Received: by 10.223.164.202 with SMTP id h10csp16874wrb; Mon, 6 Nov 2017 01:38:45 -0800 (PST) X-Google-Smtp-Source: ABhQp+TV3T6i99YrS0J10pTHfUF8hSszuZV8rP0DN5PFhK2zydktiYKedjZgteSz76XLdDfJeOZ6 X-Received: by 10.99.121.69 with SMTP id u66mr14632305pgc.193.1509961125211; Mon, 06 Nov 2017 01:38:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1509961125; cv=none; d=google.com; s=arc-20160816; b=0Z1Z8FXZBDxNMgVPONYc3n1kdLePPKQA/mYLUq6SGXeMv3K/Qm2J1Nbw/KLSqEmPZc 83h/sPBy2fxg8WL8KT1Cn7exWZGQ4GWiVf4XpW/Q79I1+jdtJmSJkedLwTYoKwWeWniG 5KohigNqnHqBuoj265r3+M397Z4nklJ3BHjhIuQy+RemUhpBsCZqcxwsICpHt6MbX6Zo 2DU4Kidu7a8ENe5iV9WL+tiWfFxTqN0HmMeymsJDIFPO97jXT03QpsvvxYDcPDF/h9rO mQV/EXxX0mB2FcI/VRWcDgb/SYwDeah+Aefu2YMcu5EL6mwh1tB7vqx7iMv3Xr7eN8IA dODA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=GloJHoZIJLjRkIuqkGeg+pz+/GTiE52EK8wNARwmFRI=; b=dGr0BjxwA/A/mMoIP7PtADgG2eZPC0+9o6od2fF+zinanvh+Fn50vrUyEE3w7P5w16 /1/sYHGtT1RmIgpOxtWO4lmcOnZoWsgnDGZbhJjEeSWFQk1c8Ja1o9uvikTx2G95IS3+ gIrCqA6vlgr6YnEN248eJM3+65buz4hY/W/sbeGGuRRlSs+OMihNg2J93y9+OioBJnzm lKx0LzwUHJiOpe0c0My0VrifWxKYNQk6MDWlAVj1IYJyDpNKocZijUpHDD3zWe2oLYXl YAw+FXcNkL3+uPvuS+aswZWZOMcTwOKYy3/LmfcqVxKV64APEurNO5rnn9qTahpYeuIG 9PRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=baHAN4SJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n76si11795169pfa.220.2017.11.06.01.38.31; Mon, 06 Nov 2017 01:38:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=baHAN4SJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752238AbdKFJh4 (ORCPT + 98 others); Mon, 6 Nov 2017 04:37:56 -0500 Received: from mail-qt0-f195.google.com ([209.85.216.195]:51948 "EHLO mail-qt0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750760AbdKFI6p (ORCPT ); Mon, 6 Nov 2017 03:58:45 -0500 Received: by mail-qt0-f195.google.com with SMTP id h4so9977074qtk.8; Mon, 06 Nov 2017 00:58:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=GloJHoZIJLjRkIuqkGeg+pz+/GTiE52EK8wNARwmFRI=; b=baHAN4SJ6BwsTbVx8FUPc+HGY/AdUNsAqsolIX8+Kew5Wt/UeDa4Lr+kXwUyORLqhJ qwweW+zQaBGhyxT8HQJ21zQAdiLM1svPqc7vHeZsXRTHw1Bi0zwW1xOmRNIAQ/WSJqj+ 322iZYo6wIvpnL3iF0Vc2mbyv+k0/npWyuqjJXhRw0HHE3eOMHUDFOEIb6bMzTyZZGaL ZclDFDWdMhWUBtJ1vdQPJqjnbJDeU/IzLRgdZwtqVcRcQWJ6N+OciDaPXQqrgnOU3G1x 8t7ugOE8zoG8xSSxDBIxme52U2t/tLmFiHmWkgOX191caEcOp/h6OTCmQiLyeaMEy/B5 5gfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=GloJHoZIJLjRkIuqkGeg+pz+/GTiE52EK8wNARwmFRI=; b=RwvHIlKB4+2gVx/IQlUBHvNI1fsSO+174L6uuR3WHsSCWh2VlBNqkUTLOSCmYTBV91 dtKu3ZeYSBkLxjRjo2rxqkKcvmF/KWSZ1206Uu6i6qVgb09BQdllJ7FwCPiJQ2t4mASL rD1jW8P4dvUm9FTezo0jrs7zpl8nVHDwVUZnB8F9PxKZXSSnueHevVqZAxE8h0pXuT2z JFcaxJx3X+GSbrqX842TwDj0+cQv9lyyHyBOLyD9eAkscmV6bjU/m/cxcyN/11wwm9gQ 1YHI9nVdWvsHSowpFgUuPJdfk4YyEQDiiRflOuyZ9C9oRa1taZI0O9bVHIA6akQyzoVp n2UA== X-Gm-Message-State: AMCzsaV4z0LXYujTS87Y3SOEEl3+IgHTGrVY+D9+X2OHwfrSCImQxCNO JGODVYZUfcxH95Q1v0k6lfk= X-Received: by 10.237.63.129 with SMTP id s1mr22218350qth.89.1509958724998; Mon, 06 Nov 2017 00:58:44 -0800 (PST) Received: from localhost.localdomain (50-39-103-96.bvtn.or.frontiernet.net. [50.39.103.96]) by smtp.gmail.com with ESMTPSA id r26sm8001094qki.42.2017.11.06.00.58.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Nov 2017 00:58:44 -0800 (PST) From: Ram Pai To: mpe@ellerman.id.au, mingo@redhat.com, akpm@linux-foundation.org, corbet@lwn.net, arnd@arndb.de Cc: linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, dave.hansen@intel.com, benh@kernel.crashing.org, paulus@samba.org, khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com, bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org, bauerman@linux.vnet.ibm.com, ebiederm@xmission.com, linuxram@us.ibm.com Subject: [PATCH v9 09/51] powerpc: ability to create execute-disabled pkeys Date: Mon, 6 Nov 2017 00:57:01 -0800 Message-Id: <1509958663-18737-10-git-send-email-linuxram@us.ibm.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com> References: <1509958663-18737-1-git-send-email-linuxram@us.ibm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org powerpc has hardware support to disable execute on a pkey. This patch enables the ability to create execute-disabled keys. Signed-off-by: Ram Pai --- arch/powerpc/include/uapi/asm/mman.h | 6 ++++++ arch/powerpc/mm/pkeys.c | 16 ++++++++++++++++ 2 files changed, 22 insertions(+), 0 deletions(-) diff --git a/arch/powerpc/include/uapi/asm/mman.h b/arch/powerpc/include/uapi/asm/mman.h index e63bc37..65065ce 100644 --- a/arch/powerpc/include/uapi/asm/mman.h +++ b/arch/powerpc/include/uapi/asm/mman.h @@ -30,4 +30,10 @@ #define MAP_STACK 0x20000 /* give out an address that is best suited for process/thread stacks */ #define MAP_HUGETLB 0x40000 /* create a huge page mapping */ +/* Override any generic PKEY permission defines */ +#define PKEY_DISABLE_EXECUTE 0x4 +#undef PKEY_ACCESS_MASK +#define PKEY_ACCESS_MASK (PKEY_DISABLE_ACCESS |\ + PKEY_DISABLE_WRITE |\ + PKEY_DISABLE_EXECUTE) #endif /* _UAPI_ASM_POWERPC_MMAN_H */ diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index 4a01c2f..3ddc13a 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -29,6 +29,14 @@ void __init pkey_initialize(void) int os_reserved, i; /* + * We define PKEY_DISABLE_EXECUTE in addition to the arch-neutral + * generic defines for PKEY_DISABLE_ACCESS and PKEY_DISABLE_WRITE. + * Ensure that the bits a distinct. + */ + BUILD_BUG_ON(PKEY_DISABLE_EXECUTE & + (PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE)); + + /* * Disable the pkey system till everything is in place. A subsequent * patch will enable it. */ @@ -171,10 +179,18 @@ int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey, unsigned long init_val) { u64 new_amr_bits = 0x0ul; + u64 new_iamr_bits = 0x0ul; if (!is_pkey_enabled(pkey)) return -EINVAL; + if (init_val & PKEY_DISABLE_EXECUTE) { + if (!pkey_execute_disable_supported) + return -EINVAL; + new_iamr_bits |= IAMR_EX_BIT; + } + init_iamr(pkey, new_iamr_bits); + /* Set the bits we need in AMR: */ if (init_val & PKEY_DISABLE_ACCESS) new_amr_bits |= AMR_RD_BIT | AMR_WR_BIT; -- 1.7.1 From 1586807082342490646@xxx Fri Dec 15 00:19:19 +0000 2017 X-GM-THRID: 1584702926332561254 X-Gmail-Labels: Inbox,Category Forums