Received: by 10.223.176.46 with SMTP id f43csp310010wra; Thu, 18 Jan 2018 17:58:27 -0800 (PST) X-Google-Smtp-Source: ACJfBov1R4oJb5zFYxCrX3pXQbJ3t/zvSSjguWK1OL46MGfibnFBcgZIgLEjZi+ri/gSM7PoezX8 X-Received: by 10.99.114.81 with SMTP id c17mr28191435pgn.173.1516327107593; Thu, 18 Jan 2018 17:58:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516327107; cv=none; d=google.com; s=arc-20160816; b=LuhyDGQVYTo/O3qVUUDtyvquC0v3/BjulbQB46c8vJImg6fkcdZ3dBPEe5av8JkR2y 7dd0BZTtyUH22+3y81nDndhZsGd9n1wia+Dp9iaEhtUu1uD81cfhv1AJmDg38+dGrom3 m4wYP1AhpPPE2A0sApFP87Uvv4XgfGMxns3yOFsThOsjsPEBPJ2iS9532krdg9ToD7di 3xP+wIjSOYwTDjc3kUkaeuc5gsyBBb/dcQ4LtU5e1bcvUnT8DCYE4V/TqA+SyZEBL4pq harEZhl2aR58vGil27M5MFh8FkZRxd1D0xbE/8M/lI2YSLppf+uH/VekSFvASe7+DU71 q+wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=; b=im9P1AUV+fPLmWCcDHN7NxHl+GotYOB2fC1MzDMf/gBy0KPeuG3yOA6acqvdRcXLOL DVKQKQOCMLhi5bdpD1i4+xotb4iH4TPiPW7Y/g81jF28onygSQyJBufF1WM3QZnkN833 LWAB/d7aBa/yDQkk4XJd7JSuw+4LTzJ+7yoOAAGa7TYlFsKEla3Hb5uCwmibscv6rGC7 3UembUBa3GTdwIkrb3n5OOOU+ARbSh8Hp3QfoUplnYU5bQVIYP0Yn10zLG4KnES89RKV C1XxWVBCq7DhHJzxKsOnG1bTkU7OlgoHtEvb0+w85SB8O9wzLWxgTu0LwctUFX9g1ZBc ImLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=tu7xyq8H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h6si7110344pgc.820.2018.01.18.17.58.13; Thu, 18 Jan 2018 17:58:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=tu7xyq8H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755899AbeASB5m (ORCPT + 99 others); Thu, 18 Jan 2018 20:57:42 -0500 Received: from mail-qt0-f193.google.com ([209.85.216.193]:39339 "EHLO mail-qt0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755633AbeASBwX (ORCPT ); Thu, 18 Jan 2018 20:52:23 -0500 Received: by mail-qt0-f193.google.com with SMTP id f4so440392qtj.6; Thu, 18 Jan 2018 17:52:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=; b=tu7xyq8HRxqvuG/ZVvL1GnlVF1rTxNJFqZoA2pVUPrgBICQKQXJJtqwHs+bS1AetvZ 1cTY2OGFtueefDzHaNhXTGlfI1xGPgO3rIQqtSY/872rLmmpZ6jrr3OF16sMTPM9RxKk FbqXsuf1UDTDMRmn4ZywNasrhH1lDZGrs7ZUK8I+KAepFiaNFZz2czBWfUnCr11MlLIv 3y1BxraFiDg6ql02ISHw/QOyJCDDudk38WDJlDXR5RxtjsiH3TN+7xbJQ1vxqAxmvpwb O/551mApSvMNVslybtI+leJId4zWjNhlZLIpfUTjysCqHN77pswcKhxOPKRHraaGXBGQ 7j9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=9FSy7KHHV+CIRMjLDQESo7oXNeuYq6WDc8MPODLawVk=; b=oYyGWXVgmuSYr8YHDBb+FBjuTM9P2jtksyxTiLWVRCogvs0A9Zr4LRo/cNjotHMuF+ eKUooRx3zBoYXr0aMuE97HtJB7PzAzvQzWWAH0kbbgdxEN067C/BUfwqb1n7b36DhOJM BjTJDDxtlnPe+k9ImiQKRF36XQQgm0UIauMEQXQFGlhoNtN4DZX1cnBgwWGdwuIWyneF 7/iWhaBypBf2HbOQDQhqIJPpr5HnJgBrinTrTM0s8glf4A8yU27Yg3X7bYsgkIFYawHL AD6wbZFUoCyq3+W2Mgq6JThZ/OI56SPktp75E5QOZkrKvfwKyEvlVjq2OQ/zAkdubfHJ tHFA== X-Gm-Message-State: AKwxytdnhj6j2eIZcHxAr9N3K7b2fwljKP8VkRaOkXYSz31Ludp491W6 B2OU1NFZe0xgJmC6Xg+1bo8= X-Received: by 10.200.3.205 with SMTP id z13mr29312782qtg.119.1516326741280; Thu, 18 Jan 2018 17:52:21 -0800 (PST) Received: from localhost.localdomain (50-39-100-161.bvtn.or.frontiernet.net. [50.39.100.161]) by smtp.gmail.com with ESMTPSA id c127sm5483161qke.78.2018.01.18.17.52.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Jan 2018 17:52:20 -0800 (PST) From: Ram Pai To: mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org, corbet@lwn.net, arnd@arndb.de Cc: linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org, khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com, bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org, bauerman@linux.vnet.ibm.com, ebiederm@xmission.com, linuxram@us.ibm.com Subject: [PATCH v10 13/27] powerpc: implementation for arch_override_mprotect_pkey() Date: Thu, 18 Jan 2018 17:50:34 -0800 Message-Id: <1516326648-22775-14-git-send-email-linuxram@us.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com> References: <1516326648-22775-1-git-send-email-linuxram@us.ibm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org arch independent code calls arch_override_mprotect_pkey() to return a pkey that best matches the requested protection. This patch provides the implementation. Signed-off-by: Ram Pai --- arch/powerpc/include/asm/mmu_context.h | 5 ++++ arch/powerpc/include/asm/pkeys.h | 21 +++++++++++++++++- arch/powerpc/mm/pkeys.c | 36 ++++++++++++++++++++++++++++++++ 3 files changed, 61 insertions(+), 1 deletions(-) diff --git a/arch/powerpc/include/asm/mmu_context.h b/arch/powerpc/include/asm/mmu_context.h index 4d69223..3ba571d 100644 --- a/arch/powerpc/include/asm/mmu_context.h +++ b/arch/powerpc/include/asm/mmu_context.h @@ -198,6 +198,11 @@ static inline bool arch_vma_access_permitted(struct vm_area_struct *vma, #define thread_pkey_regs_save(thread) #define thread_pkey_regs_restore(new_thread, old_thread) #define thread_pkey_regs_init(thread) + +static inline int vma_pkey(struct vm_area_struct *vma) +{ + return 0; +} #endif /* CONFIG_PPC_MEM_KEYS */ #endif /* __KERNEL__ */ diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h index c7cc433..0a643b8 100644 --- a/arch/powerpc/include/asm/pkeys.h +++ b/arch/powerpc/include/asm/pkeys.h @@ -52,6 +52,13 @@ static inline u64 pkey_to_vmflag_bits(u16 pkey) return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS); } +static inline int vma_pkey(struct vm_area_struct *vma) +{ + if (static_branch_likely(&pkey_disabled)) + return 0; + return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT; +} + #define arch_max_pkey() pkeys_total #define pkey_alloc_mask(pkey) (0x1 << pkey) @@ -148,10 +155,22 @@ static inline int execute_only_pkey(struct mm_struct *mm) return __execute_only_pkey(mm); } +extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma, + int prot, int pkey); static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, int pkey) { - return 0; + if (static_branch_likely(&pkey_disabled)) + return 0; + + /* + * Is this an mprotect_pkey() call? If so, never override the value that + * came from the user. + */ + if (pkey != -1) + return pkey; + + return __arch_override_mprotect_pkey(vma, prot, pkey); } extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey, diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index ee31ab5..7630c2f 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -326,3 +326,39 @@ int __execute_only_pkey(struct mm_struct *mm) mm->context.execute_only_pkey = execute_only_pkey; return execute_only_pkey; } + +static inline bool vma_is_pkey_exec_only(struct vm_area_struct *vma) +{ + /* Do this check first since the vm_flags should be hot */ + if ((vma->vm_flags & (VM_READ | VM_WRITE | VM_EXEC)) != VM_EXEC) + return false; + + return (vma_pkey(vma) == vma->vm_mm->context.execute_only_pkey); +} + +/* + * This should only be called for *plain* mprotect calls. + */ +int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, + int pkey) +{ + /* + * If the currently associated pkey is execute-only, but the requested + * protection requires read or write, move it back to the default pkey. + */ + if (vma_is_pkey_exec_only(vma) && (prot & (PROT_READ | PROT_WRITE))) + return 0; + + /* + * The requested protection is execute-only. Hence let's use an + * execute-only pkey. + */ + if (prot == PROT_EXEC) { + pkey = execute_only_pkey(vma->vm_mm); + if (pkey > 0) + return pkey; + } + + /* Nothing to override. */ + return vma_pkey(vma); +} -- 1.7.1