Documentation: x86: convert pti.txt to reST

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This converts the plain text documentation to reStructuredText format and
add it to Sphinx TOC tree. No essential content change.

Signed-off-by: Changbin Du <changbin.du@gmail.com>
Reviewed-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>

authored by

Changbin Du and committed by

Jonathan Corbet 7 years ago ea0765e8 0c7180f2

+14 -4

2 changed files

expand all

Documentation

x86

index.rst

pti.rst

Documentation/x86/index.rst

··· 21 21 protection-keys 22 22 intel_mpx 23 23 amd-memory-encryption 24 + pti

+13 -4

Documentation/x86/pti.txt Documentation/x86/pti.rst

··· 1 + .. SPDX-License-Identifier: GPL-2.0 2 + 3 + ========================== 4 + Page Table Isolation (PTI) 5 + ========================== 6 + 1 7 Overview 2 8 ======== 3 9 4 - Page Table Isolation (pti, previously known as KAISER[1]) is a 10 + Page Table Isolation (pti, previously known as KAISER [1]_) is a 5 11 countermeasure against attacks on the shared user/kernel address 6 - space such as the "Meltdown" approach[2]. 12 + space such as the "Meltdown" approach [2]_. 7 13 8 14 To mitigate this class of attacks, we create an independent set of 9 15 page tables for use only when running userspace applications. When ··· 66 60 this protection comes at a cost: 67 61 68 62 1. Increased Memory Use 63 + 69 64 a. Each process now needs an order-1 PGD instead of order-0. 70 65 (Consumes an additional 4k per process). 71 66 b. The 'cpu_entry_area' structure must be 2MB in size and 2MB ··· 75 68 is decompressed, but no space in the kernel image itself. 76 69 77 70 2. Runtime Cost 71 + 78 72 a. CR3 manipulation to switch between the page table copies 79 73 must be done at interrupt, syscall, and exception entry 80 74 and exit (it can be skipped when the kernel is interrupted, ··· 150 142 interrupted, including nested NMIs. Using "-c" boosts the rate of 151 143 NMIs, and using two -c with separate counters encourages nested NMIs 152 144 and less deterministic behavior. 145 + :: 153 146 154 147 while true; do perf record -c 10000 -e instructions,cycles -a sleep 10; done 155 148 ··· 191 182 tended to be TLB invalidation issues. Usually invalidating 192 183 the wrong PCID, or otherwise missing an invalidation. 193 184 194 - 1. https://gruss.cc/files/kaiser.pdf 195 - 2. https://meltdownattack.com/meltdown.pdf 185 + .. [1] https://gruss.cc/files/kaiser.pdf 186 + .. [2] https://meltdownattack.com/meltdown.pdf