Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp99142pxj;
        Thu, 3 Jun 2021 01:44:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzOYBe3nojSVmS2je/i8QSL2adW9ncF3K0e3jCWu4tlfs3y5IxDg+uyMW8+KrqCIk4L/sA/
X-Received: by 2002:a17:906:2419:: with SMTP id z25mr2413018eja.343.1622709847755;
        Thu, 03 Jun 2021 01:44:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1622709847; cv=none;
        d=google.com; s=arc-20160816;
        b=gh461HQbUMZD23ZHUmk3J/HEyPAlpLQqLRU88QupWzfyMsTWNhDWwGxhYWeZaA+zTE
         LMoqCJVRgsZeKGQHc/0rNPYCqMzPPLwtBg/VnoAJJ1ogoVUcwLsrIwQd7tv2NHb6SBrU
         vUVlxI+HMclc4zkWFDGXNDKgUmJnv7hsbYyj7sMytyTW7i381OEzgszrCI0Xiwr98jyX
         HznHAQI9imk3DhYPNyDn6YjWb00eS70aNCdNBRNVQsQvcgLutuUOp1UedKBaCS5QzQfO
         w1aRz83QHXBN+ai/UIVbAa3Mzka6GH+Ui9UViCDFZIJxbZl0N2dR8a/W6zv9lAusNMkQ
         A9Qw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:date:cc:to:subject:from:references:in-reply-to
         :message-id;
        bh=XJet+vL1i5F2Z3BiImZvh/XlFYpycU4sgSYQ6ntZTrs=;
        b=Rl5DYIGQk1o+GCoH8gZZjMpsjID+Qjt4wPpz5ExNipy2OdbgJFZL10UKva0ZpKE61U
         szEPABTrJSty2r7iRNdGTypCzlRH1iV6699dIy1T1fHdJjG6oC+thqB0US3SMEJz1+4n
         hfztdmMUBlhDIcuFFH/IOZeY14D0BY/mQ9q5U0nvNmCd6abC1kKtQF52KF59O861rHzT
         F6cBZn1DCY7XXgxNYRdeBrFw7HLM2MP9u3CxQBx6qRokvICIOkPaTC2/GpIrmQCKArHA
         uIE7aRp1KSvc7ymd8/0Qlyj2blYAe9rqApG8LtyYTpU6d9ocg1k1s3rF+FjKfATZThGs
         tTMQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id a13si1909270edx.220.2021.06.03.01.43.45;
        Thu, 03 Jun 2021 01:44:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229947AbhFCInf (ORCPT <rfc822;luke.ovalle@gmail.com>
        + 99 others); Thu, 3 Jun 2021 04:43:35 -0400
Received: from pegase1.c-s.fr ([93.17.236.30]:7043 "EHLO pegase1.c-s.fr"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229927AbhFCInf (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 3 Jun 2021 04:43:35 -0400
Received: from localhost (mailhub3.si.c-s.fr [192.168.12.233])
        by localhost (Postfix) with ESMTP id 4FwfWp67N2zBC5K;
        Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
X-Virus-Scanned: amavisd-new at c-s.fr
Received: from pegase1.c-s.fr ([192.168.12.234])
        by localhost (pegase1.c-s.fr [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id ZgV7NEuQinUX; Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192])
        by pegase1.c-s.fr (Postfix) with ESMTP id 4FwfWp5GnmzB306;
        Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id 82AE18B84A;
        Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
X-Virus-Scanned: amavisd-new at c-s.fr
Received: from messagerie.si.c-s.fr ([127.0.0.1])
        by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023)
        with ESMTP id PQUfnj1BGQSo; Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
Received: from po15610vm.idsi0.si.c-s.fr (unknown [192.168.4.90])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id 047508B767;
        Thu,  3 Jun 2021 10:41:42 +0200 (CEST)
Received: by po15610vm.idsi0.si.c-s.fr (Postfix, from userid 0)
        id D37D464BD2; Thu,  3 Jun 2021 08:41:41 +0000 (UTC)
Message-Id: <87be72023448dd4e476744ed279b8c04b8d08a1c.1622708530.git.christophe.leroy@csgroup.eu>
In-Reply-To: <cover.1622708530.git.christophe.leroy@csgroup.eu>
References: <cover.1622708530.git.christophe.leroy@csgroup.eu>
From:   Christophe Leroy <christophe.leroy@csgroup.eu>
Subject: [PATCH v2 06/12] powerpc/32s: Initialise KUAP and KUEP in C
To:     Benjamin Herrenschmidt <benh@kernel.crashing.org>,
        Paul Mackerras <paulus@samba.org>,
        Michael Ellerman <mpe@ellerman.id.au>
Cc:     linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org
Date:   Thu,  3 Jun 2021 08:41:41 +0000 (UTC)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

In order to selectively activate KUAP and KUEP in a following patch,
perform KUAP and KUEP initialisation in C.

Unlike PPC64, PPC32 doesn't have an early_setup_secondary(),
so do it in start_secondary().

Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
---
 arch/powerpc/kernel/head_book3s_32.S | 6 ------
 arch/powerpc/kernel/smp.c            | 4 ++++
 arch/powerpc/mm/book3s32/kuap.c      | 6 ++++++
 arch/powerpc/mm/book3s32/kuep.c      | 6 ++++++
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/arch/powerpc/kernel/head_book3s_32.S b/arch/powerpc/kernel/head_book3s_32.S
index db0e2dc25f86..0b82672ff7a6 100644
--- a/arch/powerpc/kernel/head_book3s_32.S
+++ b/arch/powerpc/kernel/head_book3s_32.S
@@ -934,12 +934,6 @@ _GLOBAL(load_segment_registers)
 	li	r0, NUM_USER_SEGMENTS /* load up user segment register values */
 	mtctr	r0		/* for context 0 */
 	li	r3, 0		/* Kp = 0, Ks = 0, VSID = 0 */
-#ifdef CONFIG_PPC_KUEP
-	oris	r3, r3, SR_NX@h	/* Set Nx */
-#endif
-#ifdef CONFIG_PPC_KUAP
-	oris	r3, r3, SR_KS@h	/* Set Ks */
-#endif
 	li	r4, 0
 3:	mtsrin	r3, r4
 	addi	r3, r3, 0x111	/* increment VSID */
diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c
index 2e05c783440a..820ae31e0231 100644
--- a/arch/powerpc/kernel/smp.c
+++ b/arch/powerpc/kernel/smp.c
@@ -1541,6 +1541,10 @@ void start_secondary(void *unused)
 {
 	unsigned int cpu = raw_smp_processor_id();
 
+	/* PPC64 calls setup_kup() in early_setup_secondary() */
+	if (IS_ENABLED(CONFIG_PPC32))
+		setup_kup();
+
 	mmgrab(&init_mm);
 	current->active_mm = &init_mm;
 
diff --git a/arch/powerpc/mm/book3s32/kuap.c b/arch/powerpc/mm/book3s32/kuap.c
index 1df55392878e..5533ed92ab3d 100644
--- a/arch/powerpc/mm/book3s32/kuap.c
+++ b/arch/powerpc/mm/book3s32/kuap.c
@@ -1,9 +1,15 @@
 // SPDX-License-Identifier: GPL-2.0-or-later
 
 #include <asm/kup.h>
+#include <asm/smp.h>
 
 void __init setup_kuap(bool disabled)
 {
+	kuap_update_sr(mfsr(0) | SR_KS, 0, TASK_SIZE);
+
+	if (smp_processor_id() != boot_cpuid)
+		return;
+
 	pr_info("Activating Kernel Userspace Access Protection\n");
 
 	if (disabled)
diff --git a/arch/powerpc/mm/book3s32/kuep.c b/arch/powerpc/mm/book3s32/kuep.c
index 919595f47e25..3147e2edcf63 100644
--- a/arch/powerpc/mm/book3s32/kuep.c
+++ b/arch/powerpc/mm/book3s32/kuep.c
@@ -1,9 +1,15 @@
 // SPDX-License-Identifier: GPL-2.0-or-later
 
 #include <asm/kup.h>
+#include <asm/smp.h>
 
 void __init setup_kuep(bool disabled)
 {
+	kuep_lock();
+
+	if (smp_processor_id() != boot_cpuid)
+		return;
+
 	pr_info("Activating Kernel Userspace Execution Prevention\n");
 
 	if (disabled)
-- 
2.25.0