Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp123778imm; Tue, 19 Jun 2018 17:24:53 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIJ4CNAQo4eysxK9sXqfCDbHnnDPgR55zbKVkJxSyl4xLVP/J1BgexUT6gKG7Ob+7RVWo/w X-Received: by 2002:a62:3e11:: with SMTP id l17-v6mr876486pfa.18.1529454293913; Tue, 19 Jun 2018 17:24:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529454293; cv=none; d=google.com; s=arc-20160816; b=et+rFdbccZMDHPb65QJb2FRr/fPJxmABMn9eO5n4YUlebEEMjg9iCLp3jUJlq1sSAz 6iC1faVnh9xtQzZpDJTatrYZ7+VH7Iz2y15rISXL+MH0uUzGnHqiNtcXBcYfBFXceuA2 aeVh2xYqG7unornuw+kg/m0p45mDUPNp3QByV+LoT7K7H6U+qI7+DREYU8RP1N39Joxb qUqY8bKMiVqwSvRqNbCwmCmJlG6qWSL9TTc7yQnq8sOQsrin8j0MZ14cfCiDWtaWF1yE 5Ygw9eTMQPixCG+/qAi0nNwBZJOr9fcMlafCo4l4/k06u+KXLVp9pTRlyXFpDJJT1ZLE q3lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:mime-version:robot-unsubscribe:robot-id :git-commit-id:subject:to:references:in-reply-to:reply-to:cc :message-id:from:date:arc-authentication-results; bh=QKNG0ZQAtLSg+B5fCqxY/UckHt0Mc/80y5lG/v4V0dQ=; b=uvs6TVz3HQkkl9qTxKESphSgwcSjyXgpAUG+fIxV1nwZ+OujTo4LXMz+SshVqF2a86 M6Zns2go/51aW+ZpbR3L9nQ11ud/CLej/K/+JzhWetI7z+vglLMzfn64kJSYHrfQz0U3 AbpoQ1GW/u3gJDkER6VNOaguUntCnPyjOvsJzxdeyyR+ohQunI9ksJ8qbJdBJRotbAhR /EA4SG2yGPkOzGTDqEOFYpySc139kcut5vQNSxVA+eXsN2bIDXQRCbVqWqcObCDdaM9O Bl0EUJPvkuMfKXkukha9NSg+S3dLkQluiBqOjT6cWycbGMDHGSpNo+xhHql6XfGJEl2q 4w0A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k91-v6si935414pld.248.2018.06.19.17.24.39; Tue, 19 Jun 2018 17:24:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753862AbeFTAX5 (ORCPT + 99 others); Tue, 19 Jun 2018 20:23:57 -0400 Received: from terminus.zytor.com ([198.137.202.136]:53111 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752827AbeFTAX4 (ORCPT ); Tue, 19 Jun 2018 20:23:56 -0400 Received: from terminus.zytor.com (localhost [127.0.0.1]) by terminus.zytor.com (8.15.2/8.15.2) with ESMTPS id w5K0NpSO3297733 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 19 Jun 2018 17:23:51 -0700 Received: (from tipbot@localhost) by terminus.zytor.com (8.15.2/8.15.2/Submit) id w5K0Np7a3297730; Tue, 19 Jun 2018 17:23:51 -0700 Date: Tue, 19 Jun 2018 17:23:51 -0700 X-Authentication-Warning: terminus.zytor.com: tipbot set sender to tipbot@zytor.com using -f From: tip-bot for Reinette Chatre Message-ID: Cc: reinette.chatre@intel.com, mingo@kernel.org, linux-kernel@vger.kernel.org, tglx@linutronix.de, hpa@zytor.com Reply-To: linux-kernel@vger.kernel.org, mingo@kernel.org, reinette.chatre@intel.com, hpa@zytor.com, tglx@linutronix.de In-Reply-To: <398e0fc7313bee62db55215fe9fd87df67f1b366.1527593971.git.reinette.chatre@intel.com> References: <398e0fc7313bee62db55215fe9fd87df67f1b366.1527593971.git.reinette.chatre@intel.com> To: linux-tip-commits@vger.kernel.org Subject: [tip:x86/cache] x86/intel_rdt: Utilities to restrict/restore access to specific files Git-Commit-ID: 59abca1db18cef53bc0cfad1f538b3c9a0495bc6 X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, T_DATE_IN_FUTURE_96_Q autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on terminus.zytor.com Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit-ID: 59abca1db18cef53bc0cfad1f538b3c9a0495bc6 Gitweb: https://git.kernel.org/tip/59abca1db18cef53bc0cfad1f538b3c9a0495bc6 Author: Reinette Chatre AuthorDate: Tue, 29 May 2018 05:57:46 -0700 Committer: Thomas Gleixner CommitDate: Wed, 20 Jun 2018 00:56:34 +0200 x86/intel_rdt: Utilities to restrict/restore access to specific files In support of Cache Pseudo-Locking we need to restrict access to specific resctrl files to protect the state of a resource group used for pseudo-locking from being changed in unsupported ways. Introduce two utilities that can be used to either restrict or restore the access to all files irrelevant to cache pseudo-locking when pseudo-locking in progress for the resource group. At this time introduce a new source file, intel_rdt_pseudo_lock.c, that will contain most of the code related to cache pseudo-locking. Temporarily mark these new functions as unused to silence compile warnings until they are used. Signed-off-by: Reinette Chatre Signed-off-by: Thomas Gleixner Cc: fenghua.yu@intel.com Cc: tony.luck@intel.com Cc: vikas.shivappa@linux.intel.com Cc: gavin.hindman@intel.com Cc: jithu.joseph@intel.com Cc: dave.hansen@intel.com Cc: hpa@zytor.com Link: https://lkml.kernel.org/r/398e0fc7313bee62db55215fe9fd87df67f1b366.1527593971.git.reinette.chatre@intel.com --- arch/x86/kernel/cpu/Makefile | 3 +- arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c | 113 ++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile index 7a40196967cb..c4e02555563a 100644 --- a/arch/x86/kernel/cpu/Makefile +++ b/arch/x86/kernel/cpu/Makefile @@ -35,7 +35,8 @@ obj-$(CONFIG_CPU_SUP_CENTAUR) += centaur.o obj-$(CONFIG_CPU_SUP_TRANSMETA_32) += transmeta.o obj-$(CONFIG_CPU_SUP_UMC_32) += umc.o -obj-$(CONFIG_INTEL_RDT) += intel_rdt.o intel_rdt_rdtgroup.o intel_rdt_monitor.o intel_rdt_ctrlmondata.o +obj-$(CONFIG_INTEL_RDT) += intel_rdt.o intel_rdt_rdtgroup.o intel_rdt_monitor.o +obj-$(CONFIG_INTEL_RDT) += intel_rdt_ctrlmondata.o intel_rdt_pseudo_lock.o obj-$(CONFIG_X86_MCE) += mcheck/ obj-$(CONFIG_MTRR) += mtrr/ diff --git a/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c b/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c new file mode 100644 index 000000000000..dc79b3090ac5 --- /dev/null +++ b/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c @@ -0,0 +1,113 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Resource Director Technology (RDT) + * + * Pseudo-locking support built on top of Cache Allocation Technology (CAT) + * + * Copyright (C) 2018 Intel Corporation + * + * Author: Reinette Chatre + */ + +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + +#include "intel_rdt.h" + +/** + * rdtgroup_locksetup_user_restrict - Restrict user access to group + * @rdtgrp: resource group needing access restricted + * + * A resource group used for cache pseudo-locking cannot have cpus or tasks + * assigned to it. This is communicated to the user by restricting access + * to all the files that can be used to make such changes. + * + * Permissions restored with rdtgroup_locksetup_user_restore() + * + * Return: 0 on success, <0 on failure. If a failure occurs during the + * restriction of access an attempt will be made to restore permissions but + * the state of the mode of these files will be uncertain when a failure + * occurs. + */ +static int __attribute__ ((unused)) +rdtgroup_locksetup_user_restrict(struct rdtgroup *rdtgrp) +{ + int ret; + + ret = rdtgroup_kn_mode_restrict(rdtgrp, "tasks"); + if (ret) + return ret; + + ret = rdtgroup_kn_mode_restrict(rdtgrp, "cpus"); + if (ret) + goto err_tasks; + + ret = rdtgroup_kn_mode_restrict(rdtgrp, "cpus_list"); + if (ret) + goto err_cpus; + + if (rdt_mon_capable) { + ret = rdtgroup_kn_mode_restrict(rdtgrp, "mon_groups"); + if (ret) + goto err_cpus_list; + } + + ret = 0; + goto out; + +err_cpus_list: + rdtgroup_kn_mode_restore(rdtgrp, "cpus_list"); +err_cpus: + rdtgroup_kn_mode_restore(rdtgrp, "cpus"); +err_tasks: + rdtgroup_kn_mode_restore(rdtgrp, "tasks"); +out: + return ret; +} + +/** + * rdtgroup_locksetup_user_restore - Restore user access to group + * @rdtgrp: resource group needing access restored + * + * Restore all file access previously removed using + * rdtgroup_locksetup_user_restrict() + * + * Return: 0 on success, <0 on failure. If a failure occurs during the + * restoration of access an attempt will be made to restrict permissions + * again but the state of the mode of these files will be uncertain when + * a failure occurs. + */ +static int __attribute__ ((unused)) +rdtgroup_locksetup_user_restore(struct rdtgroup *rdtgrp) +{ + int ret; + + ret = rdtgroup_kn_mode_restore(rdtgrp, "tasks"); + if (ret) + return ret; + + ret = rdtgroup_kn_mode_restore(rdtgrp, "cpus"); + if (ret) + goto err_tasks; + + ret = rdtgroup_kn_mode_restore(rdtgrp, "cpus_list"); + if (ret) + goto err_cpus; + + if (rdt_mon_capable) { + ret = rdtgroup_kn_mode_restore(rdtgrp, "mon_groups"); + if (ret) + goto err_cpus_list; + } + + ret = 0; + goto out; + +err_cpus_list: + rdtgroup_kn_mode_restrict(rdtgrp, "cpus_list"); +err_cpus: + rdtgroup_kn_mode_restrict(rdtgrp, "cpus"); +err_tasks: + rdtgroup_kn_mode_restrict(rdtgrp, "tasks"); +out: + return ret; +}