Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp673788ybt;
        Mon, 6 Jul 2020 20:07:42 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzFJ/e6Y+QPAwcY8jpN5SSKp7g5RySJEsqY2pTG8Cc09SEsxHqLHmu9dqv3Z+44PkhkZGIG
X-Received: by 2002:a17:906:57da:: with SMTP id u26mr47078111ejr.157.1594091262099;
        Mon, 06 Jul 2020 20:07:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1594091262; cv=none;
        d=google.com; s=arc-20160816;
        b=kWfBuHMed2pgBZlNQuGIlM6A92Q4Xsxb26vDQ+HcojADr5tBVsbhYBpoks+Wjyqqx+
         10Rc3ZgHVVuR3Z8qHrrz+G0oIhCUihHXuh/2tcll9oXET6a9qS/wimjOkmKyXVBTLV4q
         iA8fWNTZqpBTqNJQ8xjSk0MOzmcVX1238bGksFuvjpoVqHNw426eoUyibD393rzOnQPi
         vBbNJKTt9CMVor7oqtHctiKIVKJ1iYOmT1aKcAgiAEV1Kw1SbjacToupZmm1dq1IZgoU
         IgAcWFXT0DcKRIfTwgI63ZyvBjfnmmzO5qmIdU8480PwJEUsqADJWAGYJptMAYvPNV2m
         U8mQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :ironport-sdr:ironport-sdr;
        bh=uUzhNx5dRPDfl9Tcb2IIwYhCe8HiuH+EwRSHwsveclg=;
        b=wW+rAthF+EMZhQ7wQvxMqY45AgXj6pmdJaBttCM7pi0fAzh6dKD3A5LMUsak/GnSQ+
         Lw1YDE8uVMDTw88UIPsge48fCb62gvUKDEMCGsnVMcxxDoiHF9SwIrrAtQBCT/BjxqeC
         iIQ9JBnXMPD4EBRKHbdjc5jc6NSkP+nc1y92lVeofhEFSNvA2roxgrbKvFWZHMW3cUmk
         RrsYYylXmR6hq6SqLGdh3cimFctHXxw9ZmWc9TMmR1zzFIC/opWGSLuGbjnEbCXICHH2
         sMmQ/LC9wh0g8LV5IWWpQx1xtlYrcm8GwHC2a06Y/fmahGnt0KK36IA5RR1bu5LwBn1a
         /evw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id u7si13720387ejn.161.2020.07.06.20.07.18;
        Mon, 06 Jul 2020 20:07:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728191AbgGGDEJ (ORCPT <rfc822;chenhe.dev@gmail.com>
        + 99 others); Mon, 6 Jul 2020 23:04:09 -0400
Received: from mga01.intel.com ([192.55.52.88]:31060 "EHLO mga01.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726961AbgGGDEJ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 6 Jul 2020 23:04:09 -0400
IronPort-SDR: 6L8KH1UkQ1aA1ULBmsYPYJTTNWHqZXHMN+turQbv0LYt23owDIIFbUrsJZQJuQlyv4uoQ/XPEz
 MOpLhZQomPZg==
X-IronPort-AV: E=McAfee;i="6000,8403,9674"; a="165604497"
X-IronPort-AV: E=Sophos;i="5.75,321,1589266800"; 
   d="scan'208";a="165604497"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2020 20:04:09 -0700
IronPort-SDR: sXpsBG7BvDvHFtYYp4eAWB3px0aBqlh0kR6o9U/nj0eyIRXJbD9BRJfLTh46JoaNuPRfkfIGcW
 SqO8x1ZhPc8w==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.75,321,1589266800"; 
   d="scan'208";a="388368483"
Received: from apiccion-mobl1.ger.corp.intel.com (HELO localhost) ([10.249.45.178])
  by fmsmga001.fm.intel.com with ESMTP; 06 Jul 2020 20:04:00 -0700
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     x86@kernel.org, linux-sgx@vger.kernel.org
Cc:     linux-kernel@vger.kernel.org,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jethro Beekman <jethro@fortanix.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de,
        cedric.xing@intel.com, chenalexchen@google.com,
        conradparker@google.com, cyhanish@google.com,
        dave.hansen@intel.com, haitao.huang@intel.com,
        josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com,
        kmoy@google.com, ludloff@google.com, luto@kernel.org,
        nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com,
        rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com
Subject: [PATCH v34 10/24] mm: Add vm_ops->mprotect()
Date:   Tue,  7 Jul 2020 06:01:50 +0300
Message-Id: <20200707030204.126021-11-jarkko.sakkinen@linux.intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20200707030204.126021-1-jarkko.sakkinen@linux.intel.com>
References: <20200707030204.126021-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Sean Christopherson <sean.j.christopherson@intel.com>

Add vm_ops()->mprotect() for additional constraints for a VMA.

Intel Software Guard eXtensions (SGX) will use this callback to add two
constraints:

1. Verify that the address range does not have holes: each page address
   must be filled with an enclave page.
2. Verify that VMA permissions won't surpass the permissions of any enclave
   page within the address range. Enclave cryptographically sealed
   permissions for each page address that set the upper limit for possible
   VMA permissions. Not respecting this can cause #GP's to be emitted.

Cc: linux-mm@kvack.org
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Matthew Wilcox <willy@infradead.org>
Acked-by: Jethro Beekman <jethro@fortanix.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 include/linux/mm.h |  2 ++
 mm/mprotect.c      | 13 ++++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/include/linux/mm.h b/include/linux/mm.h
index dc7b87310c10..fc0e3ef28873 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -542,6 +542,8 @@ struct vm_operations_struct {
 	void (*close)(struct vm_area_struct * area);
 	int (*split)(struct vm_area_struct * area, unsigned long addr);
 	int (*mremap)(struct vm_area_struct * area);
+	int (*mprotect)(struct vm_area_struct *vma, unsigned long start,
+			unsigned long end, unsigned long prot);
 	vm_fault_t (*fault)(struct vm_fault *vmf);
 	vm_fault_t (*huge_fault)(struct vm_fault *vmf,
 			enum page_entry_size pe_size);
diff --git a/mm/mprotect.c b/mm/mprotect.c
index ce8b8a5eacbb..e23dfd8d18bc 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -603,13 +603,20 @@ static int do_mprotect_pkey(unsigned long start, size_t len,
 			goto out;
 		}
 
+		tmp = vma->vm_end;
+		if (tmp > end)
+			tmp = end;
+
 		error = security_file_mprotect(vma, reqprot, prot);
 		if (error)
 			goto out;
 
-		tmp = vma->vm_end;
-		if (tmp > end)
-			tmp = end;
+		if (vma->vm_ops && vma->vm_ops->mprotect) {
+			error = vma->vm_ops->mprotect(vma, nstart, tmp, prot);
+			if (error)
+				goto out;
+		}
+
 		error = mprotect_fixup(vma, &prev, nstart, tmp, newflags);
 		if (error)
 			goto out;
-- 
2.25.1