Received: by 10.223.164.200 with SMTP id h8csp931933wrb; Mon, 6 Nov 2017 01:12:27 -0800 (PST) X-Google-Smtp-Source: ABhQp+T6Gx9glErMLj2iM6iMTomcqwf+OcjU04A8R6qgzoVRE+p4pE8HKS5uvRGGUIn4R/Wglu/I X-Received: by 10.99.116.18 with SMTP id p18mr14909482pgc.269.1509959547235; Mon, 06 Nov 2017 01:12:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1509959547; cv=none; d=google.com; s=arc-20160816; b=BNw64AnEvcS5/GtU+amUOeAA5OzwukqwjWkE2NqkXElSNgD6U/n42kPsnNbNkgPhNo auhyGkwiNDc8onyXVbFpqNKFVVq3aPHjwK5dlLfJRz/UKWiobGePFOj9G/XMFn/EzYIS VC61rrelhXw4XbXQy1A3wbAMVQuqf4h5k4axlwQ7x74OyrlyOGF5Ke0MR5Azg4WucEgO KhEBCTQd0ejSVS9736pHRLbaKeEO1/PIAgj8qt6uYx2EVSxMoDA3V3km8draXHOwprN/ zSFkqA8w2TT6E5yCnQEBf6RP6/Kb4yja7OZjjmW0GXMoGvMUCu3bdY2xVTFM72UFsSfg CVcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=cY/u6V7RnbMnZWsuUTaniZNTcTjd+60O0CluSVxBuqY=; b=z79uUq7yICuXCUVT/oDrNMh7QL7ZwLNdGBwZ8d53pKW68Iy7NnmOkcTFxHblFkryrL 9po3m8o1UtI5t9S3O/Q+uH/hop3f5tgF0AhqZiVuGOPiNUobn/pzAARbhvSuk4dB6q04 lkZqZe6WQba5gLcNdXM6tyDkw6Gq3VWKIIbZ8HQEtJpOlXY34XUF0GW0yk8fAl1K3XXY zYOs5T6XvJIzerTQDJ3bLjPWkSxItykWi/jT8UNV7sDrXY+u6ZoBROglH16QIW8r29Yo /q910+cYt4nJAV+GJRkur4AC7KjGHpdqoXaknuLnmcePU/HEidGVUyFUuXQs5uw0NyDT yQZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=oDO10cyF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j12si11117367pgf.141.2017.11.06.01.12.13; Mon, 06 Nov 2017 01:12:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=oDO10cyF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751778AbdKFJLf (ORCPT + 98 others); Mon, 6 Nov 2017 04:11:35 -0500 Received: from mail-qk0-f194.google.com ([209.85.220.194]:49170 "EHLO mail-qk0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751997AbdKFI7l (ORCPT ); Mon, 6 Nov 2017 03:59:41 -0500 Received: by mail-qk0-f194.google.com with SMTP id q83so10022226qke.6; Mon, 06 Nov 2017 00:59:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=cY/u6V7RnbMnZWsuUTaniZNTcTjd+60O0CluSVxBuqY=; b=oDO10cyFTNn9vRknZfEkcXDGGMOygvkpPpt7v7hh4ftiGYQttsfpcWBaGNHSL6YEZp XUL+tJmaDzL0nJ4KwzHLqm5sfXL+buaOckYUJOMmBFe9Stp/XkinhAeav1rHRUOJ1uFL thEax1QB0JOEl3RTazGAEny6lE4TfIfEysc2K1BqAvL6eMuv/PPg4f9pdrSYlzTr/hlx AkjFN1jgxROt7x39upX/uvBT/DfJkiKfcCZ5oDtqCLbJGg9s/L/HEhfkiqI4V/8R7mj3 pQf10s3dPW+AqlFlNGcPK5dTXqebET0UM0D0mGeJghXeXsazjoqCbrt5aQzia+80+uHY D8Bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=cY/u6V7RnbMnZWsuUTaniZNTcTjd+60O0CluSVxBuqY=; b=Egr0C7apYMcbva/75D08yhSg2A/k/kaDLtkp8oN7bxaxR/N5pMcJjTEn61SxvzlmM8 37X7i/PBOVbeRl9ub6fa1fpCQLkjZFUIxF9QHolamTksy+CCmL8u9/I1d45tIC7fKacv dTSifwuGPitcL2JnBPWMv2z58mz0huXj/puYyQQAOJFuWRzUQYFwFCpsRDGzOHsZ00B6 uud9Jyyd6Vas1WmUIYyoBw8gpLrCv/pA6rlYDu1RmNpo9NH0QixyeR8EMq3YbRTzzJG0 aQWXYTvVD/eW/TEiDAIcOmKwlHUYf6XObyC/8DEcUJAFjZJZaroJCdfZ0W4JaBFvkun/ f+3w== X-Gm-Message-State: AMCzsaWQ2at48XZcYi8nlhay6/ddKAs3iDcxWuWvSyYttxZM2NcKHSBf gtjs4f9wq4Oxr125++MG3PE= X-Received: by 10.55.166.139 with SMTP id p133mr20903398qke.191.1509958780547; Mon, 06 Nov 2017 00:59:40 -0800 (PST) Received: from localhost.localdomain (50-39-103-96.bvtn.or.frontiernet.net. [50.39.103.96]) by smtp.gmail.com with ESMTPSA id r26sm8001094qki.42.2017.11.06.00.59.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Nov 2017 00:59:40 -0800 (PST) From: Ram Pai To: mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org, corbet@lwn.net, arnd@arndb.de Cc: linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org, khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com, bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org, bauerman@linux.vnet.ibm.com, ebiederm@xmission.com, linuxram@us.ibm.com Subject: [PATCH v9 29/51] mm/mprotect, powerpc/mm/pkeys, x86/mm/pkeys: Add sysfs interface Date: Mon, 6 Nov 2017 00:57:21 -0800 Message-Id: <1509958663-18737-30-git-send-email-linuxram@us.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com> References: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Thiago Jung Bauermann Expose useful information for programs using memory protection keys. Provide implementation for powerpc and x86. On a powerpc system with pkeys support, here is what is shown: $ head /sys/kernel/mm/protection_keys/* ==> /sys/kernel/mm/protection_keys/disable_access_supported <== true ==> /sys/kernel/mm/protection_keys/disable_execute_supported <== true ==> /sys/kernel/mm/protection_keys/disable_write_supported <== true ==> /sys/kernel/mm/protection_keys/total_keys <== 31 ==> /sys/kernel/mm/protection_keys/usable_keys <== 27 And on an x86 without pkeys support: $ head /sys/kernel/mm/protection_keys/* ==> /sys/kernel/mm/protection_keys/disable_access_supported <== false ==> /sys/kernel/mm/protection_keys/disable_execute_supported <== false ==> /sys/kernel/mm/protection_keys/disable_write_supported <== false ==> /sys/kernel/mm/protection_keys/total_keys <== 1 ==> /sys/kernel/mm/protection_keys/usable_keys <== 0 Signed-off-by: Ram Pai Signed-off-by: Thiago Jung Bauermann --- arch/powerpc/include/asm/pkeys.h | 2 + arch/powerpc/mm/pkeys.c | 24 ++++++++++ arch/x86/include/asm/mmu_context.h | 4 +- arch/x86/include/asm/pkeys.h | 1 + arch/x86/mm/pkeys.c | 9 ++++ include/linux/pkeys.h | 2 +- mm/mprotect.c | 88 ++++++++++++++++++++++++++++++++++++ 7 files changed, 128 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h index 333fb28..6d70b1a 100644 --- a/arch/powerpc/include/asm/pkeys.h +++ b/arch/powerpc/include/asm/pkeys.h @@ -237,6 +237,8 @@ static inline void pkey_mmu_values(int total_data, int total_execute) pkeys_total = total_data; } +extern bool arch_supports_pkeys(int cap); +extern unsigned int arch_usable_pkeys(void); extern void thread_pkey_regs_save(struct thread_struct *thread); extern void thread_pkey_regs_restore(struct thread_struct *new_thread, struct thread_struct *old_thread); diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index 2612f61..7e8468f 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -421,6 +421,30 @@ bool arch_vma_access_permitted(struct vm_area_struct *vma, bool write, return pkey_access_permitted(vma_pkey(vma), write, execute); } +unsigned int arch_usable_pkeys(void) +{ + unsigned int reserved; + + if (static_branch_likely(&pkey_disabled)) + return 0; + + /* Reserve one more to account for the execute-only pkey. */ + reserved = hweight32(initial_allocation_mask) + 1; + + return pkeys_total > reserved ? pkeys_total - reserved : 0; +} + +bool arch_supports_pkeys(int cap) +{ + if (static_branch_likely(&pkey_disabled)) + return false; + + if (cap & PKEY_DISABLE_EXECUTE) + return pkey_execute_disable_supported; + + return (cap & (PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE)); +} + long sys_pkey_modify(int pkey, unsigned long new_val) { bool ret; diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h index 6699fc4..e3efabb 100644 --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm/mmu_context.h @@ -129,6 +129,8 @@ static inline void switch_ldt(struct mm_struct *prev, struct mm_struct *next) void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk); +#define PKEY_INITIAL_ALLOCATION_MAP 1 + static inline int init_new_context(struct task_struct *tsk, struct mm_struct *mm) { @@ -138,7 +140,7 @@ static inline int init_new_context(struct task_struct *tsk, #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS if (cpu_feature_enabled(X86_FEATURE_OSPKE)) { /* pkey 0 is the default and always allocated */ - mm->context.pkey_allocation_map = 0x1; + mm->context.pkey_allocation_map = PKEY_INITIAL_ALLOCATION_MAP; /* -1 means unallocated or invalid */ mm->context.execute_only_pkey = -1; } diff --git a/arch/x86/include/asm/pkeys.h b/arch/x86/include/asm/pkeys.h index f6c287b..6807288 100644 --- a/arch/x86/include/asm/pkeys.h +++ b/arch/x86/include/asm/pkeys.h @@ -106,5 +106,6 @@ extern int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey, unsigned long init_val); extern void copy_init_pkru_to_fpregs(void); +extern unsigned int arch_usable_pkeys(void); #endif /*_ASM_X86_PKEYS_H */ diff --git a/arch/x86/mm/pkeys.c b/arch/x86/mm/pkeys.c index d7bc0ee..3083a59 100644 --- a/arch/x86/mm/pkeys.c +++ b/arch/x86/mm/pkeys.c @@ -122,6 +122,15 @@ int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, int pkey return vma_pkey(vma); } +unsigned int arch_usable_pkeys(void) +{ + /* Reserve one more to account for the execute-only pkey. */ + unsigned int reserved = (boot_cpu_has(X86_FEATURE_OSPKE) ? + hweight32(PKEY_INITIAL_ALLOCATION_MAP) : 0) + 1; + + return arch_max_pkey() > reserved ? arch_max_pkey() - reserved : 0; +} + #define PKRU_AD_KEY(pkey) (PKRU_AD_BIT << ((pkey) * PKRU_BITS_PER_PKEY)) /* diff --git a/include/linux/pkeys.h b/include/linux/pkeys.h index 3ca2e44..0784f20 100644 --- a/include/linux/pkeys.h +++ b/include/linux/pkeys.h @@ -11,6 +11,7 @@ #define arch_max_pkey() (1) #define execute_only_pkey(mm) (0) #define arch_override_mprotect_pkey(vma, prot, pkey) (0) +#define arch_usable_pkeys() (0) #define PKEY_DEDICATED_EXECUTE_ONLY 0 #define ARCH_VM_PKEY_FLAGS 0 @@ -43,7 +44,6 @@ static inline bool arch_pkeys_enabled(void) static inline void copy_init_pkru_to_fpregs(void) { } - #endif /* ! CONFIG_ARCH_HAS_PKEYS */ #endif /* _LINUX_PKEYS_H */ diff --git a/mm/mprotect.c b/mm/mprotect.c index ec39f73..43a4584 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -568,4 +568,92 @@ static int do_mprotect_pkey(unsigned long start, size_t len, return ret; } +#ifdef CONFIG_SYSFS + +#define PKEYS_ATTR_RO(_name) \ + static struct kobj_attribute _name##_attr = __ATTR_RO(_name) + +static ssize_t total_keys_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) +{ + return sprintf(buf, "%u\n", arch_max_pkey()); +} +PKEYS_ATTR_RO(total_keys); + +static ssize_t usable_keys_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) +{ + return sprintf(buf, "%u\n", arch_usable_pkeys()); +} +PKEYS_ATTR_RO(usable_keys); + +static ssize_t disable_access_supported_show(struct kobject *kobj, + struct kobj_attribute *attr, + char *buf) +{ + if (arch_pkeys_enabled()) { + strcpy(buf, "true\n"); + return sizeof("true\n") - 1; + } + + strcpy(buf, "false\n"); + return sizeof("false\n") - 1; +} +PKEYS_ATTR_RO(disable_access_supported); + +static ssize_t disable_write_supported_show(struct kobject *kobj, + struct kobj_attribute *attr, + char *buf) +{ + if (arch_pkeys_enabled()) { + strcpy(buf, "true\n"); + return sizeof("true\n") - 1; + } + + strcpy(buf, "false\n"); + return sizeof("false\n") - 1; +} +PKEYS_ATTR_RO(disable_write_supported); + +static ssize_t disable_execute_supported_show(struct kobject *kobj, + struct kobj_attribute *attr, + char *buf) +{ +#ifdef PKEY_DISABLE_EXECUTE + if (arch_supports_pkeys(PKEY_DISABLE_EXECUTE)) { + strcpy(buf, "true\n"); + return sizeof("true\n") - 1; + } +#endif + + strcpy(buf, "false\n"); + return sizeof("false\n") - 1; +} +PKEYS_ATTR_RO(disable_execute_supported); + +static struct attribute *pkeys_attrs[] = { + &total_keys_attr.attr, + &usable_keys_attr.attr, + &disable_access_supported_attr.attr, + &disable_write_supported_attr.attr, + &disable_execute_supported_attr.attr, + NULL, +}; + +static const struct attribute_group pkeys_attr_group = { + .attrs = pkeys_attrs, + .name = "protection_keys", +}; + +static int __init pkeys_sysfs_init(void) +{ + int err; + + err = sysfs_create_group(mm_kobj, &pkeys_attr_group); + + return err; +} +late_initcall(pkeys_sysfs_init); +#endif /* CONFIG_SYSFS */ + #endif /* CONFIG_ARCH_HAS_PKEYS */ -- 1.7.1 From 1583153963123206198@xxx Sat Nov 04 16:34:33 +0000 2017 X-GM-THRID: 1582818041467251394 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread