Received: by 10.223.176.46 with SMTP id f43csp307583wra; Thu, 18 Jan 2018 17:55:18 -0800 (PST) X-Google-Smtp-Source: ACJfBothrGEOcaR8O/RNim1yQkXlG4wO3pxz5o3fA1UH8df8lh37TpkuhxVh/dMtuTyacP1+KcX3 X-Received: by 10.101.101.19 with SMTP id x19mr14410684pgv.347.1516326918034; Thu, 18 Jan 2018 17:55:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516326918; cv=none; d=google.com; s=arc-20160816; b=V4RErwhnRNTX/oxRcWyqD54oKivAj9sPgiBRu6sr+enc5++ukjnajoaRudNR2GR0hm GL3fTIyGkaSy8vCKYaa/WAKV4RMdRdnGyO3f4jgFAprEJNBG4emq1eO0aBtz0fSWUV4U OFtD8k6LFhDrqf0WpHaWMijlMf8sipFmdpHMFwVKD1d/N+qgMOvLmMhgVyo/G1NdysPH IYWXrHhFAZZbwQRYn68sLUWsCW63hwbVaMl+9TaDieoga1sUocbcVPSRopAQLENi3Gfz lZ3/EX2v5+pCOs4JKLIx93eSvEaXy1O1+BnhNNy+0dFFpTRQIWii3Bu16qDQ80WGhDZC Hx8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=GugUXgCgwukeNIvuZzM2lpPDWJVHJp3I9cLXgdRpwB8=; b=j2Fx8IZHWeI+A2t5a3+npJ1P+mENdqVF2adg32fDSUkXFQKVQfLvWIE12wFplmVqHa 4z+n+ImyNiE8twh+OZRvW2uvZl2LdH2cQzl+5r5byS0T/q1unAWg3v0vbUrma1ggAqdG 3rniOyFRtFKH4RWOa9jSD1DzxgwpvHiwGkhREyd5pHkZsfeReC/kSyk6fFBqkzdhtIse HJnDqsoQIdrmbnIlZv1u1EUm7Su7kJlZ0uqwCSkq/tmIo2oISFjMytgFyeg1UHHipRqT c4t8KQeM7f+XgGngEZ5c0eZEGfe0KF1ZjKtM04BCIFOcYnsXzqeWa6dYSk6gVDhVN0lI cdsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=bdoagEL1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n10-v6si400583plp.158.2018.01.18.17.55.04; Thu, 18 Jan 2018 17:55:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=bdoagEL1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932784AbeASBxa (ORCPT + 99 others); Thu, 18 Jan 2018 20:53:30 -0500 Received: from mail-qt0-f194.google.com ([209.85.216.194]:42217 "EHLO mail-qt0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755524AbeASBwG (ORCPT ); Thu, 18 Jan 2018 20:52:06 -0500 Received: by mail-qt0-f194.google.com with SMTP id c2so427322qtn.9; Thu, 18 Jan 2018 17:52:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=GugUXgCgwukeNIvuZzM2lpPDWJVHJp3I9cLXgdRpwB8=; b=bdoagEL10ALdeaBVkoi3v+WEVV/YGIjwoQatBs2MVSpMRMPZzJzt8le/PRjIbEtzNc EO2ybgd25ozXrk3B8WaaPAykDQD+2naiipqoohrJRoWOpsPtZrbMCKFGrRNwRIaChifm Kw0ihf+Ud57WgexbB4EHF4XC8kUg+Ydmy7igh6A9eKYW/M6M+3ufGvwB+GbGt21GDm3h FdeoKDywAJ9gMnQ4Jcq/k1r84/NQSO+WITqcWDp303FlKVubRy46H6J7OcvtcYZgxAlz hrcagrxF9THNMJz9zmozGpDatpAeEBMJXHDED+vpyx7171YOsbjnbKzSJ0M3tiqB1tDr JpKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=GugUXgCgwukeNIvuZzM2lpPDWJVHJp3I9cLXgdRpwB8=; b=tRXdGqHsRiI5xc2e2sWOKcbXUZYgMHb5JFe6qXN9Nxm1nWOAGvywFWZrsxugwPTw8I Gs0g5khKpdCFeA4sEB12580YTG2JZ0aOV1gMbXEjtrhXpPw56BlgEBwNTqFRLiduDETD Wu+mnp+gFCA9OJBFD9sI03S37Y9PMibn2yfS7USJJhmadBKxah+Pnpyap7lKuZtQ+w0Q ZyAQweBqF9Fex8t/XzFFbGS2p8nXD841pjYWPn96dmdMYZZVx6KunA1c2paAbxjVcgnS jCzqzcBGJDQj1nEA/XbXYdlNQFHjbTJx4akzDcV+3/eV0L5mSoCE9p4fE+LwJY44PhJQ dJBg== X-Gm-Message-State: AKwxytce/nFixVUNctABH//7xWU7wEG1o+PlrKB0lwUVo6R+htwzmARU 80ImPHj/wQsH3dmhSG1J7jI= X-Received: by 10.200.24.174 with SMTP id s43mr47917426qtj.239.1516326725661; Thu, 18 Jan 2018 17:52:05 -0800 (PST) Received: from localhost.localdomain (50-39-100-161.bvtn.or.frontiernet.net. [50.39.100.161]) by smtp.gmail.com with ESMTPSA id c127sm5483161qke.78.2018.01.18.17.52.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Jan 2018 17:52:05 -0800 (PST) From: Ram Pai To: mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org, corbet@lwn.net, arnd@arndb.de Cc: linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org, khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com, bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org, bauerman@linux.vnet.ibm.com, ebiederm@xmission.com, linuxram@us.ibm.com Subject: [PATCH v10 09/27] powerpc: ability to create execute-disabled pkeys Date: Thu, 18 Jan 2018 17:50:30 -0800 Message-Id: <1516326648-22775-10-git-send-email-linuxram@us.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com> References: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org powerpc has hardware support to disable execute on a pkey. This patch enables the ability to create execute-disabled keys. Signed-off-by: Ram Pai --- arch/powerpc/include/uapi/asm/mman.h | 6 ++++++ arch/powerpc/mm/pkeys.c | 16 ++++++++++++++++ 2 files changed, 22 insertions(+), 0 deletions(-) diff --git a/arch/powerpc/include/uapi/asm/mman.h b/arch/powerpc/include/uapi/asm/mman.h index e63bc37..65065ce 100644 --- a/arch/powerpc/include/uapi/asm/mman.h +++ b/arch/powerpc/include/uapi/asm/mman.h @@ -30,4 +30,10 @@ #define MAP_STACK 0x20000 /* give out an address that is best suited for process/thread stacks */ #define MAP_HUGETLB 0x40000 /* create a huge page mapping */ +/* Override any generic PKEY permission defines */ +#define PKEY_DISABLE_EXECUTE 0x4 +#undef PKEY_ACCESS_MASK +#define PKEY_ACCESS_MASK (PKEY_DISABLE_ACCESS |\ + PKEY_DISABLE_WRITE |\ + PKEY_DISABLE_EXECUTE) #endif /* _UAPI_ASM_POWERPC_MMAN_H */ diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index eca04cd..39e9814 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -29,6 +29,14 @@ int pkey_initialize(void) int os_reserved, i; /* + * We define PKEY_DISABLE_EXECUTE in addition to the arch-neutral + * generic defines for PKEY_DISABLE_ACCESS and PKEY_DISABLE_WRITE. + * Ensure that the bits a distinct. + */ + BUILD_BUG_ON(PKEY_DISABLE_EXECUTE & + (PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE)); + + /* * Disable the pkey system till everything is in place. A subsequent * patch will enable it. */ @@ -181,10 +189,18 @@ int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey, unsigned long init_val) { u64 new_amr_bits = 0x0ul; + u64 new_iamr_bits = 0x0ul; if (!is_pkey_enabled(pkey)) return -EINVAL; + if (init_val & PKEY_DISABLE_EXECUTE) { + if (!pkey_execute_disable_supported) + return -EINVAL; + new_iamr_bits |= IAMR_EX_BIT; + } + init_iamr(pkey, new_iamr_bits); + /* Set the bits we need in AMR: */ if (init_val & PKEY_DISABLE_ACCESS) new_amr_bits |= AMR_RD_BIT | AMR_WR_BIT; -- 1.7.1