Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/814449/?format=api
{ "id": 814449, "url": "http://patchwork.ozlabs.org/api/patches/814449/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linuxppc-dev/patch/1505524870-4783-5-git-send-email-linuxram@us.ibm.com/", "project": { "id": 2, "url": "http://patchwork.ozlabs.org/api/projects/2/?format=api", "name": "Linux PPC development", "link_name": "linuxppc-dev", "list_id": "linuxppc-dev.lists.ozlabs.org", "list_email": "linuxppc-dev@lists.ozlabs.org", "web_url": "https://github.com/linuxppc/wiki/wiki", "scm_url": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git", "webscm_url": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/", "list_archive_url": "https://lore.kernel.org/linuxppc-dev/", "list_archive_url_format": "https://lore.kernel.org/linuxppc-dev/{}/", "commit_url_format": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id={}" }, "msgid": "<1505524870-4783-5-git-send-email-linuxram@us.ibm.com>", "list_archive_url": "https://lore.kernel.org/linuxppc-dev/1505524870-4783-5-git-send-email-linuxram@us.ibm.com/", "date": "2017-09-16T01:21:08", "name": "[4/6] mm/mprotect, powerpc/mm/pkeys, x86/mm/pkeys: Add sysfs interface", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": false, "hash": "893943f1e04d1e4cbb0d7a1f589d84a4d2c991ce", "submitter": { "id": 2667, "url": "http://patchwork.ozlabs.org/api/people/2667/?format=api", "name": "Ram Pai", "email": "linuxram@us.ibm.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linuxppc-dev/patch/1505524870-4783-5-git-send-email-linuxram@us.ibm.com/mbox/", "series": [ { "id": 3406, "url": "http://patchwork.ozlabs.org/api/series/3406/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=3406", "date": "2017-09-16T01:21:04", "name": "mm, x86, powerpc: Memory Protection Keys enhancement", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/3406/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/814449/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/814449/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org>", "X-Original-To": [ "patchwork-incoming@ozlabs.org", "linuxppc-dev@lists.ozlabs.org" ], "Delivered-To": [ "patchwork-incoming@ozlabs.org", "linuxppc-dev@lists.ozlabs.org" ], "Received": [ "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xvF8l5tHTz9sPm\n\tfor <patchwork-incoming@ozlabs.org>;\n\tSat, 16 Sep 2017 11:31:03 +1000 (AEST)", "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xvF8l44PLzDqF9\n\tfor <patchwork-incoming@ozlabs.org>;\n\tSat, 16 Sep 2017 11:31:03 +1000 (AEST)", "from mail-qk0-x242.google.com (mail-qk0-x242.google.com\n\t[IPv6:2607:f8b0:400d:c09::242])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xvDxy6VxhzDrbr\n\tfor <linuxppc-dev@lists.ozlabs.org>;\n\tSat, 16 Sep 2017 11:21:42 +1000 (AEST)", "by mail-qk0-x242.google.com with SMTP id i14so2432904qke.3\n\tfor <linuxppc-dev@lists.ozlabs.org>;\n\tFri, 15 Sep 2017 18:21:42 -0700 (PDT)", "from localhost.localdomain (50-39-103-96.bvtn.or.frontiernet.net.\n\t[50.39.103.96]) by smtp.gmail.com with ESMTPSA id\n\tv11sm1493189qkl.45.2017.09.15.18.21.38\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tFri, 15 Sep 2017 18:21:40 -0700 (PDT)" ], "Authentication-Results": [ "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"A9I3pt3T\"; dkim-atps=neutral", "lists.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"A9I3pt3T\"; dkim-atps=neutral", "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=gmail.com\n\t(client-ip=2607:f8b0:400d:c09::242; helo=mail-qk0-x242.google.com;\n\tenvelope-from=ram.n.pai@gmail.com; receiver=<UNKNOWN>)", "lists.ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"A9I3pt3T\"; dkim-atps=neutral" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;\n\th=sender:from:to:cc:subject:date:message-id:in-reply-to:references;\n\tbh=+K2TRhljdvK7swWxNx5kYt9ZXuRuaiT9ZjuqCg6tFk8=;\n\tb=A9I3pt3TGqdXxQoTdarHONJVAeLTIXM5VkiRO1FB1fc1+tR2tawZposKzahII2S9uy\n\tV4YTtY/L4gn7+H1/7BQ/CoQMl5jS2dPH/8MZiwZ1x/veKYnf1OTQxk/bjiomP93MCYFq\n\tg3oZC0FI8WGa5tOq2AvcKuIOnamX7gwiObeiJR1adVUPJ5MTs5KtBLISISffRkk9xDun\n\tPZcdbyfr5Tep3SGTPRYVPWSwEUBiD2IEl3mwNuMGvEPuBdyIyAWNmh/honSSSj0+kh0U\n\tJt3U+X2nZ+RcuLH+HOl7vj7B8aLi0h1cOzB6K8iwpffqNULfblH767Y5RB7s/YJuCWi7\n\tYIRQ==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:sender:from:to:cc:subject:date:message-id\n\t:in-reply-to:references;\n\tbh=+K2TRhljdvK7swWxNx5kYt9ZXuRuaiT9ZjuqCg6tFk8=;\n\tb=HmvSiSgOcwwdvzHO+MZQA1wMMyu3QL/5UuogCvUtO47IJ64P+Wf76+t1YcZE3+2BQU\n\tPPluFOpLQF8a168jrjOZjbO9dNPCTVOeit//0N4LSfUfqZzH3/dCpjtiiDy5sZWqdhM7\n\tCukdthaW8NABbCNULOmHHk+FkegLF7F/xapEulm0OFB61Ek3Cyo2iYlhfZhtzgiTDOov\n\toYV8Il14wXfgOC+3o6R6OBEosK8FsYlEI1qrlx3yUR2nsODbkkJEmZ3qKnm3+Ty8Kvo8\n\t0mhPBqJ2qokVZuzYxKsSYbZjFnoALcdpbqVZj/e0OsdxL5hzFBeMB37AD5MDzAjScLDU\n\tWKVw==", "X-Gm-Message-State": "AHPjjUh2aF7FfZ3T0RPgrQw3vcNYPY1f1koVeGrNHd1Y1oGMzITbPCSI\n\tSoPmSpQeOV9/qg==", "X-Google-Smtp-Source": "AOwi7QDHxFFmRs04YIFUXKVserT9Va52vcjGDSX7NgGPSJBGdOoRYgcm1SDQB0BCyoV1LOkSDF72Zw==", "X-Received": "by 10.233.232.8 with SMTP id a8mr9798423qkg.265.1505524900910;\n\tFri, 15 Sep 2017 18:21:40 -0700 (PDT)", "From": "Ram Pai <linuxram@us.ibm.com>", "To": "mpe@ellerman.id.au, linuxppc-dev@lists.ozlabs.org,\n\tlinux-kernel@vger.kernel.org, linux-arch@vger.kernel.org,\n\tlinux-mm@kvack.org, x86@kernel.org, linux-doc@vger.kernel.org", "Subject": "[PATCH 4/6] mm/mprotect, powerpc/mm/pkeys,\n\tx86/mm/pkeys: Add sysfs interface", "Date": "Fri, 15 Sep 2017 18:21:08 -0700", "Message-Id": "<1505524870-4783-5-git-send-email-linuxram@us.ibm.com>", "X-Mailer": "git-send-email 1.7.1", "In-Reply-To": "<1505524870-4783-1-git-send-email-linuxram@us.ibm.com>", "References": "<1505524870-4783-1-git-send-email-linuxram@us.ibm.com>", "X-BeenThere": "linuxppc-dev@lists.ozlabs.org", "X-Mailman-Version": "2.1.24", "Precedence": "list", "List-Id": "Linux on PowerPC Developers Mail List\n\t<linuxppc-dev.lists.ozlabs.org>", "List-Unsubscribe": "<https://lists.ozlabs.org/options/linuxppc-dev>,\n\t<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=unsubscribe>", "List-Archive": "<http://lists.ozlabs.org/pipermail/linuxppc-dev/>", "List-Post": "<mailto:linuxppc-dev@lists.ozlabs.org>", "List-Help": "<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=help>", "List-Subscribe": "<https://lists.ozlabs.org/listinfo/linuxppc-dev>,\n\t<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=subscribe>", "Cc": "ebiederm@xmission.com, arnd@arndb.de, corbet@lwn.net, linuxram@us.ibm.com,\n\tmhocko@kernel.org, mingo@redhat.com, paulus@samba.org,\n\taneesh.kumar@linux.vnet.ibm.com, bauerman@linux.vnet.ibm.com,\n\takpm@linux-foundation.org, khandual@linux.vnet.ibm.com", "Errors-To": "linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org", "Sender": "\"Linuxppc-dev\"\n\t<linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org>" }, "content": "From: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\n\nExpose useful information for programs using memory protection keys.\nProvide implementation for powerpc and x86.\n\nOn a powerpc system with pkeys support, here is what is shown:\n\n$ head /sys/kernel/mm/protection_keys/*\n==> /sys/kernel/mm/protection_keys/disable_access_supported <==\ntrue\n\n==> /sys/kernel/mm/protection_keys/disable_execute_supported <==\ntrue\n\n==> /sys/kernel/mm/protection_keys/disable_write_supported <==\ntrue\n\n==> /sys/kernel/mm/protection_keys/total_keys <==\n32\n\n==> /sys/kernel/mm/protection_keys/usable_keys <==\n29\n\nAnd on an x86 without pkeys support:\n\n$ head /sys/kernel/mm/protection_keys/*\n==> /sys/kernel/mm/protection_keys/disable_access_supported <==\nfalse\n\n==> /sys/kernel/mm/protection_keys/disable_execute_supported <==\nfalse\n\n==> /sys/kernel/mm/protection_keys/disable_write_supported <==\nfalse\n\n==> /sys/kernel/mm/protection_keys/total_keys <==\n1\n\n==> /sys/kernel/mm/protection_keys/usable_keys <==\n0\n\nSigned-off-by: Ram Pai <linuxram@us.ibm.com>\nSigned-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\n---\n arch/powerpc/include/asm/pkeys.h | 2 +\n arch/powerpc/mm/pkeys.c | 20 ++++++++\n arch/x86/include/asm/mmu_context.h | 4 +-\n arch/x86/include/asm/pkeys.h | 1 +\n arch/x86/mm/pkeys.c | 8 +++\n include/linux/pkeys.h | 4 ++\n mm/mprotect.c | 88 ++++++++++++++++++++++++++++++++++++\n 7 files changed, 126 insertions(+), 1 deletions(-)", "diff": "diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h\nindex baac435..5924325 100644\n--- a/arch/powerpc/include/asm/pkeys.h\n+++ b/arch/powerpc/include/asm/pkeys.h\n@@ -244,6 +244,8 @@ static inline bool pkey_mmu_enabled(void)\n \t\treturn cpu_has_feature(CPU_FTR_PKEY);\n }\n \n+extern bool arch_supports_pkeys(int cap);\n+extern unsigned int arch_usable_pkeys(void);\n extern void thread_pkey_regs_save(struct thread_struct *thread);\n extern void thread_pkey_regs_restore(struct thread_struct *new_thread,\n \t\t\tstruct thread_struct *old_thread);\ndiff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c\nindex 07e76dc..33c9207 100644\n--- a/arch/powerpc/mm/pkeys.c\n+++ b/arch/powerpc/mm/pkeys.c\n@@ -373,3 +373,23 @@ bool arch_vma_access_permitted(struct vm_area_struct *vma,\n \n \treturn pkey_access_permitted(pkey, write, execute);\n }\n+\n+unsigned int arch_usable_pkeys(void)\n+{\n+\tunsigned int reserved;\n+\n+\tif (!pkey_inited)\n+\t\treturn 0;\n+\n+\t/* Reserve one more to account for the execute-only pkey. */\n+\treserved = hweight32(initial_allocation_mask) + 1;\n+\n+\treturn pkeys_total > reserved ? pkeys_total - reserved : 0;\n+}\n+\n+bool arch_supports_pkeys(int cap)\n+{\n+\tif (cap & PKEY_DISABLE_EXECUTE)\n+\t\treturn pkey_execute_disable_support;\n+\treturn (cap & (PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE));\n+}\ndiff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h\nindex 265c907..e960ab2 100644\n--- a/arch/x86/include/asm/mmu_context.h\n+++ b/arch/x86/include/asm/mmu_context.h\n@@ -129,13 +129,15 @@ static inline void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk)\n \t\tthis_cpu_write(cpu_tlbstate.state, TLBSTATE_LAZY);\n }\n \n+#define PKEY_INITIAL_ALLOCATION_MAP\t1\n+\n static inline int init_new_context(struct task_struct *tsk,\n \t\t\t\t struct mm_struct *mm)\n {\n \t#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS\n \tif (cpu_feature_enabled(X86_FEATURE_OSPKE)) {\n \t\t/* pkey 0 is the default and always allocated */\n-\t\tmm->context.pkey_allocation_map = 0x1;\n+\t\tmm->context.pkey_allocation_map = PKEY_INITIAL_ALLOCATION_MAP;\n \t\t/* -1 means unallocated or invalid */\n \t\tmm->context.execute_only_pkey = -1;\n \t}\ndiff --git a/arch/x86/include/asm/pkeys.h b/arch/x86/include/asm/pkeys.h\nindex fa82799..e1b25aa 100644\n--- a/arch/x86/include/asm/pkeys.h\n+++ b/arch/x86/include/asm/pkeys.h\n@@ -105,5 +105,6 @@ extern int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,\n extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,\n \t\tunsigned long init_val);\n extern void copy_init_pkru_to_fpregs(void);\n+extern unsigned int arch_usable_pkeys(void);\n \n #endif /*_ASM_X86_PKEYS_H */\ndiff --git a/arch/x86/mm/pkeys.c b/arch/x86/mm/pkeys.c\nindex 2dab69a..6b7f4e1 100644\n--- a/arch/x86/mm/pkeys.c\n+++ b/arch/x86/mm/pkeys.c\n@@ -123,6 +123,14 @@ int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, int pkey\n \treturn vma_pkey(vma);\n }\n \n+unsigned int arch_usable_pkeys(void)\n+{\n+\t/* Reserve one more to account for the execute-only pkey. */\n+\tunsigned int reserved = hweight32(PKEY_INITIAL_ALLOCATION_MAP) + 1;\n+\n+\treturn arch_max_pkey() > reserved ? arch_max_pkey() - reserved : 0;\n+}\n+\n #define PKRU_AD_KEY(pkey)\t(PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY))\n \n /*\ndiff --git a/include/linux/pkeys.h b/include/linux/pkeys.h\nindex d120810..9350d44 100644\n--- a/include/linux/pkeys.h\n+++ b/include/linux/pkeys.h\n@@ -43,6 +43,10 @@ static inline void copy_init_pkru_to_fpregs(void)\n {\n }\n \n+unsigned int arch_usable_pkeys(void)\n+{\n+\treturn 0;\n+}\n #endif /* ! CONFIG_ARCH_HAS_PKEYS */\n \n #endif /* _LINUX_PKEYS_H */\ndiff --git a/mm/mprotect.c b/mm/mprotect.c\nindex 1a8c9ca..2917b3e 100644\n--- a/mm/mprotect.c\n+++ b/mm/mprotect.c\n@@ -552,4 +552,92 @@ static int do_mprotect_pkey(unsigned long start, size_t len,\n \treturn ret;\n }\n \n+#ifdef CONFIG_SYSFS\n+\n+#define PKEYS_ATTR_RO(_name)\t\t\t\t\t\t\\\n+\tstatic struct kobj_attribute _name##_attr = __ATTR_RO(_name)\n+\n+static ssize_t total_keys_show(struct kobject *kobj,\n+\t\t\t struct kobj_attribute *attr, char *buf)\n+{\n+\treturn sprintf(buf, \"%u\\n\", arch_max_pkey());\n+}\n+PKEYS_ATTR_RO(total_keys);\n+\n+static ssize_t usable_keys_show(struct kobject *kobj,\n+\t\t\t\tstruct kobj_attribute *attr, char *buf)\n+{\n+\treturn sprintf(buf, \"%u\\n\", arch_usable_pkeys());\n+}\n+PKEYS_ATTR_RO(usable_keys);\n+\n+static ssize_t disable_access_supported_show(struct kobject *kobj,\n+\t\t\t\t\t struct kobj_attribute *attr,\n+\t\t\t\t\t char *buf)\n+{\n+\tif (arch_pkeys_enabled()) {\n+\t\tstrcpy(buf, \"true\\n\");\n+\t\treturn sizeof(\"true\\n\") - 1;\n+\t}\n+\n+\tstrcpy(buf, \"false\\n\");\n+\treturn sizeof(\"false\\n\") - 1;\n+}\n+PKEYS_ATTR_RO(disable_access_supported);\n+\n+static ssize_t disable_write_supported_show(struct kobject *kobj,\n+\t\t\t\t\t struct kobj_attribute *attr,\n+\t\t\t\t\t char *buf)\n+{\n+\tif (arch_pkeys_enabled()) {\n+\t\tstrcpy(buf, \"true\\n\");\n+\t\treturn sizeof(\"true\\n\") - 1;\n+\t}\n+\n+\tstrcpy(buf, \"false\\n\");\n+\treturn sizeof(\"false\\n\") - 1;\n+}\n+PKEYS_ATTR_RO(disable_write_supported);\n+\n+static ssize_t disable_execute_supported_show(struct kobject *kobj,\n+\t\t\t\t\t struct kobj_attribute *attr,\n+\t\t\t\t\t char *buf)\n+{\n+#ifdef PKEY_DISABLE_EXECUTE\n+\tif (arch_supports_pkeys(PKEY_DISABLE_EXECUTE)) {\n+\t\tstrcpy(buf, \"true\\n\");\n+\t\treturn sizeof(\"true\\n\") - 1;\n+\t}\n+#endif\n+\n+\tstrcpy(buf, \"false\\n\");\n+\treturn sizeof(\"false\\n\") - 1;\n+}\n+PKEYS_ATTR_RO(disable_execute_supported);\n+\n+static struct attribute *pkeys_attrs[] = {\n+\t&total_keys_attr.attr,\n+\t&usable_keys_attr.attr,\n+\t&disable_access_supported_attr.attr,\n+\t&disable_write_supported_attr.attr,\n+\t&disable_execute_supported_attr.attr,\n+\tNULL,\n+};\n+\n+static const struct attribute_group pkeys_attr_group = {\n+\t.attrs = pkeys_attrs,\n+\t.name = \"protection_keys\",\n+};\n+\n+static int __init pkeys_sysfs_init(void)\n+{\n+\tint err;\n+\n+\terr = sysfs_create_group(mm_kobj, &pkeys_attr_group);\n+\n+\treturn err;\n+}\n+late_initcall(pkeys_sysfs_init);\n+#endif /* CONFIG_SYSFS */\n+\n #endif /* CONFIG_ARCH_HAS_PKEYS */\n", "prefixes": [ "4/6" ] }