arch/x86/include/asm/kaiser.h

   1 #ifndef _ASM_X86_KAISER_H
   2 #define _ASM_X86_KAISER_H
   3 /*
   4  * This file includes the definitions for the KAISER feature.
   5  * KAISER is a counter measure against x86_64 side channel attacks on
   6  * the kernel virtual memory.  It has a shadow pgd for every process: the
   7  * shadow pgd has a minimalistic kernel-set mapped, but includes the whole
   8  * user memory. Within a kernel context switch, or when an interrupt is handled,
   9  * the pgd is switched to the normal one. When the system switches to user mode,
  10  * the shadow pgd is enabled. By this, the virtual memory caches are freed,
  11  * and the user may not attack the whole kernel memory.
  12  *
  13  * A minimalistic kernel mapping holds the parts needed to be mapped in user
  14  * mode, such as the entry/exit functions of the user space, or the stacks.
  15  */
  16 #ifdef __ASSEMBLY__
  17 #ifdef CONFIG_KAISER
  18
  19 .macro _SWITCH_TO_KERNEL_CR3 reg
  20 movq %cr3, \reg
  21 #ifdef CONFIG_KAISER_REAL_SWITCH
  22 andq $(~0x1000), \reg
  23 #endif
  24 movq \reg, %cr3
  25 .endm
  26
  27 .macro _SWITCH_TO_USER_CR3 reg
  28 movq %cr3, \reg
  29 #ifdef CONFIG_KAISER_REAL_SWITCH
  30 orq $(0x1000), \reg
  31 #endif
  32 movq \reg, %cr3
  33 .endm
  34
  35 .macro SWITCH_KERNEL_CR3
  36 pushq %rax
  37 _SWITCH_TO_KERNEL_CR3 %rax
  38 popq %rax
  39 .endm
  40
  41 .macro SWITCH_USER_CR3
  42 pushq %rax
  43 _SWITCH_TO_USER_CR3 %rax
  44 popq %rax
  45 .endm
  46
  47 .macro SWITCH_KERNEL_CR3_NO_STACK
  48 movq %rax, PER_CPU_VAR(unsafe_stack_register_backup)
  49 _SWITCH_TO_KERNEL_CR3 %rax
  50 movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
  51 .endm
  52
  53 .macro SWITCH_USER_CR3_NO_STACK
  54 movq %rax, PER_CPU_VAR(unsafe_stack_register_backup)
  55 _SWITCH_TO_USER_CR3 %rax
  56 movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
  57 .endm
  58
  59 #else /* CONFIG_KAISER */
  60
  61 .macro SWITCH_KERNEL_CR3 reg
  62 .endm
  63 .macro SWITCH_USER_CR3 reg
  64 .endm
  65 .macro SWITCH_USER_CR3_NO_STACK
  66 .endm
  67 .macro SWITCH_KERNEL_CR3_NO_STACK
  68 .endm
  69
  70 #endif /* CONFIG_KAISER */
  71
  72 #else /* __ASSEMBLY__ */
  73
  74 #ifdef CONFIG_KAISER
  75 /*
  76  * Upon kernel/user mode switch, it may happen that the address
  77  * space has to be switched before the registers have been
  78  * stored.  To change the address space, another register is
  79  * needed.  A register therefore has to be stored/restored.
  80 */
  81 DECLARE_PER_CPU_USER_MAPPED(unsigned long, unsafe_stack_register_backup);
  82
  83 /**
  84  *  kaiser_add_mapping - map a virtual memory part to the shadow (user) mapping
  85  *  @addr: the start address of the range
  86  *  @size: the size of the range
  87  *  @flags: The mapping flags of the pages
  88  *
  89  *  The mapping is done on a global scope, so no bigger
  90  *  synchronization has to be done.  the pages have to be
  91  *  manually unmapped again when they are not needed any longer.
  92  */
  93 extern int kaiser_add_mapping(unsigned long addr, unsigned long size, unsigned long flags);
  94
  95 /**
  96  *  kaiser_remove_mapping - unmap a virtual memory part of the shadow mapping
  97  *  @addr: the start address of the range
  98  *  @size: the size of the range
  99  */
 100 extern void kaiser_remove_mapping(unsigned long start, unsigned long size);
 101
 102 /**
 103  *  kaiser_init - Initialize the shadow mapping
 104  *
 105  *  Most parts of the shadow mapping can be mapped upon boot
 106  *  time.  Only per-process things like the thread stacks
 107  *  or a new LDT have to be mapped at runtime.  These boot-
 108  *  time mappings are permanent and never unmapped.
 109  */
 110 extern void kaiser_init(void);
 111
 112 #endif /* CONFIG_KAISER */
 113
 114 #endif /* __ASSEMBLY */
 115
 116 #endif /* _ASM_X86_KAISER_H */