Received: by 10.192.165.148 with SMTP id m20csp3981561imm; Mon, 30 Apr 2018 09:37:18 -0700 (PDT) X-Google-Smtp-Source: AB8JxZq1qnpjFm5UHl4r2e7ZM4BegBbhH4eh/q2PNAaQRoNi2bQUERiH6xlRQVFiShaHN+dQ+alF X-Received: by 2002:a17:902:40d:: with SMTP id 13-v6mr13084621ple.117.1525106238605; Mon, 30 Apr 2018 09:37:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525106238; cv=none; d=google.com; s=arc-20160816; b=NvkdI5LMbCeGKnhJ/RYAjk/1T6P5oaPkXo/fDqJetsDh5qWWXsUGnUWuomRYeMthMX IWM9qfwzWhphUsECBSKo8/lbThX+3YYHefXWABW49p0A90frGDyEaJcgIZO6gzuv2pZW OEzn04DlaAQyfoSNOnod41keJuTGf/y7mhHMp45/3XDA206AGGkqWo6Cy9cX7laBwgYj 7b7WZvTMh9G7n2BhPs+XuH9ZIBXvqscuCTncvcMr9n0xKufDNbsE2q9TffGsuiVKF0Pn LXC54slf2avbibT6pTXSV0gWRb35LFqfhgKJ2tHmK2qbz4rSnfjacow3uPfryBO21UTC 7cxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:openpgp:from:cc:references:to:subject :arc-authentication-results; bh=m76kk2L1WRSu9nQ3I57D/+xfQGZZtIo6TtXPS+e/eeU=; b=upWkE8XDXeaMOBsog0z8n+GJqUTe2iHEQPs/r3NyvoqgAJyQHlG1jToww+//Lkc0zZ ZN8YA/YWUXD+GNXbKjtrQoNB5UmAUbP95rfhvLDc4veUmC0g2nwqApbyOhAexRkHoFWo v8VWrizynN9B+w08s3Llv08NPXxV0cp7JiIeQ5UPErQ2L1/Tk/s0gTHrrKjJm61INSwj CQI55fqNXlasnV/JxLXBupt7btaPRdfhp+1RBHmiyCq1gENjEwCTUucS8jKC31RVXeLG kheEWy5/YtthElOth+7ewB57rEEUgwbrdKsHwngW6Z85Mki+1UUVqevUKyGvmJW3Gl8f 3T4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t2-v6si7770663plz.27.2018.04.30.09.37.04; Mon, 30 Apr 2018 09:37:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754982AbeD3Qgs (ORCPT + 99 others); Mon, 30 Apr 2018 12:36:48 -0400 Received: from mga18.intel.com ([134.134.136.126]:3485 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754961AbeD3Qgq (ORCPT ); Mon, 30 Apr 2018 12:36:46 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 30 Apr 2018 09:36:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,346,1520924400"; d="scan'208";a="47199464" Received: from ray.jf.intel.com (HELO [10.7.201.133]) ([10.7.201.133]) by orsmga003.jf.intel.com with ESMTP; 30 Apr 2018 09:36:45 -0700 Subject: Re: [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC To: Ram Pai References: <20180326172721.D5B2CBB4@viggo.jf.intel.com> <20180326172727.025EBF16@viggo.jf.intel.com> <20180407000943.GA15890@ram.oc3035372033.ibm.com> <6e3f8e1c-afed-64de-9815-8478e18532aa@intel.com> <20180407010919.GB15890@ram.oc3035372033.ibm.com> <20180430075106.GA5666@ram.oc3035372033.ibm.com> Cc: Dave Hansen , linux-kernel@vger.kernel.org, linux-mm@kvack.org, shakeelb@google.com, stable@kernel.org, tglx@linutronix.de, mpe@ellerman.id.au, mingo@kernel.org, akpm@linux-foundation.org, shuah@kernel.org From: Dave Hansen Openpgp: preference=signencrypt Message-ID: <54b94b65-807d-ebc5-ccfd-30eef1873faf@intel.com> Date: Mon, 30 Apr 2018 09:36:44 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <20180430075106.GA5666@ram.oc3035372033.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/30/2018 12:51 AM, Ram Pai wrote: > /* > * Look for a protection-key-drive execute-only mapping > * which is now being given permissions that are not > * execute-only. Move it back to the default pkey. > */ > if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC)) <-------- > return ARCH_DEFAULT_PKEY; > > /* > * The mapping is execute-only. Go try to get the > * execute-only protection key. If we fail to do that, > * fall through as if we do not have execute-only > * support. > */ > if (prot == PROT_EXEC) { > pkey = execute_only_pkey(vma->vm_mm); > if (pkey > 0) > return pkey; > } Yes, that would also work. It's just a matter of whether you prefer having the prot==PROT_EXEC checks in one place or two. I'd rather leave it the way I've got it unless there are major objections since it's been tested.