Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp431787pxk;
        Fri, 11 Sep 2020 10:41:40 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzdn4dBV/+SdD8Kem+2vBnF2VatjeKjW0D3l8LYzVbG4ltt2FE6OYeLE81tcio9MIQ/ebjx
X-Received: by 2002:a50:fa81:: with SMTP id w1mr3286300edr.122.1599846099858;
        Fri, 11 Sep 2020 10:41:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1599846099; cv=none;
        d=google.com; s=arc-20160816;
        b=StyZlkfVEYMkGp2wlIn0puuXw+XIovJ8V9WktolkIefgG4neSD5DPeyb94GDUzAwEv
         yGW6VeXLEOVIAHvQ1tXJAbmtygmBSjwodcnGy8boVpchEgTkEhrB+LuRuSs2eOK/dn0v
         pQjRia9RAhl+94JUsWqvQZAxYnH28AwN8IhFLTYukVRcssHbfiFRK9Abv6B7yYTenm65
         mhKwOwv0bKJrhV2GbktLchIpQmcvmHBsrYHFtp++ZMHIkD5j8RQBzpKp5X+Zf2xagvgG
         CPFuLh1qvLZR3f1w953qIxsUXq25Yi3dnEcZQ8BRj0fMZsG3V1MIyKWz+5/UXx8R6ip1
         okmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :ironport-sdr:ironport-sdr;
        bh=MfOGRytcH2FHakhj47oIMso8mjtUF700XLSJEE9DUHg=;
        b=dLOIrhoZYHiFoiZoVJhFhmY3i5R4KxBZGkZUf+JQtzVdgGUfoyOsNg9Fcd9eXXt56C
         /L7JJC4gKZFoSbv/J+hIPFIMi+/LfZMvyyLQd/gPTvLnALaCO8AgXEkHAAYCft+/Zsvd
         7Q05u0G3tWBfPD1T387nHau8ABkJWoK63O8OvVFMozwy5NdFb6kV8QS180kgyEYTF7fR
         B3H0r04JPiZZGsCdAZLq25g8DXtk6ZdOd+6w/ph3vQ/FoJhOZ+KPIoOCP56LoVkscrd5
         9VOFoz3E8+8vnz31BCB7Zzdk9JDDNy/SYow0Rj6hwKwfK4I6+ZTb09ouj15wodSDWnQi
         7m3Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m3si1760302edr.29.2020.09.11.10.41.16;
        Fri, 11 Sep 2020 10:41:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726224AbgIKRkm (ORCPT <rfc822;epontan@gmail.com> + 99 others);
        Fri, 11 Sep 2020 13:40:42 -0400
Received: from mga11.intel.com ([192.55.52.93]:41554 "EHLO mga11.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725956AbgIKMnJ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 11 Sep 2020 08:43:09 -0400
IronPort-SDR: fD4BvoMI8UHZV0HrtvVn81cNI7gmvcFigOke0nKZXFwTjEpmn8h8qyO3aH86dy7iIl9MWNWFAK
 bnDa68rhQODA==
X-IronPort-AV: E=McAfee;i="6000,8403,9740"; a="156201950"
X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; 
   d="scan'208";a="156201950"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:43:04 -0700
IronPort-SDR: d+TeafHBgR1STvqVpyaRd27PRY299APENW05+xReP5apRqhUKapR7+BlqDQFcEzrAtH7nMGmb7
 rToihZZFUL7Q==
X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; 
   d="scan'208";a="408148239"
Received: from amaksymi-mobl.ger.corp.intel.com (HELO localhost) ([10.252.60.247])
  by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:42:52 -0700
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     x86@kernel.org, linux-sgx@vger.kernel.org
Cc:     linux-kernel@vger.kernel.org,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jethro Beekman <jethro@fortanix.com>,
        Darren Kenny <darren.kenny@oracle.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de,
        cedric.xing@intel.com, chenalexchen@google.com,
        conradparker@google.com, cyhanish@google.com,
        dave.hansen@intel.com, haitao.huang@intel.com,
        josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com,
        kmoy@google.com, ludloff@google.com, luto@kernel.org,
        nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com,
        rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com
Subject: [PATCH v37 10/24] mm: Add vm_ops->mprotect()
Date:   Fri, 11 Sep 2020 15:40:05 +0300
Message-Id: <20200911124019.42178-11-jarkko.sakkinen@linux.intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com>
References: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Sean Christopherson <sean.j.christopherson@intel.com>

Add vm_ops()->mprotect() for additional constraints for a VMA.

Intel Software Guard eXtensions (SGX) will use this callback to add two
constraints:

1. Verify that the address range does not have holes: each page address
   must be filled with an enclave page.
2. Verify that VMA permissions won't surpass the permissions of any enclave
   page within the address range. Enclave cryptographically sealed
   permissions for each page address that set the upper limit for possible
   VMA permissions. Not respecting this can cause #GP's to be emitted.

Cc: linux-mm@kvack.org
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Matthew Wilcox <willy@infradead.org>
Acked-by: Jethro Beekman <jethro@fortanix.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Co-developed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 include/linux/mm.h | 3 +++
 mm/mprotect.c      | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/linux/mm.h b/include/linux/mm.h
index 97c83773b6f0..717726fcace6 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -547,6 +547,9 @@ struct vm_operations_struct {
 	void (*close)(struct vm_area_struct * area);
 	int (*split)(struct vm_area_struct * area, unsigned long addr);
 	int (*mremap)(struct vm_area_struct * area);
+	int (*mprotect)(struct vm_area_struct *vma,
+			struct vm_area_struct **pprev, unsigned long start,
+			unsigned long end, unsigned long newflags);
 	vm_fault_t (*fault)(struct vm_fault *vmf);
 	vm_fault_t (*huge_fault)(struct vm_fault *vmf,
 			enum page_entry_size pe_size);
diff --git a/mm/mprotect.c b/mm/mprotect.c
index ce8b8a5eacbb..f170f3da8a4f 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -610,7 +610,10 @@ static int do_mprotect_pkey(unsigned long start, size_t len,
 		tmp = vma->vm_end;
 		if (tmp > end)
 			tmp = end;
-		error = mprotect_fixup(vma, &prev, nstart, tmp, newflags);
+		if (vma->vm_ops && vma->vm_ops->mprotect)
+			error = vma->vm_ops->mprotect(vma, &prev, nstart, tmp, newflags);
+		else
+			error = mprotect_fixup(vma, &prev, nstart, tmp, newflags);
 		if (error)
 			goto out;
 		nstart = tmp;
-- 
2.25.1