x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32') Reported-by: Meelis Roos <mroos@linux.ee> Signed-off-by: Joerg Roedel <jroedel@suse.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: hpa@zytor.com Cc: linux-mm@kvack.org Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Andrea Arcangeli <aarcange@redhat.com> Link: https://lkml.kernel.org/r/1536922754-31379-1-git-send-email-joro@8bytes.org
diff --git a/arch/x86/include/asm/pgtable-2level.h b/arch/x86/include/asm/pgtable-2level.h
@@ -19,9 +19,6 @@ static inline void native_set_pte(pte_t *ptep , pte_t pte)
 
 static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pmd.pud.p4d.pgd = pti_set_user_pgtbl(&pmdp->pud.p4d.pgd, pmd.pud.p4d.pgd);
-#endif
 	*pmdp = pmd;
 }
 
@@ -61,9 +58,6 @@ static inline pte_t native_ptep_get_and_clear(pte_t *xp)
 #ifdef CONFIG_SMP
 static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pti_set_user_pgtbl(&xp->pud.p4d.pgd, __pgd(0));
-#endif
 	return __pmd(xchg((pmdval_t *)xp, 0));
 }
 #else
@@ -73,9 +67,6 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
 #ifdef CONFIG_SMP
 static inline pud_t native_pudp_get_and_clear(pud_t *xp)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pti_set_user_pgtbl(&xp->p4d.pgd, __pgd(0));
-#endif
 	return __pud(xchg((pudval_t *)xp, 0));
 }
 #else
diff --git a/security/Kconfig b/security/Kconfig
@@ -57,7 +57,7 @@ config SECURITY_NETWORK
 config PAGE_TABLE_ISOLATION
 	bool "Remove the kernel mapping in user mode"
 	default y
-	depends on X86 && !UML
+	depends on (X86_64 || X86_PAE) && !UML
 	help
 	  This feature reduces the number of hardware side channels by
 	  ensuring that the majority of kernel addresses are not mapped

Original file line number	Diff line number	Diff line change
`@@ -19,9 +19,6 @@ static inline void native_set_pte(pte_t *ptep , pte_t pte)`
`19`	`19`
`20`	`20`	`static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)`
`21`	`21`	`{`
`22`		`-#ifdef CONFIG_PAGE_TABLE_ISOLATION`
`23`		`- pmd.pud.p4d.pgd = pti_set_user_pgtbl(&pmdp->pud.p4d.pgd, pmd.pud.p4d.pgd);`
`24`		`-#endif`
`25`	`22`	`*pmdp = pmd;`
`26`	`23`	`}`
`27`	`24`
`@@ -61,9 +58,6 @@ static inline pte_t native_ptep_get_and_clear(pte_t *xp)`
`61`	`58`	`#ifdef CONFIG_SMP`
`62`	`59`	`static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)`
`63`	`60`	`{`
`64`		`-#ifdef CONFIG_PAGE_TABLE_ISOLATION`
`65`		`- pti_set_user_pgtbl(&xp->pud.p4d.pgd, __pgd(0));`
`66`		`-#endif`
`67`	`61`	`return __pmd(xchg((pmdval_t *)xp, 0));`
`68`	`62`	`}`
`69`	`63`	`#else`
`@@ -73,9 +67,6 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)`
`73`	`67`	`#ifdef CONFIG_SMP`
`74`	`68`	`static inline pud_t native_pudp_get_and_clear(pud_t *xp)`
`75`	`69`	`{`
`76`		`-#ifdef CONFIG_PAGE_TABLE_ISOLATION`
`77`		`- pti_set_user_pgtbl(&xp->p4d.pgd, __pgd(0));`
`78`		`-#endif`
`79`	`70`	`return __pud(xchg((pudval_t *)xp, 0));`
`80`	`71`	`}`
`81`	`72`	`#else`