On Wed, Jun 25, 2025 at 03:50:53PM +0300, Kirill A. Shutemov wrote: > From: Sohil Mehta <sohil.mehta@xxxxxxxxx> > > Linear Address Space Separation (LASS) is a security feature that > intends to prevent malicious virtual address space accesses across > user/kernel mode. > > Such mode based access protection already exists today with paging and > features such as SMEP and SMAP. However, to enforce these protections, > the processor must traverse the paging structures in memory. Malicious > software can use timing information resulting from this traversal to > determine details about the paging structures, and these details may > also be used to determine the layout of the kernel memory. > > The LASS mechanism provides the same mode-based protections as paging > but without traversing the paging structures. Because the protections > enforced by LASS are applied before paging, software will not be able to > derive paging-based timing information from the various caching > structures such as the TLBs, mid-level caches, page walker, data caches, > etc. > > LASS enforcement relies on the typical kernel implementation to divide > the 64-bit virtual address space into two halves: > Addr[63]=0 -> User address space > Addr[63]=1 -> Kernel address space > > Any data access or code execution across address spaces typically > results in a #GP fault. > > The LASS enforcement for kernel data access is dependent on CR4.SMAP > being set. The enforcement can be disabled by toggling the RFLAGS.AC bit > similar to SMAP. > > Define the CPU feature bits to enumerate this feature and include > feature dependencies to reflect the same. > > LASS provides protection against a class of speculative attacks, such as > SLAM[1]. Add the "lass" flag to /proc/cpuinfo to indicate that the feature > is supported by hardware and enabled by the kernel. This allows userspace > to determine if the setup is secure against such attacks. > > [1] https://download.vusec.net/papers/slam_sp24.pdf > > Co-developed-by: Yian Chen <yian.chen@xxxxxxxxx> > Signed-off-by: Yian Chen <yian.chen@xxxxxxxxx> > Signed-off-by: Sohil Mehta <sohil.mehta@xxxxxxxxx> > Signed-off-by: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> > --- > arch/x86/Kconfig.cpufeatures | 4 ++++ > arch/x86/include/asm/cpufeatures.h | 1 + > arch/x86/include/uapi/asm/processor-flags.h | 2 ++ > arch/x86/kernel/cpu/cpuid-deps.c | 1 + > tools/arch/x86/include/asm/cpufeatures.h | 1 + > 5 files changed, 9 insertions(+) Reviewed-by: Borislav Petkov (AMD) <bp@xxxxxxxxx> -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette
