From patchwork Fri Sep 8 22:45:05 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ram Pai X-Patchwork-Id: 811881 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xptwC5h1mz9sBW for ; Sat, 9 Sep 2017 09:35:07 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="I72h9PCF"; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xptwC4QyZzDrJZ for ; Sat, 9 Sep 2017 09:35:07 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="I72h9PCF"; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:400d:c0d::242; helo=mail-qt0-x242.google.com; envelope-from=ram.n.pai@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="I72h9PCF"; dkim-atps=neutral Received: from mail-qt0-x242.google.com (mail-qt0-x242.google.com [IPv6:2607:f8b0:400d:c0d::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xpsrx3hkhzDrcv for ; Sat, 9 Sep 2017 08:47:13 +1000 (AEST) Received: by mail-qt0-x242.google.com with SMTP id h21so2358358qth.4 for ; Fri, 08 Sep 2017 15:47:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=8KmrqFg30K76tisB9MMiRJR0yuUD3GwQGcFlEsL6uLk=; b=I72h9PCFdClqGRt3m59OTmX2nev4hmOTUksWfRykuN8/p5CU4SoDZDRBCEawfij253 xME27HGt/T70kXGKaAr5421Uac77+pULtfKPInKihwTTOtVpYCoalhXmiKOKG4dx/7j+ ebv549x8xP/kANZbyyecwWl6v2QgcYYK8ClI6Hs1o1tY123OjfoGZVyh/pWIxwslIo4F u8uGL6RTcaGRNmRxkwEVbAZokHFPUB4utyqJFiUOWqhEP4mWxwm2759bQfrdr+ffhcYb cHuxGBZpvTGnUVGpHYyTW4DLcx7bDMjv4Of3RW/oEHjPPsSDGYQgkXmLNefquV8r3b2x reqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=8KmrqFg30K76tisB9MMiRJR0yuUD3GwQGcFlEsL6uLk=; b=QTk9CfZlyN1yXNd3im29ZwqgrWyuOVOnsyGCiujFnRHQoUV4lRa59hu10+dD1dXuCL PH581gtOPXFlNKvzfyWl7SabuFmHbE3oQ+JIhNNHts4V4gx0Y2MXzRE7gXnjNEzXlbhB +Ubxi2Ohn1PaU7KaOblabS22W4KNlVInzxCpoA5Ebc9fjkNVfZ+Cf0KwATyBbK1d2Lq8 VdZjPOIWEkqfX9+0Dtg8+rcW+744u8n5vS43lXsUZUc9FDZca/2XgE5Ua/ztRMeQ0+ok KYDVFRWIpOqlpDRsGTp5w9+Iqd63yQIWk/k3iDInrj7aulgkleDER/oh0DTDsEiqAza7 QkMg== X-Gm-Message-State: AHPjjUi4gApWEiQgdAgzctGK9yx6PjGVC2qCbdI23u/pwe4/euU0mPJw IdYQMjsX/bk1/g== X-Google-Smtp-Source: AOwi7QC5ChtbGgYYP8nepDZWTt05j1i2L0GeqxBbh/SzBLo8emLLn+svwNnfyrcw9tuiw2UynyeVow== X-Received: by 10.200.56.57 with SMTP id q54mr3088848qtb.310.1504910831624; Fri, 08 Sep 2017 15:47:11 -0700 (PDT) Received: from localhost.localdomain (50-39-103-96.bvtn.or.frontiernet.net. [50.39.103.96]) by smtp.gmail.com with ESMTPSA id x124sm2033726qka.85.2017.09.08.15.47.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Sep 2017 15:47:11 -0700 (PDT) From: Ram Pai To: mpe@ellerman.id.au, linuxppc-dev@lists.ozlabs.org Subject: [PATCH 17/25] powerpc: helper to validate key-access permissions of a pte Date: Fri, 8 Sep 2017 15:45:05 -0700 Message-Id: <1504910713-7094-26-git-send-email-linuxram@us.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1504910713-7094-1-git-send-email-linuxram@us.ibm.com> References: <1504910713-7094-1-git-send-email-linuxram@us.ibm.com> X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ebiederm@xmission.com, linuxram@us.ibm.com, mhocko@kernel.org, paulus@samba.org, aneesh.kumar@linux.vnet.ibm.com, bauerman@linux.vnet.ibm.com, khandual@linux.vnet.ibm.com Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" helper function that checks if the read/write/execute is allowed on the pte. Signed-off-by: Ram Pai --- arch/powerpc/include/asm/book3s/64/pgtable.h | 4 +++ arch/powerpc/include/asm/pkeys.h | 12 +++++++++++ arch/powerpc/mm/pkeys.c | 28 ++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 0 deletions(-) diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h index 5935d4e..bd244b3 100644 --- a/arch/powerpc/include/asm/book3s/64/pgtable.h +++ b/arch/powerpc/include/asm/book3s/64/pgtable.h @@ -492,6 +492,10 @@ static inline void write_uamor(u64 value) mtspr(SPRN_UAMOR, value); } +#ifdef CONFIG_PPC64_MEMORY_PROTECTION_KEYS +extern bool arch_pte_access_permitted(u64 pte, bool write, bool execute); +#endif /* CONFIG_PPC64_MEMORY_PROTECTION_KEYS */ + #define __HAVE_ARCH_PTEP_GET_AND_CLEAR static inline pte_t ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, pte_t *ptep) diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h index cd3924c..50522a0 100644 --- a/arch/powerpc/include/asm/pkeys.h +++ b/arch/powerpc/include/asm/pkeys.h @@ -80,6 +80,18 @@ static inline u64 pte_to_hpte_pkey_bits(u64 pteflags) ((pteflags & H_PAGE_PKEY_BIT4) ? HPTE_R_KEY_BIT4 : 0x0UL)); } +static inline u16 pte_to_pkey_bits(u64 pteflags) +{ + if (!pkey_inited) + return 0x0UL; + + return (((pteflags & H_PAGE_PKEY_BIT0) ? 0x10 : 0x0UL) | + ((pteflags & H_PAGE_PKEY_BIT1) ? 0x8 : 0x0UL) | + ((pteflags & H_PAGE_PKEY_BIT2) ? 0x4 : 0x0UL) | + ((pteflags & H_PAGE_PKEY_BIT3) ? 0x2 : 0x0UL) | + ((pteflags & H_PAGE_PKEY_BIT4) ? 0x1 : 0x0UL)); +} + #define ARCH_VM_PKEY_FLAGS (VM_PKEY_BIT0 | VM_PKEY_BIT1 | VM_PKEY_BIT2 | \ VM_PKEY_BIT3 | VM_PKEY_BIT4) #define AMR_BITS_PER_PKEY 2 diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index fb1a76a..24589d9 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -292,3 +292,31 @@ int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, */ return vma_pkey(vma); } + +static bool pkey_access_permitted(int pkey, bool write, bool execute) +{ + int pkey_shift; + u64 amr; + + if (!pkey) + return true; + + pkey_shift = pkeyshift(pkey); + if (!(read_uamor() & (0x3UL << pkey_shift))) + return true; + + if (execute && !(read_iamr() & (IAMR_EX_BIT << pkey_shift))) + return true; + + amr = read_amr(); /* delay reading amr uptil absolutely needed*/ + return ((!write && !(amr & (AMR_RD_BIT << pkey_shift))) || + (write && !(amr & (AMR_WR_BIT << pkey_shift)))); +} + +bool arch_pte_access_permitted(u64 pte, bool write, bool execute) +{ + if (!pkey_inited) + return true; + return pkey_access_permitted(pte_to_pkey_bits(pte), + write, execute); +}