Received: by 10.223.164.202 with SMTP id h10csp16052wrb;
        Mon, 6 Nov 2017 01:37:45 -0800 (PST)
X-Google-Smtp-Source: ABhQp+TPgNMvBpJWgVziA85908lJfsJQNBZsGAMTxJ2sSGDytgPbcLx0HGs5dsVKT/kABIpfi4ri
X-Received: by 10.99.153.1 with SMTP id d1mr14537635pge.379.1509961065293;
        Mon, 06 Nov 2017 01:37:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1509961065; cv=none;
        d=google.com; s=arc-20160816;
        b=XlOvzsCnQYoYfp4lPzW8wtuRcqsWZyMRaNo8h6cI4tVvAI/AS4yHUg+ojEKjSBadwN
         gc0mWzunyk7ckCtrv98B3COhiZ/l2ZNahLEq7stFIqEOS1chAHzv/Jb5qO4vrcSPH4+N
         YKmkO5LFMJiCvIO+t8cJHAg9As/qZir28CQen6gbm+vmXPIbj8nU6jIod+xm5Giogg/4
         shL0KX0qGm/7+EJg5ALuk7iPp3cIHXAzTYMoRFDne5K5YpaS6UD0lloSZ6zZOCnZyrCs
         gAMGZDc7qDiDkfsZAXwigK1+l7YW8COUM1xg5ep2sPUDXmsN0cTKcZtcy6OYiXyZttyl
         s0Yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=OAmGJd4gMdQmEVpNxIFdk3RH5CTLayp+b3dwfdv30H4=;
        b=N2z+uRnO4qL+QQxGiNmjRhzBjCAX2oy5yXwrNFfIbV5x2FerWUylgMN0iu+abIR67W
         x604lnKp609QC/99rsjsEDythec81D97rTFi5imTIyBDLXynNGqh7sP3as+zKs0cZ10c
         udDmQcDZO4ppdSi2yIW4MK2/lI5aTjMuSidkB01/gUXNJaOVDT8DnToiUV4hZ42zo1un
         6dbfQOjmxWV7nhzkkJFFcWre0LHZrNEJm8o5UQkiYq0Cd1WAbrtuRItkoNfxcyttaL/h
         aONJAglR4Tbmz0IV9Lk3UGkVPCbppENCXdVqs2e6KuoetRlSH4jf4KXo3bF9dYHTVAB7
         +xtg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=HnY2+xtD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t4si10526000plo.470.2017.11.06.01.37.31;
        Mon, 06 Nov 2017 01:37:45 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=HnY2+xtD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752308AbdKFJgz (ORCPT <rfc822;tuxbino@gmail.com> + 98 others);
        Mon, 6 Nov 2017 04:36:55 -0500
Received: from mail-qt0-f194.google.com ([209.85.216.194]:49112 "EHLO
        mail-qt0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752205AbdKFI64 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 6 Nov 2017 03:58:56 -0500
Received: by mail-qt0-f194.google.com with SMTP id f8so10007376qta.5;
        Mon, 06 Nov 2017 00:58:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:from:to:cc:subject:date:message-id:in-reply-to:references;
        bh=OAmGJd4gMdQmEVpNxIFdk3RH5CTLayp+b3dwfdv30H4=;
        b=HnY2+xtDJItLUNavbMzacmEYCoUoFtne1BuvbTLIOtHTi408ljnJm+Pf28yspRJ7pC
         eSvAFMPNyLkcA46HSsS/CvlBPRF8ZBV73KjYdrmo1b0fDVjx6uECVghqWUL1mM9AQRpy
         9uu231bFHIKr9TiO6RAtKTHD1IoX8InwOnV0pdGpv5ZZ+p8ooqh8RB6D2YKauFdReWaT
         N2fGsfSBwDzTyz/Q1YhR/BoHaiZICRExkLEc86q39isPc9xeIJX6hP6/Qhpm46AxIb4w
         HQqoi118l24zHq+2MZ1/lu8TpgaIKL7fX8Ih9EA8RunW8R2e1GgxOhQrzZe2/nKjvgCV
         megQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
         :in-reply-to:references;
        bh=OAmGJd4gMdQmEVpNxIFdk3RH5CTLayp+b3dwfdv30H4=;
        b=gZMv/r12DznQfN5465Ld7748pH/aImt8roefMjSZesP+UoQKdAmaTIZ1gpILrD0++K
         STuoL2Z29iwmL/1D8zMfLUHK52BuYXaeSZfz+xJASzk6oEvP03T9O7Hom9EjH8CtKo4c
         YhzOnlGT6LGE2L1p6lMXtBfitGA9ILhn8HqI8XLhF5+zcMcTTpAr5OBFo3WexnSrZeHt
         GtBLpKNR0LZRcfChjAA+ocga1Pz2h99Q6cT/KGlOKqxOTkNbDhnh+54KMGn/hlXJxLO1
         bb/POoy8KT5bsvb/0OwOK5VxF8APkTtuhrXbeeH0VFhaxwoeuhbqBtAElzi3MG9dcA8M
         yvRw==
X-Gm-Message-State: AMCzsaUzqhjb639xa/YKfM6RV6kkt/aNmOx/FlwVKRWq3+ORhfMBa4Pj
        saef3OPp2iVYT2scJAE04MY=
X-Received: by 10.200.63.156 with SMTP id d28mr21962474qtk.170.1509958735826;
        Mon, 06 Nov 2017 00:58:55 -0800 (PST)
Received: from localhost.localdomain (50-39-103-96.bvtn.or.frontiernet.net. [50.39.103.96])
        by smtp.gmail.com with ESMTPSA id r26sm8001094qki.42.2017.11.06.00.58.53
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 06 Nov 2017 00:58:55 -0800 (PST)
From:   Ram Pai <linuxram@us.ibm.com>
To:     mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org,
        corbet@lwn.net, arnd@arndb.de
Cc:     linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org,
        linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
        linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
        dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org,
        khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com,
        bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org,
        bauerman@linux.vnet.ibm.com, ebiederm@xmission.com,
        linuxram@us.ibm.com
Subject: [PATCH v9 13/51] powerpc: implementation for arch_override_mprotect_pkey()
Date:   Mon,  6 Nov 2017 00:57:05 -0800
Message-Id: <1509958663-18737-14-git-send-email-linuxram@us.ibm.com>
X-Mailer: git-send-email 1.7.1
In-Reply-To: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com>
References: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

arch independent code calls arch_override_mprotect_pkey()
to return a pkey that best matches the requested protection.

This patch provides the implementation.

Signed-off-by: Ram Pai <linuxram@us.ibm.com>
---
 arch/powerpc/include/asm/mmu_context.h |    5 ++++
 arch/powerpc/include/asm/pkeys.h       |   21 +++++++++++++++++-
 arch/powerpc/mm/pkeys.c                |   36 ++++++++++++++++++++++++++++++++
 3 files changed, 61 insertions(+), 1 deletions(-)

diff --git a/arch/powerpc/include/asm/mmu_context.h b/arch/powerpc/include/asm/mmu_context.h
index 4eccc2f..a83d540 100644
--- a/arch/powerpc/include/asm/mmu_context.h
+++ b/arch/powerpc/include/asm/mmu_context.h
@@ -149,6 +149,11 @@ static inline bool arch_vma_access_permitted(struct vm_area_struct *vma,
 #define thread_pkey_regs_save(thread)
 #define thread_pkey_regs_restore(new_thread, old_thread)
 #define thread_pkey_regs_init(thread)
+
+static inline int vma_pkey(struct vm_area_struct *vma)
+{
+	return 0;
+}
 #endif /* CONFIG_PPC_MEM_KEYS */
 
 #endif /* __KERNEL__ */
diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h
index 1bd41ef..441bbf3 100644
--- a/arch/powerpc/include/asm/pkeys.h
+++ b/arch/powerpc/include/asm/pkeys.h
@@ -52,6 +52,13 @@ static inline u64 pkey_to_vmflag_bits(u16 pkey)
 	return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS);
 }
 
+static inline int vma_pkey(struct vm_area_struct *vma)
+{
+	if (static_branch_likely(&pkey_disabled))
+		return 0;
+	return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT;
+}
+
 #define arch_max_pkey() pkeys_total
 
 #define pkey_alloc_mask(pkey) (0x1 << pkey)
@@ -148,10 +155,22 @@ static inline int execute_only_pkey(struct mm_struct *mm)
 	return __execute_only_pkey(mm);
 }
 
+extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma,
+					 int prot, int pkey);
 static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma,
 					      int prot, int pkey)
 {
-	return 0;
+	if (static_branch_likely(&pkey_disabled))
+		return 0;
+
+	/*
+	 * Is this an mprotect_pkey() call? If so, never override the value that
+	 * came from the user.
+	 */
+	if (pkey != -1)
+		return pkey;
+
+	return __arch_override_mprotect_pkey(vma, prot, pkey);
 }
 
 extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c
index 4d704ea..f1c6195 100644
--- a/arch/powerpc/mm/pkeys.c
+++ b/arch/powerpc/mm/pkeys.c
@@ -311,3 +311,39 @@ int __execute_only_pkey(struct mm_struct *mm)
 		mm->context.execute_only_pkey = execute_only_pkey;
 	return execute_only_pkey;
 }
+
+static inline bool vma_is_pkey_exec_only(struct vm_area_struct *vma)
+{
+	/* Do this check first since the vm_flags should be hot */
+	if ((vma->vm_flags & (VM_READ | VM_WRITE | VM_EXEC)) != VM_EXEC)
+		return false;
+
+	return (vma_pkey(vma) == vma->vm_mm->context.execute_only_pkey);
+}
+
+/*
+ * This should only be called for *plain* mprotect calls.
+ */
+int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot,
+				  int pkey)
+{
+	/*
+	 * If the currently associated pkey is execute-only, but the requested
+	 * protection requires read or write, move it back to the default pkey.
+	 */
+	if (vma_is_pkey_exec_only(vma) && (prot & (PROT_READ | PROT_WRITE)))
+		return 0;
+
+	/*
+	 * The requested protection is execute-only. Hence let's use an
+	 * execute-only pkey.
+	 */
+	if (prot == PROT_EXEC) {
+		pkey = execute_only_pkey(vma->vm_mm);
+		if (pkey > 0)
+			return pkey;
+	}
+
+	/* Nothing to override. */
+	return vma_pkey(vma);
+}
-- 
1.7.1


From 1583068527009256658@xxx Fri Nov 03 17:56:35 +0000 2017
X-GM-THRID: 1583065651693918938
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread