From patchwork Mon May 17 03:28:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479204 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=ECeJEuQr; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4W44cQxz9sCD for ; Mon, 17 May 2021 13:34:24 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4W447zJz3086 for ; Mon, 17 May 2021 13:34:24 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=ECeJEuQr; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::430; helo=mail-pf1-x430.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=ECeJEuQr; dkim-atps=neutral Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4V72YmVz2xZG for ; Mon, 17 May 2021 13:33:35 +1000 (AEST) Received: by mail-pf1-x430.google.com with SMTP id 22so3632945pfv.11 for ; Sun, 16 May 2021 20:33:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4IVi5T2xb7Q8tzYcYlA9sCQtJxuxd5mkqFUadleClqU=; b=ECeJEuQrwW4LE1uuAGObVWgfbp346ic58YNL1Q+BRDts4zVx6fpwzaU62/09w1TthQ i8EuQWFEm2rfo6rHEfPVEIYa43a5PNxZOlVo7M0bfiqpOeUClMrkT9tACK3XAPgW/OMk Aj05+INhBCliqS3J28aG8etF3/IWt4NWkENj+ECuMEDNbjfW3738ytbFx/5+tzrEiOPn UCM7qYk1n964VQ+3h3+KPq6+xClrVlyIzpRj8ajJLD+3v+BFF8jxQGIn4ZGHzYrj6PJM 9nkbP0lug97VH7i3xbaqNQ1Y3Ova0EqPqKNG5g/LOPIHasd/hkQaR/2NXmsuLxmnZCao vDpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4IVi5T2xb7Q8tzYcYlA9sCQtJxuxd5mkqFUadleClqU=; b=Jytyc90OZh2L705gDHvyMScv9J5Qr/MUapixSjb84+y4/gSvnNxSQ15IvccC+xGcJD JBAPz5WUjR7LQNhiqxH1d32/m5og0FyQBP8GUn9ON6gXu+wpKl8JrTOlm1mgSJRNL5VH xtKjAPP0OIK0EoZm1PwMS/UUl+nKMBM3RAUsFE3AS5Zh1XtZOuXwC/ecclXAI9rMz9q9 SnteYeUe5N9YtcUqzGORUSw5wTEqYPBPv2J/bMdL/dp1opiKZAns1EeN4m3p4R4GB0fk +GD/eWyTxkJFh712XUHsTokuoZEEoxaG29vXrywRDHgLSHHgg6zj962tW9pf5bM6g1kC 8wqg== X-Gm-Message-State: AOAM532HZSDlJHgWfeIGx4gdlsGFmUbDKxkPfBz+pFNob1x9jIdI5iK2 /35T1k9O5lzFy7i0g9jqi2vsFOzm8lg= X-Google-Smtp-Source: ABdhPJwTqamZladg24+oDQX4LPxNqduY9rAWIWfCQrWzwMpmhz03dIG9o0qRK/ABEr7POX/bS6UaXQ== X-Received: by 2002:a05:6a00:d41:b029:2db:1549:219e with SMTP id n1-20020a056a000d41b02902db1549219emr5227816pfv.71.1621222412580; Sun, 16 May 2021 20:33:32 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:32 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 1/9] powerpc/mm: Implement set_memory() routines Date: Mon, 17 May 2021 13:28:02 +1000 Message-Id: <20210517032810.129949-2-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" From: Russell Currey The set_memory_{ro/rw/nx/x}() functions are required for STRICT_MODULE_RWX, and are generally useful primitives to have. This implementation is designed to be generic across powerpc's many MMUs. It's possible that this could be optimised to be faster for specific MMUs. This implementation does not handle cases where the caller is attempting to change the mapping of the page it is executing from, or if another CPU is concurrently using the page being altered. These cases likely shouldn't happen, but a more complex implementation with MMU-specific code could safely handle them. On hash, the linear mapping is not kept in the linux pagetable, so this will not change the protection if used on that range. Currently these functions are not used on the linear map so just WARN for now. apply_to_existing_page_range() does not work on huge pages so for now disallow changing the protection of huge pages. Reviewed-by: Daniel Axtens Signed-off-by: Russell Currey Signed-off-by: Christophe Leroy [jpn: - Allow set memory functions to be used without Strict RWX - Hash: Disallow certain regions - Have change_page_attr() take function pointers to manipulate ptes - Radix: Add ptesync after set_pte_at()] Signed-off-by: Jordan Niethe --- v10: WARN if trying to change the hash linear map v11: - Update copywrite dates - Allow set memory functions to be used without Strict RWX - Hash: Disallow certain regions and add comment explaining why - Have change_page_attr() take function pointers to manipulate ptes - Clarify change_page_attr()'s comment - Radix: Add ptesync after set_pte_at() v12: - change_page_attr() back to taking an action value - disallow operating on huge pages v14: - only check is_vm_area_hugepages() for virtual memory --- arch/powerpc/Kconfig | 1 + arch/powerpc/include/asm/set_memory.h | 32 ++++++++ arch/powerpc/mm/Makefile | 2 +- arch/powerpc/mm/pageattr.c | 101 ++++++++++++++++++++++++++ 4 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 arch/powerpc/include/asm/set_memory.h create mode 100644 arch/powerpc/mm/pageattr.c diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 3f863dd21374..cce0a137b046 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -138,6 +138,7 @@ config PPC select ARCH_HAS_MEMBARRIER_CALLBACKS select ARCH_HAS_MEMBARRIER_SYNC_CORE select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 + select ARCH_HAS_SET_MEMORY select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST select ARCH_HAS_UACCESS_FLUSHCACHE diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h new file mode 100644 index 000000000000..64011ea444b4 --- /dev/null +++ b/arch/powerpc/include/asm/set_memory.h @@ -0,0 +1,32 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_POWERPC_SET_MEMORY_H +#define _ASM_POWERPC_SET_MEMORY_H + +#define SET_MEMORY_RO 0 +#define SET_MEMORY_RW 1 +#define SET_MEMORY_NX 2 +#define SET_MEMORY_X 3 + +int change_memory_attr(unsigned long addr, int numpages, long action); + +static inline int set_memory_ro(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_RO); +} + +static inline int set_memory_rw(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_RW); +} + +static inline int set_memory_nx(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_NX); +} + +static inline int set_memory_x(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_X); +} + +#endif diff --git a/arch/powerpc/mm/Makefile b/arch/powerpc/mm/Makefile index c3df3a8501d4..9142cf1fb0d5 100644 --- a/arch/powerpc/mm/Makefile +++ b/arch/powerpc/mm/Makefile @@ -5,7 +5,7 @@ ccflags-$(CONFIG_PPC64) := $(NO_MINIMAL_TOC) -obj-y := fault.o mem.o pgtable.o mmap.o maccess.o \ +obj-y := fault.o mem.o pgtable.o mmap.o maccess.o pageattr.o \ init_$(BITS).o pgtable_$(BITS).o \ pgtable-frag.o ioremap.o ioremap_$(BITS).o \ init-common.o mmu_context.o drmem.o \ diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c new file mode 100644 index 000000000000..5e5ae50a7f23 --- /dev/null +++ b/arch/powerpc/mm/pageattr.c @@ -0,0 +1,101 @@ +// SPDX-License-Identifier: GPL-2.0 + +/* + * MMU-generic set_memory implementation for powerpc + * + * Copyright 2019-2021, IBM Corporation. + */ + +#include +#include +#include + +#include +#include +#include + + +/* + * Updates the attributes of a page in three steps: + * + * 1. invalidate the page table entry + * 2. flush the TLB + * 3. install the new entry with the updated attributes + * + * Invalidating the pte means there are situations where this will not work + * when in theory it should. + * For example: + * - removing write from page whilst it is being executed + * - setting a page read-only whilst it is being read by another CPU + * + */ +static int change_page_attr(pte_t *ptep, unsigned long addr, void *data) +{ + long action = (long)data; + pte_t pte; + + spin_lock(&init_mm.page_table_lock); + + /* invalidate the PTE so it's safe to modify */ + pte = ptep_get_and_clear(&init_mm, addr, ptep); + flush_tlb_kernel_range(addr, addr + PAGE_SIZE); + + /* modify the PTE bits as desired, then apply */ + switch (action) { + case SET_MEMORY_RO: + pte = pte_wrprotect(pte); + break; + case SET_MEMORY_RW: + pte = pte_mkwrite(pte_mkdirty(pte)); + break; + case SET_MEMORY_NX: + pte = pte_exprotect(pte); + break; + case SET_MEMORY_X: + pte = pte_mkexec(pte); + break; + default: + WARN_ON_ONCE(1); + break; + } + + set_pte_at(&init_mm, addr, ptep, pte); + + /* See ptesync comment in radix__set_pte_at() */ + if (radix_enabled()) + asm volatile("ptesync": : :"memory"); + spin_unlock(&init_mm.page_table_lock); + + return 0; +} + +int change_memory_attr(unsigned long addr, int numpages, long action) +{ + unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE); + unsigned long size = numpages * PAGE_SIZE; + + if (!numpages) + return 0; + + if (WARN_ON_ONCE(is_vmalloc_or_module_addr((void *)addr) && + is_vm_area_hugepages((void *)addr))) + return -EINVAL; + +#ifdef CONFIG_PPC_BOOK3S_64 + /* + * On hash, the linear mapping is not in the Linux page table so + * apply_to_existing_page_range() will have no effect. If in the future + * the set_memory_* functions are used on the linear map this will need + * to be updated. + */ + if (!radix_enabled()) { + int region = get_region_id(addr); + + if (WARN_ON_ONCE(region != VMALLOC_REGION_ID && region != IO_REGION_ID)) + return -EINVAL; + } +#endif + + return apply_to_existing_page_range(&init_mm, start, size, + change_page_attr, (void *)action); +} From patchwork Mon May 17 03:28:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479205 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=QRxwYqYc; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4WX43Kbz9sCD for ; Mon, 17 May 2021 13:34:48 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4WX3YXRz30DB for ; Mon, 17 May 2021 13:34:48 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=QRxwYqYc; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::42a; helo=mail-pf1-x42a.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=QRxwYqYc; dkim-atps=neutral Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com [IPv6:2607:f8b0:4864:20::42a]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4VC4wZnz2xv4 for ; Mon, 17 May 2021 13:33:39 +1000 (AEST) Received: by mail-pf1-x42a.google.com with SMTP id d78so3155027pfd.10 for ; Sun, 16 May 2021 20:33:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xGhjnXn/C0qTfkhl0tEeiHCLhVCbdYoTtED7Ch6E9ZU=; b=QRxwYqYccFqisHxXldQ3an8+rX+dLyjISOiKj/jwIVwRXMcUipZo0M7uxP+yIwysCF RhHULhgIpCy7kvYK5mUZ4CGYMzDrtOiV1XFtrzuj8oXLPCwDc7AjVHBLHdxVUP1wL2h0 N26OhiCmew9onnP0589/nrEw84Pb1E7mm7AhbAzD9Ben4HVpKRN5aJfzeSgpVmVZYlPo QvTR+ueUBNNJREzbZr0nUOi40j8y5XuQ1EIMh3Pk4jA0pSMMOjv6mOrSHnKxd44yVgqi X5btIT3WaBYb3+qoewOuPZ9yXKt1M34rFx3dZEz2/8nnnvQo7iBYKpeGHfr3IRGy0whP mCxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xGhjnXn/C0qTfkhl0tEeiHCLhVCbdYoTtED7Ch6E9ZU=; b=d8cx9h7qgaze/RLVjbNDybTpIcgR0Gk9kpMw7xkek4LvqhDiXysUFWFQN1UOi6/VAh MNEJh0YxwtHjozQncuMn5QNqMTVrZU2bxYhOo7MCJL6d45l3bXDYWFHoLqJ9HBD6cK2a Ll39dJFAl5pAWUI26S5+P4rfba2+VlH46p7Ys5BAG0wpK3WJEMrF3u1oNYrK6qHRAiYt +4SIQcufwNTKvAUrTTLprCyZfa2jJY0mtPqobDX7VFQpGY4JuDZrRERdQNo+GImvL2Eh Z0ljWikCmMglzLPt3gjmHik9aCO8/2xqE2QsJdRIE5+phztqTpX37oj3AI8ya/HundvM /hrw== X-Gm-Message-State: AOAM530W5a70SQ9K7HELnLk/gz0t2DRTgoRJc5x1/1aNY1Ujf30B7Opv S1f0IpHB4vrydktu4jbzu57pqphJH94= X-Google-Smtp-Source: ABdhPJwMahADI0pTZ8ubPXdDM1ZZr5j4Mw6VOpVIaS1+GN4sQSwRxmxXmSzySJD2HAFgMYBr6Yl+tw== X-Received: by 2002:a62:7c46:0:b029:2dc:cb24:b5b1 with SMTP id x67-20020a627c460000b02902dccb24b5b1mr998643pfc.77.1621222416885; Sun, 16 May 2021 20:33:36 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:36 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 2/9] powerpc/lib/code-patching: Set up Strict RWX patching earlier Date: Mon, 17 May 2021 13:28:03 +1000 Message-Id: <20210517032810.129949-3-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" setup_text_poke_area() is a late init call so it runs before mark_rodata_ro() and after the init calls. This lets all the init code patching simply write to their locations. In the future, kprobes is going to allocate its instruction pages RO which means they will need setup_text__poke_area() to have been already called for their code patching. However, init_kprobes() (which allocates and patches some instruction pages) is an early init call so it happens before setup_text__poke_area(). start_kernel() calls poking_init() before any of the init calls. On powerpc, poking_init() is currently a nop. setup_text_poke_area() relies on kernel virtual memory, cpu hotplug and per_cpu_areas being setup. setup_per_cpu_areas(), boot_cpu_hotplug_init() and mm_init() are called before poking_init(). Turn setup_text_poke_area() into poking_init(). Reviewed-by: Christophe Leroy Reviewed-by: Russell Currey Signed-off-by: Jordan Niethe --- v9: New to series --- arch/powerpc/lib/code-patching.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c index 870b30d9be2f..15296207e1ba 100644 --- a/arch/powerpc/lib/code-patching.c +++ b/arch/powerpc/lib/code-patching.c @@ -70,14 +70,11 @@ static int text_area_cpu_down(unsigned int cpu) } /* - * Run as a late init call. This allows all the boot time patching to be done - * simply by patching the code, and then we're called here prior to - * mark_rodata_ro(), which happens after all init calls are run. Although - * BUG_ON() is rude, in this case it should only happen if ENOMEM, and we judge - * it as being preferable to a kernel that will crash later when someone tries - * to use patch_instruction(). + * Although BUG_ON() is rude, in this case it should only happen if ENOMEM, and + * we judge it as being preferable to a kernel that will crash later when + * someone tries to use patch_instruction(). */ -static int __init setup_text_poke_area(void) +int __init poking_init(void) { BUG_ON(!cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "powerpc/text_poke:online", text_area_cpu_up, @@ -85,7 +82,6 @@ static int __init setup_text_poke_area(void) return 0; } -late_initcall(setup_text_poke_area); /* * This can be called for kernel text or a module. From patchwork Mon May 17 03:28:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479206 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nJyBV0aC; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4XC0qnCz9sCD for ; Mon, 17 May 2021 13:35:23 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4XC0JGWz3c5w for ; Mon, 17 May 2021 13:35:23 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nJyBV0aC; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::536; helo=mail-pg1-x536.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nJyBV0aC; dkim-atps=neutral Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4VJ0xNQz300C for ; Mon, 17 May 2021 13:33:43 +1000 (AEST) Received: by mail-pg1-x536.google.com with SMTP id k15so3689511pgb.10 for ; Sun, 16 May 2021 20:33:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+ep7kGAzWpureAahQzZ9T0pD7WKuXMlOu9Vr8VpDzdo=; b=nJyBV0aChqVl8ko04YGBeUBErt531PHsDb0PGgz5nlMRImzH5E5y5On3dga6vNcyd1 eKlHpvgk+WeRXI38TbkYyJpr/36/H95xoWf8DwIKRKDG96H6OB84mazC1dmvOGqpm+1s 5x2qnzRdDe2OqRQwIAwGstKedHOeF+gZmMiOMMGqz1t9xJs7DUsaT5WuhxR814AqgRzA AUSRk+VyJ91Xusy00au9do4qsknKVTvcGXARrVxV2gCWYPrFjwMqFFiW4rUNVTFfm69Q 7IJb2A5LtwcTUzE9RCZTDVjtWcaPS0Qh+hu+Ry2aNAUBlHRej2LztHQGSPeGH7QUhDEq yPmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+ep7kGAzWpureAahQzZ9T0pD7WKuXMlOu9Vr8VpDzdo=; b=Dcqa2LnTwCXr/rl3ap/ORProD/a1WkiyJXhKdyzkHyf1TcO6ZKwp3GcTYgeBKpzoJT GBrpe1gDdQdLWupAL8tHU59LsPEV6IrGZax07sYNNXSjJ9oNj5akBqsfk0lNVBv7eWaI 83vOI4LmYRfoOhivm2D4dsAua8rggrsDZ6DNTlZfxj+MfHlePeS1pMG02dnjYObCbVjt JEj8sMpZgOAbT2UdNMNPXDKWMCEIjLk9kL0La1CfEuCWco4FaS/pTp+knQUijqy5Qv2g xvI4y+p21/pklLo1uuXYYtCInD0Kv9HDaqxffA50N7bYMjsBn1BBS3/v6H6lPI5lHheb W+7g== X-Gm-Message-State: AOAM532+ONuLNV+QjQfCF2xy0/UgPlpDIvqLXwVCjDllG2Lf/rEdQ54D SxDWwkNNVr3JdqjfPyXIdCEBF4CROFk= X-Google-Smtp-Source: ABdhPJxc+3SSWBowQ2h+sxNGdLZHtTJK6dBor6o/1YxhpZ0xVEJuVcA01+msSBSHhC51XgpF5/u7XQ== X-Received: by 2002:a05:6a00:1384:b029:2c7:fcda:8d83 with SMTP id t4-20020a056a001384b02902c7fcda8d83mr32759412pfg.0.1621222421442; Sun, 16 May 2021 20:33:41 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:41 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 3/9] powerpc/modules: Make module_alloc() Strict Module RWX aware Date: Mon, 17 May 2021 13:28:04 +1000 Message-Id: <20210517032810.129949-4-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Make module_alloc() use PAGE_KERNEL protections instead of PAGE_KERNEL_EXEX if Strict Module RWX is enabled. Signed-off-by: Jordan Niethe --- v14: - Split out from powerpc: Set ARCH_HAS_STRICT_MODULE_RWX - Add and use strict_module_rwx_enabled() helper --- arch/powerpc/include/asm/mmu.h | 5 +++++ arch/powerpc/kernel/module.c | 4 +++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/include/asm/mmu.h b/arch/powerpc/include/asm/mmu.h index 607168b1aef4..7710bf0cbf8a 100644 --- a/arch/powerpc/include/asm/mmu.h +++ b/arch/powerpc/include/asm/mmu.h @@ -357,6 +357,11 @@ static inline bool strict_kernel_rwx_enabled(void) return false; } #endif + +static inline bool strict_module_rwx_enabled(void) +{ + return IS_ENABLED(CONFIG_STRICT_MODULE_RWX) && strict_kernel_rwx_enabled(); +} #endif /* !__ASSEMBLY__ */ /* The kernel use the constants below to index in the page sizes array. diff --git a/arch/powerpc/kernel/module.c b/arch/powerpc/kernel/module.c index 3f35c8d20be7..ed04a3ba66fe 100644 --- a/arch/powerpc/kernel/module.c +++ b/arch/powerpc/kernel/module.c @@ -92,12 +92,14 @@ int module_finalize(const Elf_Ehdr *hdr, static __always_inline void * __module_alloc(unsigned long size, unsigned long start, unsigned long end) { + pgprot_t prot = strict_module_rwx_enabled() ? PAGE_KERNEL : PAGE_KERNEL_EXEC; + /* * Don't do huge page allocations for modules yet until more testing * is done. STRICT_MODULE_RWX may require extra work to support this * too. */ - return __vmalloc_node_range(size, 1, start, end, GFP_KERNEL, PAGE_KERNEL_EXEC, + return __vmalloc_node_range(size, 1, start, end, GFP_KERNEL, prot, VM_FLUSH_RESET_PERMS | VM_NO_HUGE_VMAP, NUMA_NO_NODE, __builtin_return_address(0)); } From patchwork Mon May 17 03:28:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479207 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nIQ7ArO/; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4Xk0nz6z9sCD for ; Mon, 17 May 2021 13:35:50 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4Xk0Fn6z3c9N for ; Mon, 17 May 2021 13:35:50 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nIQ7ArO/; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::631; helo=mail-pl1-x631.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=nIQ7ArO/; dkim-atps=neutral Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4VN4t25z306g for ; Mon, 17 May 2021 13:33:48 +1000 (AEST) Received: by mail-pl1-x631.google.com with SMTP id h20so2366183plr.4 for ; Sun, 16 May 2021 20:33:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8nUO3o1Rk5zU3GJKq2lCYNMZ7SSdbZ8JgFqljMGtov4=; b=nIQ7ArO/KZzeA3NQy+LPncGE/9L9E43YxHaIMTJlqRpXVTGqPSsRCkyfJ3xbUB/AXV 0reCIA1HzUsK4WNQErt4H6wlxPsQ6x/XNPuw5mV1u85AqCcRKDToYNPEE3co6Xk+cYyy bcD1mqOPk6/zlUVy0C8+4qUe4rYyfoXwOKjIM1tcrjTMfoHyT0Zq+3SGMMQWS99u3sRd EjorJ+wwEVFOzRuqhB9ejc95vHGA/eNPcl8vUr6pYCZOjCJflujTWEKGdL7NBWf/X9Xp 2i4S8cQQDV/Lm+24nQ70oTLSJK9J8+sXk/niPYjVEPVzAoXNu7RwJ443VOWAM5YrReuc e9dQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=8nUO3o1Rk5zU3GJKq2lCYNMZ7SSdbZ8JgFqljMGtov4=; b=R7xpf+q7vBekkfyp7pQDJFWKKKN1HX2AJxGee46rVgHjohLcapN6si8kl15kaL/3cI +E5eT8ZBebLfkGf2d7zUzAgmvVzqdbZTVpMfs6oDTPhwq6++F+2GC2frvb4xKGyABPuP sw2JL6xgQ74mm8rB3aqgogCa/+tFi+8qGLqZEzuOFNDvQWrEr2JeSO+P+U+BuCUGdU7a JrXUW3bRTtuevoM1rA/hclrs4IDnV83mKK1T0uoqq31AKzS6TUKOfU+My58+x1MJC1OU 6vCO40pk3iM7EDk9x3CywrdXkdw7NeRGxRY+m0R3yy5EmZypfqfBtp3kWqt42JkFmye2 u3WA== X-Gm-Message-State: AOAM53137Z0mW6d/OvDnGqVyKXo3XQbjKqNbeyhNhIiE1VAZ611YAj27 ruyIRVWxjPFlL37PMpgTqEbSDGixrjU= X-Google-Smtp-Source: ABdhPJxxJGVjHGKhrcL0W+U2o5aUZPcvnXQqp5eqVtFJEu5mTo7GUp9dRqdAZ2y/sW0wc+Oh1KTJGQ== X-Received: by 2002:a17:90a:4545:: with SMTP id r5mr14803941pjm.51.1621222426109; Sun, 16 May 2021 20:33:46 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:45 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 4/9] powerpc/kprobes: Mark newly allocated probes as ROX Date: Mon, 17 May 2021 13:28:05 +1000 Message-Id: <20210517032810.129949-5-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" From: Russell Currey Add the arch specific insn page allocator for powerpc. This allocates ROX pages if STRICT_KERNEL_RWX is enabled. These pages are only written to with patch_instruction() which is able to write RO pages. Reviewed-by: Daniel Axtens Signed-off-by: Russell Currey Signed-off-by: Christophe Leroy [jpn: Reword commit message, switch to __vmalloc_node_range()] Signed-off-by: Jordan Niethe --- v9: - vmalloc_exec() no longer exists - Set the page to RW before freeing it v10: - use __vmalloc_node_range() v11: - Neaten up v12: - Switch from __vmalloc_node_range() to module_alloc() v13: Use strict_kernel_rwx_enabled() v14: Use strict_module_rwx_enabled() --- arch/powerpc/kernel/kprobes.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/powerpc/kernel/kprobes.c b/arch/powerpc/kernel/kprobes.c index 01ab2163659e..937e338053ff 100644 --- a/arch/powerpc/kernel/kprobes.c +++ b/arch/powerpc/kernel/kprobes.c @@ -19,11 +19,13 @@ #include #include #include +#include #include #include #include #include #include +#include #include DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL; @@ -103,6 +105,21 @@ kprobe_opcode_t *kprobe_lookup_name(const char *name, unsigned int offset) return addr; } +void *alloc_insn_page(void) +{ + void *page; + + page = module_alloc(PAGE_SIZE); + if (!page) + return NULL; + + if (strict_module_rwx_enabled()) { + set_memory_ro((unsigned long)page, 1); + set_memory_x((unsigned long)page, 1); + } + return page; +} + int arch_prepare_kprobe(struct kprobe *p) { int ret = 0; From patchwork Mon May 17 03:28:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479208 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=J7lw4EVm; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4YD1Cwmz9sCD for ; Mon, 17 May 2021 13:36:16 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4YD0cxpz3cGd for ; Mon, 17 May 2021 13:36:16 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=J7lw4EVm; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::102d; helo=mail-pj1-x102d.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=J7lw4EVm; dkim-atps=neutral Received: from mail-pj1-x102d.google.com (mail-pj1-x102d.google.com [IPv6:2607:f8b0:4864:20::102d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4VT1lz0z308p for ; Mon, 17 May 2021 13:33:52 +1000 (AEST) Received: by mail-pj1-x102d.google.com with SMTP id t11so2917353pjm.0 for ; Sun, 16 May 2021 20:33:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zwESIBZpnR2m975fHalvCep9CeFwEanqy1akHv4NJIU=; b=J7lw4EVm7AC9ahoMtQkOYSo+707+XcWiq+0qwiknJ80mnPZ9BPBl+OUU2RLD8eB30g uztA2WI6cohxJzasaRlkZB7/0X+GKFjWgT69BYDIX/OJj4n4CQBZyAMRS5TL/Ux+Cw2i IxYNotxJU3DsFbVcCXdvUem1nic7vU05yZPusKZUMpurd7j0D+7IEvSiI8JH9neoccsY 2v7Dt1EZQ5TF1fNGmUxkV2fflV9J7W9MCwzVkcspUF1ozzBLUNRgtdkLpPxK1MCO3EPw t64SqR+/gGl3mImvDifkazfyfZYAj0lwMeLRTU6+o4nUWUgRyuBmNLnsU3vsG73InQpr 5SxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zwESIBZpnR2m975fHalvCep9CeFwEanqy1akHv4NJIU=; b=hytVV6lJvK2USuUWq7nHwGwFmhBwhnQJouggh7sAMU7ToxKsWBWaB5/ztrlClL+oC2 hMsBxBvfr3A+YlbTPy24rJcv/LoS4MjaDDyx7GB6uLyzx1JoZpCcjVrUkpCzwVayi0vL gqOPFvA0jz+7+wloh987a6XKFiwOo/0DtkTsvwss4XlDlboeBcnjC4tgpHkqsReBmMkt QTIdZVGNGPA+mxHWVIWjIPEu+gfoJEiJOS992qFr/EaWMWuKJkcYI+gTV9mRYgOLsRvl pScX2LZJQIyUWZGZrOCspRcRX7ouHGVaXtI/HI1i0yLBNbzk5dyiZehoo6wmipefm60y LWzQ== X-Gm-Message-State: AOAM533h2tSQQxnl6nsPj/Fw0ktMdDhqbvmxJ3T86wedxbWMWAPFlTB7 XAo0q5q1NyDpKofQFDFPftMSBa7IJMI= X-Google-Smtp-Source: ABdhPJwviFL6uWapgv6dPFvplwxHbjylI/ubSTRklJ/d7X//zJ+LJEW3Mu6tCdN+iVdE6UuTakchnw== X-Received: by 2002:a17:90a:1782:: with SMTP id q2mr65065666pja.73.1621222431024; Sun, 16 May 2021 20:33:51 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:50 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 5/9] powerpc/bpf: Remove bpf_jit_free() Date: Mon, 17 May 2021 13:28:06 +1000 Message-Id: <20210517032810.129949-6-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Commit 74451e66d516 ("bpf: make jited programs visible in traces") added a default bpf_jit_free() implementation. Powerpc did not use the default bpf_jit_free() as powerpc did not set the images read-only. The default bpf_jit_free() called bpf_jit_binary_unlock_ro() is why it could not be used for powerpc. Commit d53d2f78cead ("bpf: Use vmalloc special flag") moved keeping track of read-only memory to vmalloc. This included removing bpf_jit_binary_unlock_ro(). Therefore there is no reason powerpc needs its own bpf_jit_free(). Remove it. Reviewed-by: Christophe Leroy Signed-off-by: Jordan Niethe --- v11: New to series --- arch/powerpc/net/bpf_jit_comp.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c index 798ac4350a82..6c8c268e4fe8 100644 --- a/arch/powerpc/net/bpf_jit_comp.c +++ b/arch/powerpc/net/bpf_jit_comp.c @@ -257,15 +257,3 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp) return fp; } - -/* Overriding bpf_jit_free() as we don't set images read-only. */ -void bpf_jit_free(struct bpf_prog *fp) -{ - unsigned long addr = (unsigned long)fp->bpf_func & PAGE_MASK; - struct bpf_binary_header *bpf_hdr = (void *)addr; - - if (fp->jited) - bpf_jit_binary_free(bpf_hdr); - - bpf_prog_unlock_free(fp); -} From patchwork Mon May 17 03:28:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479209 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=lGaHC6Q/; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4Yj1q79z9sCD for ; Mon, 17 May 2021 13:36:41 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4Yj1C7fz3cN6 for ; Mon, 17 May 2021 13:36:41 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=lGaHC6Q/; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::631; helo=mail-pl1-x631.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=lGaHC6Q/; dkim-atps=neutral Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4VY5wGJz2yyL for ; Mon, 17 May 2021 13:33:57 +1000 (AEST) Received: by mail-pl1-x631.google.com with SMTP id 69so2362731plc.5 for ; Sun, 16 May 2021 20:33:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hn7unOXRknxUolKeI3R/RYUkNJ1IJ3Em4zYkxuuGOMo=; b=lGaHC6Q/JYRei0Y+jn2Wh5MpDK9oRT5GHJusOo3rl5sfJn/FPOxKJ6SHZ7cQ09E54l UTZyi0YSTiOlItepSmU9Bb+uSEwePJ6bI7rvDYAY/VGLBwjWgRbBdWHMW5jzY009A29L LR1154TVVU5QFzD92B9ZSDPROHb6tPp6v/BOJHeZ+pLMXk6Y6vj5Xv4MZ2NP9DcI7sZY 9bdsL8OuQ87RtZDYIAGI0khCnCravq2m53lxLuA0nIje+iP2+udqFyVInre4ix8p7VOT DTm3Qpoe1zkgW5Cq97BzqSosYEnHE1QzCAmWD4kT2dqGV06Hu1Wf8KoGfKhGaeDPLMNT FYBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hn7unOXRknxUolKeI3R/RYUkNJ1IJ3Em4zYkxuuGOMo=; b=Z/qZ5klWimyx1PUv/uA+/k1Wo5pnr71Zv83/nBx4FvAkQxOI4p5eegb4AINp8DmWFc YizEcnrl/7fxvE7YLzrDvU8YElXFmtNmMu5dozS9PWDbqUWHKDxcb0C7hqb/ll4KlTKe deAUeyNyy2M/J2bodsfdZVUKjTtMNe8nDTKAa+z+6U2Ku8GrvrKS4MHLYzfqGvGYl3hC yFh7gTMOaY816oBYMBCa7bds1ptJBH2sbeSmdnBYuie9tUVFk4BlOUpoUrd06iBQkh9I 27gGgzMgWLVKM0IQA2LC/wILR/RpykCWboksytynTBzVbUgIE+7sbDxThsY6zloRi48N huPA== X-Gm-Message-State: AOAM531/0pej+9jPFAWSS5vlCQK0xsVWiMWASBNKTLfozHX6sV1e9FaP sC46SFbDjP0RxKS1IgC3rviSbf9e//c= X-Google-Smtp-Source: ABdhPJzXDyDVZmaaEpbHjNvBlLBs4R8+us2uiQgWBbazu3lVyZhk5soIV9FGlicjR+n2rvfqi6cxyQ== X-Received: by 2002:a17:90a:ee89:: with SMTP id i9mr1117265pjz.57.1621222435985; Sun, 16 May 2021 20:33:55 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:33:55 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 6/9] powerpc/bpf: Write protect JIT code Date: Mon, 17 May 2021 13:28:07 +1000 Message-Id: <20210517032810.129949-7-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Add the necessary call to bpf_jit_binary_lock_ro() to remove write and add exec permissions to the JIT image after it has finished being written. Without CONFIG_STRICT_MODULE_RWX the image will be writable and executable until the call to bpf_jit_binary_lock_ro(). Reviewed-by: Christophe Leroy Signed-off-by: Jordan Niethe --- v10: New to series v11: Remove CONFIG_STRICT_MODULE_RWX conditional --- arch/powerpc/net/bpf_jit_comp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c index 6c8c268e4fe8..53aefee3fe70 100644 --- a/arch/powerpc/net/bpf_jit_comp.c +++ b/arch/powerpc/net/bpf_jit_comp.c @@ -237,6 +237,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp) fp->jited_len = alloclen; bpf_flush_icache(bpf_hdr, (u8 *)bpf_hdr + (bpf_hdr->pages * PAGE_SIZE)); + bpf_jit_binary_lock_ro(bpf_hdr); if (!fp->is_func || extra_pass) { bpf_prog_fill_jited_linfo(fp, addrs); out_addrs: From patchwork Mon May 17 03:28:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479210 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=F4Uf072+; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4ZB26Ntz9sCD for ; Mon, 17 May 2021 13:37:06 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4ZB1qw2z3c1T for ; Mon, 17 May 2021 13:37:06 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=F4Uf072+; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::52c; helo=mail-pg1-x52c.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=F4Uf072+; dkim-atps=neutral Received: from mail-pg1-x52c.google.com (mail-pg1-x52c.google.com [IPv6:2607:f8b0:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4Vg6B3mz30NR for ; Mon, 17 May 2021 13:34:03 +1000 (AEST) Received: by mail-pg1-x52c.google.com with SMTP id l70so3718455pga.1 for ; Sun, 16 May 2021 20:34:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=cNraGQoLc4iukBkSNLJN6zryOfDc3aP66V4objjPpD0=; b=F4Uf072+gMfkcjbiDrGR67z6YDfJ7FNKuVMPFxDCKftTj6u3+t41wH9FxoHDvc8cc+ qO7iDfxR0ejDfnAh+cZsLFwbov1PEwRzGv5tmTSvvYZutWzAgQw/LPR24eYQbZ91qHpC 1RzoaoGrx7p3xhmj21znSYndSFG2GlfVDoF//OSMvJDACeOVkLgINhPb4OWcPfnCUq/E hIbnzsccxsKAZKn+s/Yibt04mApOAtg3ixvr7I6jSjTcOPdt0Y0l8KkXTSmQVt6HV55A ZmE7tef2aZ29bxj82ev3VHdx7KvmDhbTmnuevMX8jjz55+d9f3T/bDRHGfJdC0MGnY3f AvIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=cNraGQoLc4iukBkSNLJN6zryOfDc3aP66V4objjPpD0=; b=t2yM3NjDg/X0Oo64yhbgBBWjU2Uugl3NmXLqk2UZSKK+FMG5GcQz08A7BnWDWuKlUc pg+AcvYFwjx921du8eY/mUEYRqyTg7l3hTyqsqNSvB/5Fe/eLWw8oaZecu1fM17dF7fH MDnV7zP30hsTEX/15ExR+YNLLP5Ai9foTlJMYjXeKhtTZqXuElX1APReV3NmgvD46URU Q+0RB/819a66fmJlxQ42MZvb0q5jm7VfGD9PzoHoBpy86qoP4P3BYEkMp8DqRZIe9zxH dintYfP3eCKPTXkvlMctZxAtXMw0v5bEp9xEHB5sw/K7QoV+9LDUwde3Kh0ZJtSLMoEo HJtg== X-Gm-Message-State: AOAM532MkqBaVrFHZVEPhbyFTiTZkN88lLfSu7MLGLK44GyYanBuHdbH moefu8AqqWWtN62YcljrKCZ54p8/FcY= X-Google-Smtp-Source: ABdhPJwOCW5SqOHQwol8jigJJuelEmHuW7rwvcbUsO3YDv+t6mGfX7eATgAw4wmAK6zbtiFLJWbyBA== X-Received: by 2002:a05:6a00:14cb:b029:2be:1466:5a28 with SMTP id w11-20020a056a0014cbb02902be14665a28mr38060025pfu.55.1621222441166; Sun, 16 May 2021 20:34:01 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.33.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:34:00 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 7/9] powerpc: Set ARCH_HAS_STRICT_MODULE_RWX Date: Mon, 17 May 2021 13:28:08 +1000 Message-Id: <20210517032810.129949-8-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" From: Russell Currey To enable strict module RWX on powerpc, set: CONFIG_STRICT_MODULE_RWX=y You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real security benefit. ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX. This is due to a quirk in arch/Kconfig and arch/powerpc/Kconfig that makes STRICT_MODULE_RWX *on by default* in configurations where STRICT_KERNEL_RWX is *unavailable*. Since this doesn't make much sense, and module RWX without kernel RWX doesn't make much sense, having the same dependencies as kernel RWX works around this problem. Book32s/32 processors with a hash mmu (i.e. 604 core) can not set memory protection on a page by page basis so do not enable. Signed-off-by: Russell Currey [jpn: - predicate on !PPC_BOOK3S_604 - make module_alloc() use PAGE_KERNEL protection] Signed-off-by: Jordan Niethe Reviewed-by: Christophe Leroy --- v10: - Predicate on !PPC_BOOK3S_604 - Make module_alloc() use PAGE_KERNEL protection v11: - Neaten up v13: Use strict_kernel_rwx_enabled() v14: Make changes to module_alloc() its own commit --- arch/powerpc/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index cce0a137b046..cb5d9d862c35 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -140,6 +140,7 @@ config PPC select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 select ARCH_HAS_SET_MEMORY select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) + select ARCH_HAS_STRICT_MODULE_RWX if ARCH_HAS_STRICT_KERNEL_RWX && !PPC_BOOK3S_604 select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST select ARCH_HAS_UACCESS_FLUSHCACHE select ARCH_HAS_COPY_MC if PPC64 From patchwork Mon May 17 03:28:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479211 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=Qxn0R3mJ; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4Zm5bS5z9s1l for ; Mon, 17 May 2021 13:37:36 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4Zm55gJz3c2g for ; Mon, 17 May 2021 13:37:36 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=Qxn0R3mJ; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::62f; helo=mail-pl1-x62f.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=Qxn0R3mJ; dkim-atps=neutral Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4Vm6jdtz3bsF for ; Mon, 17 May 2021 13:34:08 +1000 (AEST) Received: by mail-pl1-x62f.google.com with SMTP id b21so2386111plz.0 for ; Sun, 16 May 2021 20:34:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=73lCnqrVhO1Rqxiqs9OGNpEuWzRE3MRG2Lu6lmhZPKo=; b=Qxn0R3mJ1DXFbfPOS0rqR9LqVVbGnL5iH4EakKLZrv+yxqDCGr06wrEdvSdWKJ8tou eApAYwEzWuROr7jmEoERGtJlA9sU6fKJrPEN/vWCHJb9ipj+79wmSsC5zwJbb8dDmUJQ VgjDp6zQmb3psLsnJiDeUI3BHofdLdy1VSWYDFW8zQVg69XcdoWxtbfoA/eFoC3PIGPA HYiaBW7CDKgLxWkdPD66sFsNECAQ0WuwYezDn4CImI+z+DFzipT+mduTaTkfoxac36I7 ij+o42Q6svCLtyDAm2yMckwuWe60Fek55Z75QchX/K6b/Wq4eMyc5DV4slavj2CngzY/ QXiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=73lCnqrVhO1Rqxiqs9OGNpEuWzRE3MRG2Lu6lmhZPKo=; b=hFbRXHE/4RVAegqPa+9YVV+RECL9Te186Xd0KrMzTaVzUQa3AMBk1AsVi6ucPVjUgm UBplQ9xcdw+3fYxWkfUJkC/d9lY9doDbyfXXPAFTnQQggnijvTevfxaW6k3RPLVib4MI GjSTz5JSMhv2He7SCRABWmPqpMNe9hILwJUIbqXaDT/w9VetfYQqkztjckLI77wbuwSG 6oBKnpQwd//I2/GipquIkQ3X/msZZ6ynKp/lxJEaeFViKxa7KKpJ/wTk7D7qybvDtD0m 8Tfl0sfdaGgayc4ivAGS67cqi6T04sANqIKT6unNktSWPQvWVp8iS/mwooGRr/bhsy/I ehqw== X-Gm-Message-State: AOAM533MgLetuX0JGLm0LleAO1zUHBt2l8yflq4HD5QxPKQgWRgdmA1I n8jdufSDB4rKknbUu20qDP4PpeI3QVU= X-Google-Smtp-Source: ABdhPJznWr92PADFOTrKUw4h19YJbeSY4n5XIj4T+rr8C5DsMUYbqFcbm2Q7foOnfa4s1h/jPFdgzQ== X-Received: by 2002:a17:903:2403:b029:ee:eaf1:848d with SMTP id e3-20020a1709032403b02900eeeaf1848dmr58148756plo.63.1621222446354; Sun, 16 May 2021 20:34:06 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.34.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:34:06 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 8/9] powerpc/mm: implement set_memory_attr() Date: Mon, 17 May 2021 13:28:09 +1000 Message-Id: <20210517032810.129949-9-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, kbuild test robot , npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" From: Christophe Leroy In addition to the set_memory_xx() functions which allows to change the memory attributes of not (yet) used memory regions, implement a set_memory_attr() function to: - set the final memory protection after init on currently used kernel regions. - enable/disable kernel memory regions in the scope of DEBUG_PAGEALLOC. Unlike the set_memory_xx() which can act in three step as the regions are unused, this function must modify 'on the fly' as the kernel is executing from them. At the moment only PPC32 will use it and changing page attributes on the fly is not an issue. Signed-off-by: Christophe Leroy Reported-by: kbuild test robot [ruscur: cast "data" to unsigned long instead of int] Signed-off-by: Russell Currey Signed-off-by: Jordan Niethe --- arch/powerpc/include/asm/set_memory.h | 2 ++ arch/powerpc/mm/pageattr.c | 33 +++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h index 64011ea444b4..b040094f7920 100644 --- a/arch/powerpc/include/asm/set_memory.h +++ b/arch/powerpc/include/asm/set_memory.h @@ -29,4 +29,6 @@ static inline int set_memory_x(unsigned long addr, int numpages) return change_memory_attr(addr, numpages, SET_MEMORY_X); } +int set_memory_attr(unsigned long addr, int numpages, pgprot_t prot); + #endif diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c index 5e5ae50a7f23..0876216ceee6 100644 --- a/arch/powerpc/mm/pageattr.c +++ b/arch/powerpc/mm/pageattr.c @@ -99,3 +99,36 @@ int change_memory_attr(unsigned long addr, int numpages, long action) return apply_to_existing_page_range(&init_mm, start, size, change_page_attr, (void *)action); } + +/* + * Set the attributes of a page: + * + * This function is used by PPC32 at the end of init to set final kernel memory + * protection. It includes changing the maping of the page it is executing from + * and data pages it is using. + */ +static int set_page_attr(pte_t *ptep, unsigned long addr, void *data) +{ + pgprot_t prot = __pgprot((unsigned long)data); + + spin_lock(&init_mm.page_table_lock); + + set_pte_at(&init_mm, addr, ptep, pte_modify(*ptep, prot)); + flush_tlb_kernel_range(addr, addr + PAGE_SIZE); + + spin_unlock(&init_mm.page_table_lock); + + return 0; +} + +int set_memory_attr(unsigned long addr, int numpages, pgprot_t prot) +{ + unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE); + unsigned long sz = numpages * PAGE_SIZE; + + if (numpages <= 0) + return 0; + + return apply_to_existing_page_range(&init_mm, start, sz, set_page_attr, + (void *)pgprot_val(prot)); +} From patchwork Mon May 17 03:28:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Niethe X-Patchwork-Id: 1479212 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=BIXwN1SX; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fk4bF05mZz9s1l for ; Mon, 17 May 2021 13:38:01 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4Fk4bD72Mnz301q for ; Mon, 17 May 2021 13:38:00 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=BIXwN1SX; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::42c; helo=mail-pf1-x42c.google.com; envelope-from=jniethe5@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=BIXwN1SX; dkim-atps=neutral Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Fk4Vt0j11z3btS for ; Mon, 17 May 2021 13:34:13 +1000 (AEST) Received: by mail-pf1-x42c.google.com with SMTP id e19so4031038pfv.3 for ; Sun, 16 May 2021 20:34:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=s0CtcMDYsFJeK2HIudgA+Uky01mskMES4MW4Sd7s+yo=; b=BIXwN1SXExgrkQQa492Mvu8s8f8QaOghwKc7TDUtOkHBrUEGsws4M0pN2aSXKruIVI sUTOp50shND98iPxgdWPPzxi8kflp/uc25Ez3nJOpiDUc09DRB25OwILKt8572UNAfjM CMhxUdQswsAciLn9dIsw5RAjP0BSpl90Ye+GtqTKsZwpDyomguAMmMCEhRIWHcx2vQPg f/yw4H2aj7Ql/qzThPMYOLDxOiya1eOwjnhx7XPcFrGzbCcoUwAVgfsZj1K53kWzHWLv iOpyDgpDm0r5R8+qrxbxpCzSVbYNA/YYsYYWmUKSoZn2D8pvJoR1Xp1tCdqeMagiVRqu fGuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=s0CtcMDYsFJeK2HIudgA+Uky01mskMES4MW4Sd7s+yo=; b=PuBWyPJCIxx5QWu29jiBBDnV8QnfwOo4cwni/0MoMFzn9692h+VW1NHhyo+pYMiU3p NA3ORvLwF54tw/fo1++8sx1P37rop+q5KpAAVC3zujR3/uTjdP33XGBovSStFWsaGhof N+3YUZDj27dYEmABfG+NT0Ach8sUzKRd1c+ZDgm49gdfi0eQmtdKE7ln/4rF9cghS3wd KiCXj6Ra/CaZ566/jW/WMjuoZwFHhN/II65H7mb1pd41ytzqwXwMxzS0rDYEiN3WapW+ +O6Int69rQ9C1s2XB2b5m/SJkQgNwd5Q8YUKFmeiFUFhEm1yWlzyBdBYq9GBPrut3rPr RLPQ== X-Gm-Message-State: AOAM532c3AQnQD/64NL2tKxi4TFdyMiMv/UoYNtr/b4grTMWJm+hgVl4 /JJLV6BLfJPh4/KPeCy9e5uRl/vxUW0= X-Google-Smtp-Source: ABdhPJwjITjLKI9E2I2ipjGZ7Ms2j/NL+ZbFB7urWQ7tLsQCuZBHcyKc33+qtAheyz4l22TRhtEP3g== X-Received: by 2002:a62:2e04:0:b029:2db:4c99:614f with SMTP id u4-20020a622e040000b02902db4c99614fmr4792700pfu.47.1621222451357; Sun, 16 May 2021 20:34:11 -0700 (PDT) Received: from tee480.ibm.com (159-196-117-139.9fc475.syd.nbn.aussiebb.net. [159.196.117.139]) by smtp.gmail.com with ESMTPSA id s3sm9785418pgs.62.2021.05.16.20.34.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 May 2021 20:34:11 -0700 (PDT) From: Jordan Niethe To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v14 9/9] powerpc/32: use set_memory_attr() Date: Mon, 17 May 2021 13:28:10 +1000 Message-Id: <20210517032810.129949-10-jniethe5@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210517032810.129949-1-jniethe5@gmail.com> References: <20210517032810.129949-1-jniethe5@gmail.com> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, cmr@codefail.de, npiggin@gmail.com, aneesh.kumar@linux.ibm.com, naveen.n.rao@linux.ibm.com, Jordan Niethe , dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" From: Christophe Leroy Use set_memory_attr() instead of the PPC32 specific change_page_attr() change_page_attr() was checking that the address was not mapped by blocks and was handling highmem, but that's unneeded because the affected pages can't be in highmem and block mapping verification is already done by the callers. Signed-off-by: Christophe Leroy [ruscur: rebase on powerpc/merge with Christophe's new patches] Signed-off-by: Russell Currey Signed-off-by: Jordan Niethe --- arch/powerpc/mm/pgtable_32.c | 60 ++++++------------------------------ 1 file changed, 10 insertions(+), 50 deletions(-) diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c index e0ec67a16887..dcf5ecca19d9 100644 --- a/arch/powerpc/mm/pgtable_32.c +++ b/arch/powerpc/mm/pgtable_32.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -132,64 +133,20 @@ void __init mapin_ram(void) } } -static int __change_page_attr_noflush(struct page *page, pgprot_t prot) -{ - pte_t *kpte; - unsigned long address; - - BUG_ON(PageHighMem(page)); - address = (unsigned long)page_address(page); - - if (v_block_mapped(address)) - return 0; - kpte = virt_to_kpte(address); - if (!kpte) - return -EINVAL; - __set_pte_at(&init_mm, address, kpte, mk_pte(page, prot), 0); - - return 0; -} - -/* - * Change the page attributes of an page in the linear mapping. - * - * THIS DOES NOTHING WITH BAT MAPPINGS, DEBUG USE ONLY - */ -static int change_page_attr(struct page *page, int numpages, pgprot_t prot) -{ - int i, err = 0; - unsigned long flags; - struct page *start = page; - - local_irq_save(flags); - for (i = 0; i < numpages; i++, page++) { - err = __change_page_attr_noflush(page, prot); - if (err) - break; - } - wmb(); - local_irq_restore(flags); - flush_tlb_kernel_range((unsigned long)page_address(start), - (unsigned long)page_address(page)); - return err; -} - void mark_initmem_nx(void) { - struct page *page = virt_to_page(_sinittext); unsigned long numpages = PFN_UP((unsigned long)_einittext) - PFN_DOWN((unsigned long)_sinittext); if (v_block_mapped((unsigned long)_sinittext)) mmu_mark_initmem_nx(); else - change_page_attr(page, numpages, PAGE_KERNEL); + set_memory_attr((unsigned long)_sinittext, numpages, PAGE_KERNEL); } #ifdef CONFIG_STRICT_KERNEL_RWX void mark_rodata_ro(void) { - struct page *page; unsigned long numpages; if (v_block_mapped((unsigned long)_stext + 1)) { @@ -198,20 +155,18 @@ void mark_rodata_ro(void) return; } - page = virt_to_page(_stext); numpages = PFN_UP((unsigned long)_etext) - PFN_DOWN((unsigned long)_stext); - change_page_attr(page, numpages, PAGE_KERNEL_ROX); + set_memory_attr((unsigned long)_stext, numpages, PAGE_KERNEL_ROX); /* * mark .rodata as read only. Use __init_begin rather than __end_rodata * to cover NOTES and EXCEPTION_TABLE. */ - page = virt_to_page(__start_rodata); numpages = PFN_UP((unsigned long)__init_begin) - PFN_DOWN((unsigned long)__start_rodata); - change_page_attr(page, numpages, PAGE_KERNEL_RO); + set_memory_attr((unsigned long)__start_rodata, numpages, PAGE_KERNEL_RO); // mark_initmem_nx() should have already run by now ptdump_check_wx(); @@ -221,9 +176,14 @@ void mark_rodata_ro(void) #ifdef CONFIG_DEBUG_PAGEALLOC void __kernel_map_pages(struct page *page, int numpages, int enable) { + unsigned long addr = (unsigned long)page_address(page); + if (PageHighMem(page)) return; - change_page_attr(page, numpages, enable ? PAGE_KERNEL : __pgprot(0)); + if (enable) + set_memory_attr(addr, numpages, PAGE_KERNEL); + else + set_memory_attr(addr, numpages, __pgprot(0)); } #endif /* CONFIG_DEBUG_PAGEALLOC */