1 #ifndef _ASM_X86_KAISER_H
2 #define _ASM_X86_KAISER_H
4 * This file includes the definitions for the KAISER feature.
5 * KAISER is a counter measure against x86_64 side channel attacks on
6 * the kernel virtual memory. It has a shadow pgd for every process: the
7 * shadow pgd has a minimalistic kernel-set mapped, but includes the whole
8 * user memory. Within a kernel context switch, or when an interrupt is handled,
9 * the pgd is switched to the normal one. When the system switches to user mode,
10 * the shadow pgd is enabled. By this, the virtual memory caches are freed,
11 * and the user may not attack the whole kernel memory.
13 * A minimalistic kernel mapping holds the parts needed to be mapped in user
14 * mode, such as the entry/exit functions of the user space, or the stacks.
19 .macro _SWITCH_TO_KERNEL_CR3 reg
21 #ifdef CONFIG_KAISER_REAL_SWITCH
27 .macro _SWITCH_TO_USER_CR3 reg
29 #ifdef CONFIG_KAISER_REAL_SWITCH
35 .macro SWITCH_KERNEL_CR3
37 _SWITCH_TO_KERNEL_CR3
%rax
41 .macro SWITCH_USER_CR3
43 _SWITCH_TO_USER_CR3
%rax
47 .macro SWITCH_KERNEL_CR3_NO_STACK
48 movq
%rax
, PER_CPU_VAR(unsafe_stack_register_backup
)
49 _SWITCH_TO_KERNEL_CR3
%rax
50 movq
PER_CPU_VAR(unsafe_stack_register_backup
), %rax
53 .macro SWITCH_USER_CR3_NO_STACK
54 movq
%rax
, PER_CPU_VAR(unsafe_stack_register_backup
)
55 _SWITCH_TO_USER_CR3
%rax
56 movq
PER_CPU_VAR(unsafe_stack_register_backup
), %rax
59 #else /* CONFIG_KAISER */
61 .macro SWITCH_KERNEL_CR3 reg
63 .macro SWITCH_USER_CR3 reg
65 .macro SWITCH_USER_CR3_NO_STACK
67 .macro SWITCH_KERNEL_CR3_NO_STACK
70 #endif /* CONFIG_KAISER */
72 #else /* __ASSEMBLY__ */
76 * Upon kernel/user mode switch, it may happen that the address
77 * space has to be switched before the registers have been
78 * stored. To change the address space, another register is
79 * needed. A register therefore has to be stored/restored.
81 DECLARE_PER_CPU_USER_MAPPED(unsigned long, unsafe_stack_register_backup
);
84 * kaiser_add_mapping - map a virtual memory part to the shadow (user) mapping
85 * @addr: the start address of the range
86 * @size: the size of the range
87 * @flags: The mapping flags of the pages
89 * The mapping is done on a global scope, so no bigger
90 * synchronization has to be done. the pages have to be
91 * manually unmapped again when they are not needed any longer.
93 extern int kaiser_add_mapping(unsigned long addr
, unsigned long size
, unsigned long flags
);
96 * kaiser_remove_mapping - unmap a virtual memory part of the shadow mapping
97 * @addr: the start address of the range
98 * @size: the size of the range
100 extern void kaiser_remove_mapping(unsigned long start
, unsigned long size
);
103 * kaiser_init - Initialize the shadow mapping
105 * Most parts of the shadow mapping can be mapped upon boot
106 * time. Only per-process things like the thread stacks
107 * or a new LDT have to be mapped at runtime. These boot-
108 * time mappings are permanent and never unmapped.
110 extern void kaiser_init(void);
112 #endif /* CONFIG_KAISER */
114 #endif /* __ASSEMBLY */
116 #endif /* _ASM_X86_KAISER_H */