1 #ifndef _ASM_X86_KAISER_H
2 #define _ASM_X86_KAISER_H
4 /* This file includes the definitions for the KAISER feature.
5 * KAISER is a counter measure against x86_64 side channel attacks on the kernel virtual memory.
6 * It has a shodow-pgd for every process. the shadow-pgd has a minimalistic kernel-set mapped,
7 * but includes the whole user memory. Within a kernel context switch, or when an interrupt is handled,
8 * the pgd is switched to the normal one. When the system switches to user mode, the shadow pgd is enabled.
9 * By this, the virtual memory chaches are freed, and the user may not attack the whole kernel memory.
11 * A minimalistic kernel mapping holds the parts needed to be mapped in user mode, as the entry/exit functions
12 * of the user space, or the stacks.
17 .macro _SWITCH_TO_KERNEL_CR3 reg
19 #ifdef CONFIG_KAISER_REAL_SWITCH
25 .macro _SWITCH_TO_USER_CR3 reg
27 #ifdef CONFIG_KAISER_REAL_SWITCH
33 .macro SWITCH_KERNEL_CR3
35 _SWITCH_TO_KERNEL_CR3 %rax
39 .macro SWITCH_USER_CR3
41 _SWITCH_TO_USER_CR3 %rax
45 .macro SWITCH_KERNEL_CR3_NO_STACK
46 movq %rax, PER_CPU_VAR(unsafe_stack_register_backup)
47 _SWITCH_TO_KERNEL_CR3 %rax
48 movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
52 .macro SWITCH_USER_CR3_NO_STACK
54 movq %rax, PER_CPU_VAR(unsafe_stack_register_backup)
55 _SWITCH_TO_USER_CR3 %rax
56 movq PER_CPU_VAR(unsafe_stack_register_backup), %rax
60 #else /* CONFIG_KAISER */
62 .macro SWITCH_KERNEL_CR3 reg
64 .macro SWITCH_USER_CR3 reg
66 .macro SWITCH_USER_CR3_NO_STACK
68 .macro SWITCH_KERNEL_CR3_NO_STACK
71 #endif /* CONFIG_KAISER */
73 #else /* __ASSEMBLY__ */
78 * Upon kernel/user mode switch, it may happen that the address
79 * space has to be switched before the registers have been
80 * stored. To change the address space, another register is
81 * needed. A register therefore has to be stored/restored.
84 DECLARE_PER_CPU_USER_MAPPED(unsigned long, unsafe_stack_register_backup);
87 * kaiser_add_mapping - map a virtual memory part to the shadow (user) mapping
88 * @addr: the start address of the range
89 * @size: the size of the range
90 * @flags: The mapping flags of the pages
92 * The mapping is done on a global scope, so no bigger
93 * synchronization has to be done. the pages have to be
94 * manually unmapped again when they are not needed any longer.
96 extern int kaiser_add_mapping(unsigned long addr, unsigned long size, unsigned long flags);
100 * kaiser_remove_mapping - unmap a virtual memory part of the shadow mapping
101 * @addr: the start address of the range
102 * @size: the size of the range
104 extern void kaiser_remove_mapping(unsigned long start, unsigned long size);
107 * kaiser_initialize_mapping - Initalize the shadow mapping
109 * Most parts of the shadow mapping can be mapped upon boot
110 * time. Only per-process things like the thread stacks
111 * or a new LDT have to be mapped at runtime. These boot-
112 * time mappings are permanent and nevertunmapped.
114 extern void kaiser_init(void);
116 #endif /* CONFIG_KAISER */
118 #endif /* __ASSEMBLY */
122 #endif /* _ASM_X86_KAISER_H */