From: Ard Biesheuvel <ardb@kernel.org>
Date: Fri, 1 Mar 2024 10:40:49 +0000 (+0100)
Subject: arm64/mm: Avoid ID mapping of kpti flag if it is no longer needed
X-Git-Tag: v6.9-rc1~114^2~3^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=27f2b9fcddc76d542ac339febf2af55b67f610ca;p=thirdparty%2Fkernel%2Flinux.git

arm64/mm: Avoid ID mapping of kpti flag if it is no longer needed

arm64_use_ng_mappings will be set to 'true' by the early boot code if it
decides to use non-global (nG) attributes for all kernel mappings,
typically when enabling KASLR on a system that does not implement E0PD.

In this case, the G-to-nG update routines are never called, and so there
is no reason to create the writable mapping of the associated status
flag in the ID map.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20240301104046.1234309-6-ardb+git@google.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
---

diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index b131ed31a6c84..bf5b1c426ad0d 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -777,7 +777,7 @@ static void __init create_idmap(void)
 		       IDMAP_ROOT_LEVEL, (pte_t *)idmap_pg_dir, false,
 		       __phys_to_virt(ptep) - ptep);
 
-	if (IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) {
+	if (IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0) && !arm64_use_ng_mappings) {
 		extern u32 __idmap_kpti_flag;
 		u64 pa = __pa_symbol(&__idmap_kpti_flag);