From: Brendan Jackman <jackmanb@google.com>
To: jackmanb@google.com, Andy Lutomirski <luto@kernel.org>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
"Liam R. Howlett" <Liam.Howlett@oracle.com>,
Suren Baghdasaryan <surenb@google.com>,
Michal Hocko <mhocko@suse.com>,
Johannes Weiner <hannes@cmpxchg.org>, Zi Yan <ziy@nvidia.com>,
Axel Rasmussen <axelrasmussen@google.com>,
Yuanchu Xie <yuanchu@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>
Cc: peterz@infradead.org, bp@alien8.de, dave.hansen@linux.intel.com,
mingo@redhat.com, tglx@linutronix.de, akpm@linux-foundation.org,
david@redhat.com, derkling@google.com, junaids@google.com,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
reijiw@google.com, rientjes@google.com, rppt@kernel.org,
vbabka@suse.cz, x86@kernel.org, yosry.ahmed@linux.dev
Subject: [PATCH 01/21] x86/mm/asi: Add CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION
Date: Wed, 24 Sep 2025 14:59:36 +0000 [thread overview]
Message-ID: <20250924-b4-asi-page-alloc-v1-1-2d861768041f@google.com> (raw)
In-Reply-To: <20250924-b4-asi-page-alloc-v1-0-2d861768041f@google.com>
This long awkward name is for consistency with
CONFIG_MITIGATION_PAGE_TABLE_ISOLATION.
In the short term, there isn't much arch code. In the medium term, it
will mostly be x86 code. So, put the code where it will need to go
instead of just having to move it soon.
In the long term, it should probably include other archs too, so
things should be as arch-specific as necessary, but not more so.
Follow the proposal by Mike Rapoport[0]: a generic header includes
NOP stubs for ASI definitions. If
CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION is defined then the asm/ tree
must have asi.h, and that gets included instead of the stubs.
Signed-off-by: Brendan Jackman <jackmanb@google.com>
---
arch/Kconfig | 13 +++++++++++++
arch/x86/Kconfig | 1 +
arch/x86/include/asm/asi.h | 5 +++++
include/linux/asi.h | 10 ++++++++++
4 files changed, 29 insertions(+)
diff --git a/arch/Kconfig b/arch/Kconfig
index bae871976d36f7b6b2af0be40a067ca2b3fd3d14..ad99637630406e5a484173f5207bbd5a64b2bf1f 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -17,6 +17,19 @@ config CPU_MITIGATIONS
def_bool y
endif
+config ARCH_HAS_MITIGATION_ADDRESS_SPACE_ISOLATION
+ bool
+
+config MITIGATION_ADDRESS_SPACE_ISOLATION
+ bool "Allow code to run with a reduced kernel address space"
+ default n
+ depends on ARCH_HAS_MITIGATION_ADDRESS_SPACE_ISOLATION
+ help
+ This feature provides the ability to run some kernel code
+ with a reduced kernel address space. This can be used to
+ mitigate some speculative execution attacks.
+
+ ASI is not yet ready for use.
#
# Selected by architectures that need custom DMA operations for e.g. legacy
# IOMMUs not handled by dma-iommu. Drivers must never select this symbol.
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 1fd698311bc1dba134a8e14dd551d2390e752cda..cb874c3857cf443c6235e05bc3f070b0ea2686f0 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -38,6 +38,7 @@ config X86_64
select ZONE_DMA32
select EXECMEM if DYNAMIC_FTRACE
select ACPI_MRRM if ACPI
+ select ARCH_HAS_MITIGATION_ADDRESS_SPACE_ISOLATION
config FORCE_DYNAMIC_FTRACE
def_bool y
diff --git a/arch/x86/include/asm/asi.h b/arch/x86/include/asm/asi.h
new file mode 100644
index 0000000000000000000000000000000000000000..53acdf22fe33efc6ccedbae52b262a904868459a
--- /dev/null
+++ b/arch/x86/include/asm/asi.h
@@ -0,0 +1,5 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _ASM_X86_ASI_H
+#define _ASM_X86_ASI_H
+
+#endif /* _ASM_X86_ASI_H */
diff --git a/include/linux/asi.h b/include/linux/asi.h
new file mode 100644
index 0000000000000000000000000000000000000000..ef640c8e79369a9ada2881067f0c1d78093293f7
--- /dev/null
+++ b/include/linux/asi.h
@@ -0,0 +1,10 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _INCLUDE_ASI_H
+#define _INCLUDE_ASI_H
+
+#ifdef CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION
+#include <asm/asi.h>
+#else
+
+#endif /* CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION */
+#endif /* _INCLUDE_ASI_H */
--
2.50.1
next prev parent reply other threads:[~2025-09-24 15:00 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-24 14:59 [PATCH 00/21] mm: ASI direct map management Brendan Jackman
2025-09-24 14:59 ` Brendan Jackman [this message]
2025-10-24 22:37 ` [PATCH 01/21] x86/mm/asi: Add CONFIG_MITIGATION_ADDRESS_SPACE_ISOLATION Borislav Petkov
2025-10-24 23:32 ` Brendan Jackman
2025-10-25 9:57 ` Borislav Petkov
2025-09-24 14:59 ` [PATCH 02/21] x86/mm/asi: add X86_FEATURE_ASI and asi= Brendan Jackman
2025-10-25 10:06 ` Borislav Petkov
2025-10-26 22:24 ` Brendan Jackman
2025-11-10 11:26 ` Borislav Petkov
2025-11-10 12:15 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 03/21] x86/mm: factor out phys_pgd_init() Brendan Jackman
2025-09-27 19:29 ` kernel test robot
2025-10-01 12:26 ` Brendan Jackman
2025-10-25 11:48 ` Borislav Petkov
2025-10-26 22:29 ` Brendan Jackman
2025-11-10 11:38 ` Borislav Petkov
2025-11-10 12:36 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 04/21] x86/mm/asi: set up asi_nonsensitive_pgd Brendan Jackman
2025-10-01 20:28 ` Dave Hansen
2025-10-02 14:05 ` Brendan Jackman
2025-10-02 16:14 ` Dave Hansen
2025-10-02 17:19 ` Brendan Jackman
2025-11-12 19:39 ` Dave Hansen
2025-11-11 14:55 ` Borislav Petkov
2025-11-11 17:53 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 05/21] x86/mm/pat: mirror direct map changes to ASI Brendan Jackman
2025-09-25 13:36 ` kernel test robot
2025-10-01 20:50 ` Dave Hansen
2025-10-02 14:31 ` Brendan Jackman
2025-10-02 16:40 ` Dave Hansen
2025-10-02 17:08 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 06/21] mm/page_alloc: add __GFP_SENSITIVE and always set it Brendan Jackman
2025-10-01 21:18 ` Dave Hansen
2025-10-02 14:34 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 07/21] mm: introduce for_each_free_list() Brendan Jackman
2025-09-24 14:59 ` [PATCH 08/21] mm: rejig pageblock mask definitions Brendan Jackman
2025-09-24 14:59 ` [PATCH 09/21] mm/page_alloc: Invert is_check_pages_enabled() check Brendan Jackman
2025-09-24 14:59 ` [PATCH 10/21] mm/page_alloc: remove ifdefs from pindex helpers Brendan Jackman
2025-09-24 14:59 ` [PATCH 11/21] mm: introduce freetype_t Brendan Jackman
2025-09-25 13:15 ` kernel test robot
2025-10-01 21:20 ` Dave Hansen
2025-10-02 14:39 ` Brendan Jackman
2025-09-24 14:59 ` [PATCH 12/21] mm/asi: encode sensitivity in freetypes and pageblocks Brendan Jackman
2025-09-24 14:59 ` [PATCH 13/21] mm/page_alloc_test: unit test pindex helpers Brendan Jackman
2025-09-25 13:36 ` kernel test robot
2025-09-24 14:59 ` [PATCH 14/21] x86/mm/pat: introduce cpa_fault option Brendan Jackman
2025-09-24 14:59 ` [PATCH 15/21] mm/page_alloc: rename ALLOC_NON_BLOCK back to _HARDER Brendan Jackman
2025-09-24 14:59 ` [PATCH 16/21] mm/page_alloc: introduce ALLOC_NOBLOCK Brendan Jackman
2025-09-24 14:59 ` [PATCH 17/21] mm/slub: defer application of gfp_allowed_mask Brendan Jackman
2025-09-24 14:59 ` [PATCH 18/21] mm/asi: support changing pageblock sensitivity Brendan Jackman
2025-09-24 14:59 ` [PATCH 19/21] mm/asi: bad_page() when ASI mappings are wrong Brendan Jackman
2025-09-24 14:59 ` [PATCH 20/21] x86/mm/asi: don't use global pages when ASI enabled Brendan Jackman
2025-09-24 14:59 ` [PATCH 21/21] mm: asi_test: smoke test for [non]sensitive page allocs Brendan Jackman
2025-09-25 17:51 ` [PATCH 00/21] mm: ASI direct map management Brendan Jackman
2025-09-30 19:51 ` Konrad Rzeszutek Wilk
2025-10-01 7:12 ` Brendan Jackman
2025-10-01 19:54 ` Dave Hansen
2025-10-01 20:22 ` Yosry Ahmed
2025-10-01 20:30 ` Dave Hansen
2025-10-02 11:05 ` Brendan Jackman
2025-10-01 20:59 ` Dave Hansen
2025-10-02 7:34 ` David Hildenbrand
2025-10-02 11:23 ` Brendan Jackman
2025-10-02 17:01 ` Dave Hansen
2025-10-02 19:19 ` Brendan Jackman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250924-b4-asi-page-alloc-v1-1-2d861768041f@google.com \
--to=jackmanb@google.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=axelrasmussen@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=david@redhat.com \
--cc=derkling@google.com \
--cc=hannes@cmpxchg.org \
--cc=junaids@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=luto@kernel.org \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=reijiw@google.com \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=rppt@kernel.org \
--cc=surenb@google.com \
--cc=tglx@linutronix.de \
--cc=vbabka@suse.cz \
--cc=x86@kernel.org \
--cc=yosry.ahmed@linux.dev \
--cc=yuanchu@google.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox