Received: by 10.192.165.148 with SMTP id m20csp3496155imm; Mon, 30 Apr 2018 00:52:52 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqA0IyL4iKyrHCrKaoQwIoP4OQXzYQq10g0pG7+1zl+M1+2AfLNF/9vgbzAqLorWHA88kk5 X-Received: by 2002:a17:902:7109:: with SMTP id a9-v6mr11600293pll.271.1525074772266; Mon, 30 Apr 2018 00:52:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525074772; cv=none; d=google.com; s=arc-20160816; b=m3ffOe5AusGcS0yi8wIsSvetohvfNn6kpbdecxYj49SMAThzYnfrU7v7yO4M/Lh0lX j+bTZsXRwh6XNoJljAIglDEw/9RHC8Zbpl02w8tFUwYDiAqr89LcO7vtLQgn4XAmV/u+ 9AWK1GTOwAi45MnEmjvzeIrm1u3rPUhUHBAerL93VVvYC4UWnq4SfCW92zrACcvIvUZ1 /cZW6wlXhTxRLcTwavG2ZM3bsVeoS0rWzhNTKGfHS9lL9FG7HYp/jLP+erJ8kdYJf77Z 59zykUBqXddetC/9Ss7IR5tqx9oLsL35N/UpU1G/8TlTfb4z+B/J/fR+ygVyj54ez7tP UYag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:subject:cc:to :from:date:arc-authentication-results; bh=snqgnxblBVFOognslzuq2XnNxIqloHO0+CaxzY8zjaw=; b=R+filEPEVIVgcvlNSDEbR9HgSOhzkoUb3b2VdDXH7WILx4wuRs/z8Dm1Kv7kgPeNzs hobLOSQEsn443SXJEB8yt0f3TINC+sdUF2+t9FA/hKWn8E3ZXJlfep/1gbdPYdcHhnmM aP0tHUFhxfSAT172j1P7ejtX9O3XUdAGsB0mOZhImsPwq+YS1bWp3Bbb/McV9lqR1Y7c CC80HYalaDCbQQjl0zTrJHs6vZ7fGovP4+jbdCfuuAFOWCxrM6tfam2pUPW8JQNEjOwP N42b/IJuDG9U30GteY+NBAs/8pYcZkCQ0cCXQ3A4sJbKXYmxIowxOt16AahHVhFn2VFQ WoaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g11si7087075pfk.187.2018.04.30.00.52.38; Mon, 30 Apr 2018 00:52:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752373AbeD3HvU (ORCPT + 99 others); Mon, 30 Apr 2018 03:51:20 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:51382 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752134AbeD3HvS (ORCPT ); Mon, 30 Apr 2018 03:51:18 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w3U7i31P120316 for ; Mon, 30 Apr 2018 03:51:18 -0400 Received: from e06smtp12.uk.ibm.com (e06smtp12.uk.ibm.com [195.75.94.108]) by mx0b-001b2d01.pphosted.com with ESMTP id 2hntwd8e48-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 30 Apr 2018 03:51:17 -0400 Received: from localhost by e06smtp12.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 30 Apr 2018 08:51:16 +0100 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp12.uk.ibm.com (192.168.101.142) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Mon, 30 Apr 2018 08:51:11 +0100 Received: from d06av26.portsmouth.uk.ibm.com (d06av26.portsmouth.uk.ibm.com [9.149.105.62]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w3U7pBD42425136; Mon, 30 Apr 2018 07:51:11 GMT Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3B312AE051; Mon, 30 Apr 2018 08:40:48 +0100 (BST) Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 08DD2AE04D; Mon, 30 Apr 2018 08:40:46 +0100 (BST) Received: from ram.oc3035372033.ibm.com (unknown [9.80.213.204]) by d06av26.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Mon, 30 Apr 2018 08:40:45 +0100 (BST) Date: Mon, 30 Apr 2018 00:51:06 -0700 From: Ram Pai To: Dave Hansen Cc: Dave Hansen , linux-kernel@vger.kernel.org, linux-mm@kvack.org, shakeelb@google.com, stable@kernel.org, tglx@linutronix.de, mpe@ellerman.id.au, mingo@kernel.org, akpm@linux-foundation.org, shuah@kernel.org Subject: Re: [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC Reply-To: Ram Pai References: <20180326172721.D5B2CBB4@viggo.jf.intel.com> <20180326172727.025EBF16@viggo.jf.intel.com> <20180407000943.GA15890@ram.oc3035372033.ibm.com> <6e3f8e1c-afed-64de-9815-8478e18532aa@intel.com> <20180407010919.GB15890@ram.oc3035372033.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-12-10) X-TM-AS-GCONF: 00 x-cbid: 18043007-0008-0000-0000-000004F15983 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18043007-0009-0000-0000-00001E856F78 Message-Id: <20180430075106.GA5666@ram.oc3035372033.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-04-30_03:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1804300077 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 26, 2018 at 10:57:31AM -0700, Dave Hansen wrote: > On 04/06/2018 06:09 PM, Ram Pai wrote: > > Well :). my point is add this code and delete the other > > code that you add later in that function. > > I don't think I'm understanding what your suggestion was. I looked at > the code and I honestly do not think I can remove any of it. > > For the plain (non-explicit pkey_mprotect()) case, there are exactly > four paths through __arch_override_mprotect_pkey(), resulting in three > different results. > > 1. New prot==PROT_EXEC, no pkey-exec support -> do not override > 2. New prot!=PROT_EXEC, old VMA not PROT_EXEC-> do not override > 3. New prot==PROT_EXEC, w/ pkey-exec support -> override to exec pkey > 4. New prot!=PROT_EXEC, old VMA is PROT_EXEC -> override to default > > I don't see any redundancy there, or any code that we can eliminate or > simplify. It was simpler before, but that's what where bug was. Your code is fine. But than the following code accomplishes the same outcome; arguably with a one line change. Its not a big deal. Just trying to clarify my comment. int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, int pkey) { /* * Is this an mprotect_pkey() call? If so, never * override the value that came from the user. */ if (pkey != -1) return pkey; /* * Look for a protection-key-drive execute-only mapping * which is now being given permissions that are not * execute-only. Move it back to the default pkey. */ if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC)) <-------- return ARCH_DEFAULT_PKEY; /* * The mapping is execute-only. Go try to get the * execute-only protection key. If we fail to do that, * fall through as if we do not have execute-only * support. */ if (prot == PROT_EXEC) { pkey = execute_only_pkey(vma->vm_mm); if (pkey > 0) return pkey; } /* * This is a vanilla, non-pkey mprotect (or we failed to * setup execute-only), inherit the pkey from the VMA we * are working on. */ return vma_pkey(vma); } -- Ram Pai