| Message ID | 20240313042118.230397-11-rmclure@linux.ibm.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Support page table check PowerPC | expand |
Le 13/03/2024 à 05:21, Rohan McLure a écrit : > Page table checking depends on architectures providing an > implementation of p{te,md,ud}_user_accessible_page. With > refactorisations made on powerpc/mm, the pte_access_permitted() and > similar methods verify whether a userland page is accessible with the > required permissions. > > Since page table checking is the only user of > p{te,md,ud}_user_accessible_page(), implement these for all platforms, > using some of the same preliminay checks taken by pte_access_permitted() > on that platform. > > Since Commit 8e9bd41e4ce1 ("powerpc/nohash: Replace pte_user() by pte_read()") > pte_user() is no longer required to be present on all platforms as it > may be equivalent to or implied by pte_read(). Hence implementations are > specialised. > > Signed-off-by: Rohan McLure <rmclure@linux.ibm.com> > --- > v9: New implementation > v10: Let book3s/64 use pte_user(), but otherwise default other platforms > to using the address provided with the call to infer whether it is a > user page or not. pmd/pud variants will warn on all other platforms, as > they should not be used for user page mappings > --- > arch/powerpc/include/asm/book3s/64/pgtable.h | 19 ++++++++++++++ > arch/powerpc/include/asm/pgtable.h | 26 ++++++++++++++++++++ > 2 files changed, 45 insertions(+) > > diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h > index 382724c5e872..ca765331e21d 100644 > --- a/arch/powerpc/include/asm/book3s/64/pgtable.h > +++ b/arch/powerpc/include/asm/book3s/64/pgtable.h > @@ -538,6 +538,12 @@ static inline bool pte_access_permitted(pte_t pte, bool write) > return arch_pte_access_permitted(pte_val(pte), write, 0); > } > > +#define pte_user_accessible_page pte_user_accessible_page > +static inline bool pte_user_accessible_page(pte_t pte, unsigned long addr) > +{ > + return pte_present(pte) && pte_user(pte); > +} > + > /* > * Conversion functions: convert a page and protection to a page entry, > * and a page entry and page directory to the page they refer to. > @@ -881,6 +887,7 @@ static inline int pud_present(pud_t pud) > > extern struct page *pud_page(pud_t pud); > extern struct page *pmd_page(pmd_t pmd); > + Garbage ? > static inline pte_t pud_pte(pud_t pud) > { > return __pte_raw(pud_raw(pud)); > @@ -926,6 +933,12 @@ static inline bool pud_access_permitted(pud_t pud, bool write) > return pte_access_permitted(pud_pte(pud), write); > } > > +#define pud_user_accessible_page pud_user_accessible_page > +static inline bool pud_user_accessible_page(pud_t pud, unsigned long addr) > +{ > + return pte_user_accessible_page(pud_pte(pud), addr); > +} > + If I understand what is done on arm64, you should first check pud_leaf(). Then this function could be common to all powerpc platforms, only pte_user_accessible_page() would be platform specific. > #define __p4d_raw(x) ((p4d_t) { __pgd_raw(x) }) > static inline __be64 p4d_raw(p4d_t x) > { > @@ -1091,6 +1104,12 @@ static inline bool pmd_access_permitted(pmd_t pmd, bool write) > return pte_access_permitted(pmd_pte(pmd), write); > } > > +#define pmd_user_accessible_page pmd_user_accessible_page > +static inline bool pmd_user_accessible_page(pmd_t pmd, unsigned long addr) > +{ > + return pte_user_accessible_page(pmd_pte(pmd), addr); > +} Same, pmd_leaf() should be checked. > + > #ifdef CONFIG_TRANSPARENT_HUGEPAGE > extern pmd_t pfn_pmd(unsigned long pfn, pgprot_t pgprot); > extern pud_t pfn_pud(unsigned long pfn, pgprot_t pgprot); > diff --git a/arch/powerpc/include/asm/pgtable.h b/arch/powerpc/include/asm/pgtable.h > index 13f661831333..3741a63fb82e 100644 > --- a/arch/powerpc/include/asm/pgtable.h > +++ b/arch/powerpc/include/asm/pgtable.h > @@ -227,6 +227,32 @@ static inline int pud_pfn(pud_t pud) > } > #endif > > +#ifndef pte_user_accessible_page > +#define pte_user_accessible_page pte_user_accessible_page > +static inline bool pte_user_accessible_page(pte_t pte, unsigned long addr) > +{ > + return pte_present(pte) && !is_kernel_addr(addr); > +} > +#endif I would prefer to see one version in asm/book3s/32/pgtable.h and one in asm/nohash/pgtable.h and then avoid this game with ifdefs. > + > +#ifndef pmd_user_accessible_page > +#define pmd_user_accessible_page pmd_user_accessible_page > +static inline bool pmd_user_accessible_page(pmd_t pmd, unsigned long addr) > +{ > + WARN_ONCE(1, "pmd: platform does not use pmd entries directly"); > + return false; > +} > +#endif Also check pmd_leaf() and this function on all platforms. > + > +#ifndef pud_user_accessible_page > +#define pud_user_accessible_page pud_user_accessible_page > +static inline bool pud_user_accessible_page(pud_t pud, unsigned long addr) > +{ > + WARN_ONCE(1, "pud: platform does not use pud entries directly"); > + return false; > +} Also check pud_leaf() and this function on all platforms. > +#endif > + > #endif /* __ASSEMBLY__ */ > > #endif /* _ASM_POWERPC_PGTABLE_H */
diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h index 382724c5e872..ca765331e21d 100644 --- a/arch/powerpc/include/asm/book3s/64/pgtable.h +++ b/arch/powerpc/include/asm/book3s/64/pgtable.h @@ -538,6 +538,12 @@ static inline bool pte_access_permitted(pte_t pte, bool write) return arch_pte_access_permitted(pte_val(pte), write, 0); } +#define pte_user_accessible_page pte_user_accessible_page +static inline bool pte_user_accessible_page(pte_t pte, unsigned long addr) +{ + return pte_present(pte) && pte_user(pte); +} + /* * Conversion functions: convert a page and protection to a page entry, * and a page entry and page directory to the page they refer to. @@ -881,6 +887,7 @@ static inline int pud_present(pud_t pud) extern struct page *pud_page(pud_t pud); extern struct page *pmd_page(pmd_t pmd); + static inline pte_t pud_pte(pud_t pud) { return __pte_raw(pud_raw(pud)); @@ -926,6 +933,12 @@ static inline bool pud_access_permitted(pud_t pud, bool write) return pte_access_permitted(pud_pte(pud), write); } +#define pud_user_accessible_page pud_user_accessible_page +static inline bool pud_user_accessible_page(pud_t pud, unsigned long addr) +{ + return pte_user_accessible_page(pud_pte(pud), addr); +} + #define __p4d_raw(x) ((p4d_t) { __pgd_raw(x) }) static inline __be64 p4d_raw(p4d_t x) { @@ -1091,6 +1104,12 @@ static inline bool pmd_access_permitted(pmd_t pmd, bool write) return pte_access_permitted(pmd_pte(pmd), write); } +#define pmd_user_accessible_page pmd_user_accessible_page +static inline bool pmd_user_accessible_page(pmd_t pmd, unsigned long addr) +{ + return pte_user_accessible_page(pmd_pte(pmd), addr); +} + #ifdef CONFIG_TRANSPARENT_HUGEPAGE extern pmd_t pfn_pmd(unsigned long pfn, pgprot_t pgprot); extern pud_t pfn_pud(unsigned long pfn, pgprot_t pgprot); diff --git a/arch/powerpc/include/asm/pgtable.h b/arch/powerpc/include/asm/pgtable.h index 13f661831333..3741a63fb82e 100644 --- a/arch/powerpc/include/asm/pgtable.h +++ b/arch/powerpc/include/asm/pgtable.h @@ -227,6 +227,32 @@ static inline int pud_pfn(pud_t pud) } #endif +#ifndef pte_user_accessible_page +#define pte_user_accessible_page pte_user_accessible_page +static inline bool pte_user_accessible_page(pte_t pte, unsigned long addr) +{ + return pte_present(pte) && !is_kernel_addr(addr); +} +#endif + +#ifndef pmd_user_accessible_page +#define pmd_user_accessible_page pmd_user_accessible_page +static inline bool pmd_user_accessible_page(pmd_t pmd, unsigned long addr) +{ + WARN_ONCE(1, "pmd: platform does not use pmd entries directly"); + return false; +} +#endif + +#ifndef pud_user_accessible_page +#define pud_user_accessible_page pud_user_accessible_page +static inline bool pud_user_accessible_page(pud_t pud, unsigned long addr) +{ + WARN_ONCE(1, "pud: platform does not use pud entries directly"); + return false; +} +#endif + #endif /* __ASSEMBLY__ */ #endif /* _ASM_POWERPC_PGTABLE_H */
Page table checking depends on architectures providing an implementation of p{te,md,ud}_user_accessible_page. With refactorisations made on powerpc/mm, the pte_access_permitted() and similar methods verify whether a userland page is accessible with the required permissions. Since page table checking is the only user of p{te,md,ud}_user_accessible_page(), implement these for all platforms, using some of the same preliminay checks taken by pte_access_permitted() on that platform. Since Commit 8e9bd41e4ce1 ("powerpc/nohash: Replace pte_user() by pte_read()") pte_user() is no longer required to be present on all platforms as it may be equivalent to or implied by pte_read(). Hence implementations are specialised. Signed-off-by: Rohan McLure <rmclure@linux.ibm.com> --- v9: New implementation v10: Let book3s/64 use pte_user(), but otherwise default other platforms to using the address provided with the call to infer whether it is a user page or not. pmd/pud variants will warn on all other platforms, as they should not be used for user page mappings --- arch/powerpc/include/asm/book3s/64/pgtable.h | 19 ++++++++++++++ arch/powerpc/include/asm/pgtable.h | 26 ++++++++++++++++++++ 2 files changed, 45 insertions(+)