UPSTREAM: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN

This patch adds the Kconfig option to enable support for TTBR0 PAN
emulation. The option is default off because of a slight performance hit
when enabled, caused by the additional TTBR0_EL1 switching during user
access operations or exception entry/exit code.

Cc: Will Deacon <will.deacon@arm.com>
Cc: James Morse <james.morse@arm.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Bug: 31432001
Change-Id: I2f0b5f332e3c56ea0453ff69826525dec49f034b
(cherry picked from commit ba42822af1c287f038aa550f3578c61c212a892e)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 095a3afb1e9df186bc819001915001b251931a5a..a9089fa82221bf4f820c2a2568c8aedd11560a22 100644 (file)
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -706,6 +706,14 @@ config SETEND_EMULATION
          If unsure, say Y
 endif
 
+config ARM64_SW_TTBR0_PAN
+       bool "Emulate Privileged Access Never using TTBR0_EL1 switching"
+       help
+         Enabling this option prevents the kernel from accessing
+         user-space memory directly by pointing TTBR0_EL1 to a reserved
+         zeroed area and reserved ASID. The user access routines
+         restore the valid TTBR0_EL1 temporarily.
+
 menu "ARMv8.1 architectural features"
 
 config ARM64_HW_AFDBM