Received: by 10.223.176.46 with SMTP id f43csp310010wra;
        Thu, 18 Jan 2018 17:58:27 -0800 (PST)
X-Google-Smtp-Source: ACJfBov1R4oJb5zFYxCrX3pXQbJ3t/zvSSjguWK1OL46MGfibnFBcgZIgLEjZi+ri/gSM7PoezX8
X-Received: by 10.99.114.81 with SMTP id c17mr28191435pgn.173.1516327107593;
        Thu, 18 Jan 2018 17:58:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516327107; cv=none;
        d=google.com; s=arc-20160816;
        b=LuhyDGQVYTo/O3qVUUDtyvquC0v3/BjulbQB46c8vJImg6fkcdZ3dBPEe5av8JkR2y
         7dd0BZTtyUH22+3y81nDndhZsGd9n1wia+Dp9iaEhtUu1uD81cfhv1AJmDg38+dGrom3
         m4wYP1AhpPPE2A0sApFP87Uvv4XgfGMxns3yOFsThOsjsPEBPJ2iS9532krdg9ToD7di
         3xP+wIjSOYwTDjc3kUkaeuc5gsyBBb/dcQ4LtU5e1bcvUnT8DCYE4V/TqA+SyZEBL4pq
         harEZhl2aR58vGil27M5MFh8FkZRxd1D0xbE/8M/lI2YSLppf+uH/VekSFvASe7+DU71
         q+wQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=;
        b=im9P1AUV+fPLmWCcDHN7NxHl+GotYOB2fC1MzDMf/gBy0KPeuG3yOA6acqvdRcXLOL
         DVKQKQOCMLhi5bdpD1i4+xotb4iH4TPiPW7Y/g81jF28onygSQyJBufF1WM3QZnkN833
         LWAB/d7aBa/yDQkk4XJd7JSuw+4LTzJ+7yoOAAGa7TYlFsKEla3Hb5uCwmibscv6rGC7
         3UembUBa3GTdwIkrb3n5OOOU+ARbSh8Hp3QfoUplnYU5bQVIYP0Yn10zLG4KnES89RKV
         C1XxWVBCq7DhHJzxKsOnG1bTkU7OlgoHtEvb0+w85SB8O9wzLWxgTu0LwctUFX9g1ZBc
         ImLA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=tu7xyq8H;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h6si7110344pgc.820.2018.01.18.17.58.13;
        Thu, 18 Jan 2018 17:58:27 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=tu7xyq8H;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755899AbeASB5m (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Thu, 18 Jan 2018 20:57:42 -0500
Received: from mail-qt0-f193.google.com ([209.85.216.193]:39339 "EHLO
        mail-qt0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755633AbeASBwX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 18 Jan 2018 20:52:23 -0500
Received: by mail-qt0-f193.google.com with SMTP id f4so440392qtj.6;
        Thu, 18 Jan 2018 17:52:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:from:to:cc:subject:date:message-id:in-reply-to:references;
        bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=;
        b=tu7xyq8HRxqvuG/ZVvL1GnlVF1rTxNJFqZoA2pVUPrgBICQKQXJJtqwHs+bS1AetvZ
         1cTY2OGFtueefDzHaNhXTGlfI1xGPgO3rIQqtSY/872rLmmpZ6jrr3OF16sMTPM9RxKk
         FbqXsuf1UDTDMRmn4ZywNasrhH1lDZGrs7ZUK8I+KAepFiaNFZz2czBWfUnCr11MlLIv
         3y1BxraFiDg6ql02ISHw/QOyJCDDudk38WDJlDXR5RxtjsiH3TN+7xbJQ1vxqAxmvpwb
         O/551mApSvMNVslybtI+leJId4zWjNhlZLIpfUTjysCqHN77pswcKhxOPKRHraaGXBGQ
         7j9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
         :in-reply-to:references;
        bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=;
        b=oYyGWXVgmuSYr8YHDBb+FBjuTM9P2jtksyxTiLWVRCogvs0A9Zr4LRo/cNjotHMuF+
         eKUooRx3zBoYXr0aMuE97HtJB7PzAzvQzWWAH0kbbgdxEN067C/BUfwqb1n7b36DhOJM
         BjTJDDxtlnPe+k9ImiQKRF36XQQgm0UIauMEQXQFGlhoNtN4DZX1cnBgwWGdwuIWyneF
         7/iWhaBypBf2HbOQDQhqIJPpr5HnJgBrinTrTM0s8glf4A8yU27Yg3X7bYsgkIFYawHL
         AD6wbZFUoCyq3+W2Mgq6JThZ/OI56SPktp75E5QOZkrKvfwKyEvlVjq2OQ/zAkdubfHJ
         tHFA==
X-Gm-Message-State: AKwxytdnhj6j2eIZcHxAr9N3K7b2fwljKP8VkRaOkXYSz31Ludp491W6
        B2OU1NFZe0xgJmC6Xg+1bo8=
X-Received: by 10.200.3.205 with SMTP id z13mr29312782qtg.119.1516326741280;
        Thu, 18 Jan 2018 17:52:21 -0800 (PST)
Received: from localhost.localdomain (50-39-100-161.bvtn.or.frontiernet.net. [50.39.100.161])
        by smtp.gmail.com with ESMTPSA id c127sm5483161qke.78.2018.01.18.17.52.18
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 18 Jan 2018 17:52:20 -0800 (PST)
From:   Ram Pai <linuxram@us.ibm.com>
To:     mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org,
        corbet@lwn.net, arnd@arndb.de
Cc:     linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org,
        linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
        linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
        dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org,
        khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com,
        bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org,
        bauerman@linux.vnet.ibm.com, ebiederm@xmission.com,
        linuxram@us.ibm.com
Subject: [PATCH v10 13/27] powerpc: implementation for arch_override_mprotect_pkey()
Date:   Thu, 18 Jan 2018 17:50:34 -0800
Message-Id: <1516326648-22775-14-git-send-email-linuxram@us.ibm.com>
X-Mailer: git-send-email 1.7.1
In-Reply-To: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com>
References: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

arch independent code calls arch_override_mprotect_pkey()
to return a pkey that best matches the requested protection.

This patch provides the implementation.

Signed-off-by: Ram Pai <linuxram@us.ibm.com>
---
 arch/powerpc/include/asm/mmu_context.h |    5 ++++
 arch/powerpc/include/asm/pkeys.h       |   21 +++++++++++++++++-
 arch/powerpc/mm/pkeys.c                |   36 ++++++++++++++++++++++++++++++++
 3 files changed, 61 insertions(+), 1 deletions(-)

diff --git a/arch/powerpc/include/asm/mmu_context.h b/arch/powerpc/include/asm/mmu_context.h
index 4d69223..3ba571d 100644
--- a/arch/powerpc/include/asm/mmu_context.h
+++ b/arch/powerpc/include/asm/mmu_context.h
@@ -198,6 +198,11 @@ static inline bool arch_vma_access_permitted(struct vm_area_struct *vma,
 #define thread_pkey_regs_save(thread)
 #define thread_pkey_regs_restore(new_thread, old_thread)
 #define thread_pkey_regs_init(thread)
+
+static inline int vma_pkey(struct vm_area_struct *vma)
+{
+	return 0;
+}
 #endif /* CONFIG_PPC_MEM_KEYS */
 
 #endif /* __KERNEL__ */
diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h
index c7cc433..0a643b8 100644
--- a/arch/powerpc/include/asm/pkeys.h
+++ b/arch/powerpc/include/asm/pkeys.h
@@ -52,6 +52,13 @@ static inline u64 pkey_to_vmflag_bits(u16 pkey)
 	return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS);
 }
 
+static inline int vma_pkey(struct vm_area_struct *vma)
+{
+	if (static_branch_likely(&pkey_disabled))
+		return 0;
+	return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT;
+}
+
 #define arch_max_pkey() pkeys_total
 
 #define pkey_alloc_mask(pkey) (0x1 << pkey)
@@ -148,10 +155,22 @@ static inline int execute_only_pkey(struct mm_struct *mm)
 	return __execute_only_pkey(mm);
 }
 
+extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma,
+					 int prot, int pkey);
 static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma,
 					      int prot, int pkey)
 {
-	return 0;
+	if (static_branch_likely(&pkey_disabled))
+		return 0;
+
+	/*
+	 * Is this an mprotect_pkey() call? If so, never override the value that
+	 * came from the user.
+	 */
+	if (pkey != -1)
+		return pkey;
+
+	return __arch_override_mprotect_pkey(vma, prot, pkey);
 }
 
 extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c
index ee31ab5..7630c2f 100644
--- a/arch/powerpc/mm/pkeys.c
+++ b/arch/powerpc/mm/pkeys.c
@@ -326,3 +326,39 @@ int __execute_only_pkey(struct mm_struct *mm)
 		mm->context.execute_only_pkey = execute_only_pkey;
 	return execute_only_pkey;
 }
+
+static inline bool vma_is_pkey_exec_only(struct vm_area_struct *vma)
+{
+	/* Do this check first since the vm_flags should be hot */
+	if ((vma->vm_flags & (VM_READ | VM_WRITE | VM_EXEC)) != VM_EXEC)
+		return false;
+
+	return (vma_pkey(vma) == vma->vm_mm->context.execute_only_pkey);
+}
+
+/*
+ * This should only be called for *plain* mprotect calls.
+ */
+int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot,
+				  int pkey)
+{
+	/*
+	 * If the currently associated pkey is execute-only, but the requested
+	 * protection requires read or write, move it back to the default pkey.
+	 */
+	if (vma_is_pkey_exec_only(vma) && (prot & (PROT_READ | PROT_WRITE)))
+		return 0;
+
+	/*
+	 * The requested protection is execute-only. Hence let's use an
+	 * execute-only pkey.
+	 */
+	if (prot == PROT_EXEC) {
+		pkey = execute_only_pkey(vma->vm_mm);
+		if (pkey > 0)
+			return pkey;
+	}
+
+	/* Nothing to override. */
+	return vma_pkey(vma);
+}
-- 
1.7.1