Page table pages are typically freed via tlb_remove_table() and friends. Ensure that the linear mapping for those pages is reset to the default pkey when CONFIG_KPKEYS_HARDENED_PGTABLES is enabled.
This patch is a no-op if CONFIG_KPKEYS_HARDENED_PGTABLES is disabled (default). Signed-off-by: Kevin Brodsky <[email protected]> --- arch/arm64/include/asm/tlb.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/arm64/include/asm/tlb.h b/arch/arm64/include/asm/tlb.h index a947c6e784ed..d1611ffa6d91 100644 --- a/arch/arm64/include/asm/tlb.h +++ b/arch/arm64/include/asm/tlb.h @@ -10,10 +10,14 @@ #include <linux/pagemap.h> #include <linux/swap.h> +#include <linux/kpkeys.h> static inline void __tlb_remove_table(void *_table) { - free_page_and_swap_cache((struct page *)_table); + struct page *page = (struct page *)_table; + + kpkeys_unprotect_pgtable_memory((unsigned long)page_address(page), 1); + free_page_and_swap_cache(page); } #define tlb_flush tlb_flush -- 2.47.0
