Re: [PATCH v2 17/18] arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
From: Will Deacon
Date: Tue Dec 12 2017 - 05:28:24 EST
On Tue, Dec 12, 2017 at 09:44:09AM +0100, Geert Uytterhoeven wrote:
> Hi Will,
>
> On Thu, Nov 30, 2017 at 5:39 PM, Will Deacon <will.deacon@xxxxxxx> wrote:
> > Add a Kconfig entry to control use of the entry trampoline, which allows
> > us to unmap the kernel whilst running in userspace and improve the
> > robustness of KASLR.
> >
> > Signed-off-by: Will Deacon <will.deacon@xxxxxxx>
>
> This is now commit 084eb77cd3a81134 in arm64/for-next/core.
>
> > ---
> > arch/arm64/Kconfig | 13 +++++++++++++
> > 1 file changed, 13 insertions(+)
> >
> > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> > index fdcc7b9bb15d..3af1657fcac3 100644
> > --- a/arch/arm64/Kconfig
> > +++ b/arch/arm64/Kconfig
> > @@ -833,6 +833,19 @@ config FORCE_MAX_ZONEORDER
> > However for 4K, we choose a higher default value, 11 as opposed to 10, giving us
> > 4M allocations matching the default size used by generic code.
> >
> > +config UNMAP_KERNEL_AT_EL0
> > + bool "Unmap kernel when running in userspace (aka \"KAISER\")"
>
> But I believe this is no longer called KAISER?
That's right, but KAISER is the original name in the paper and so I figured
it was worth mentioning just here to help people identify what this feature
is. The command line option is "kpti" to align with x86.
Will