mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-17 23:56:50 +07:00
dcf872956d
powerpc has hardware support to disable execute on a pkey. This patch enables the ability to create execute-disabled keys. Signed-off-by: Ram Pai <linuxram@us.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
209 lines
4.6 KiB
C
209 lines
4.6 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/*
|
|
* PowerPC Memory Protection Keys management
|
|
*
|
|
* Copyright 2017, Ram Pai, IBM Corporation.
|
|
*/
|
|
|
|
#include <asm/mman.h>
|
|
#include <linux/pkeys.h>
|
|
|
|
DEFINE_STATIC_KEY_TRUE(pkey_disabled);
|
|
bool pkey_execute_disable_supported;
|
|
int pkeys_total; /* Total pkeys as per device tree */
|
|
u32 initial_allocation_mask; /* Bits set for reserved keys */
|
|
|
|
#define AMR_BITS_PER_PKEY 2
|
|
#define AMR_RD_BIT 0x1UL
|
|
#define AMR_WR_BIT 0x2UL
|
|
#define IAMR_EX_BIT 0x1UL
|
|
#define PKEY_REG_BITS (sizeof(u64)*8)
|
|
#define pkeyshift(pkey) (PKEY_REG_BITS - ((pkey+1) * AMR_BITS_PER_PKEY))
|
|
|
|
int pkey_initialize(void)
|
|
{
|
|
int os_reserved, i;
|
|
|
|
/*
|
|
* We define PKEY_DISABLE_EXECUTE in addition to the arch-neutral
|
|
* generic defines for PKEY_DISABLE_ACCESS and PKEY_DISABLE_WRITE.
|
|
* Ensure that the bits a distinct.
|
|
*/
|
|
BUILD_BUG_ON(PKEY_DISABLE_EXECUTE &
|
|
(PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE));
|
|
|
|
/*
|
|
* Disable the pkey system till everything is in place. A subsequent
|
|
* patch will enable it.
|
|
*/
|
|
static_branch_enable(&pkey_disabled);
|
|
|
|
/* Lets assume 32 keys */
|
|
pkeys_total = 32;
|
|
|
|
/*
|
|
* Adjust the upper limit, based on the number of bits supported by
|
|
* arch-neutral code.
|
|
*/
|
|
pkeys_total = min_t(int, pkeys_total,
|
|
(ARCH_VM_PKEY_FLAGS >> VM_PKEY_SHIFT));
|
|
|
|
/*
|
|
* Disable execute_disable support for now. A subsequent patch will
|
|
* enable it.
|
|
*/
|
|
pkey_execute_disable_supported = false;
|
|
|
|
#ifdef CONFIG_PPC_4K_PAGES
|
|
/*
|
|
* The OS can manage only 8 pkeys due to its inability to represent them
|
|
* in the Linux 4K PTE.
|
|
*/
|
|
os_reserved = pkeys_total - 8;
|
|
#else
|
|
os_reserved = 0;
|
|
#endif
|
|
/*
|
|
* Bits are in LE format. NOTE: 1, 0 are reserved.
|
|
* key 0 is the default key, which allows read/write/execute.
|
|
* key 1 is recommended not to be used. PowerISA(3.0) page 1015,
|
|
* programming note.
|
|
*/
|
|
initial_allocation_mask = ~0x0;
|
|
for (i = 2; i < (pkeys_total - os_reserved); i++)
|
|
initial_allocation_mask &= ~(0x1 << i);
|
|
return 0;
|
|
}
|
|
|
|
arch_initcall(pkey_initialize);
|
|
|
|
void pkey_mm_init(struct mm_struct *mm)
|
|
{
|
|
if (static_branch_likely(&pkey_disabled))
|
|
return;
|
|
mm_pkey_allocation_map(mm) = initial_allocation_mask;
|
|
}
|
|
|
|
static inline u64 read_amr(void)
|
|
{
|
|
return mfspr(SPRN_AMR);
|
|
}
|
|
|
|
static inline void write_amr(u64 value)
|
|
{
|
|
mtspr(SPRN_AMR, value);
|
|
}
|
|
|
|
static inline u64 read_iamr(void)
|
|
{
|
|
if (!likely(pkey_execute_disable_supported))
|
|
return 0x0UL;
|
|
|
|
return mfspr(SPRN_IAMR);
|
|
}
|
|
|
|
static inline void write_iamr(u64 value)
|
|
{
|
|
if (!likely(pkey_execute_disable_supported))
|
|
return;
|
|
|
|
mtspr(SPRN_IAMR, value);
|
|
}
|
|
|
|
static inline u64 read_uamor(void)
|
|
{
|
|
return mfspr(SPRN_UAMOR);
|
|
}
|
|
|
|
static inline void write_uamor(u64 value)
|
|
{
|
|
mtspr(SPRN_UAMOR, value);
|
|
}
|
|
|
|
static bool is_pkey_enabled(int pkey)
|
|
{
|
|
u64 uamor = read_uamor();
|
|
u64 pkey_bits = 0x3ul << pkeyshift(pkey);
|
|
u64 uamor_pkey_bits = (uamor & pkey_bits);
|
|
|
|
/*
|
|
* Both the bits in UAMOR corresponding to the key should be set or
|
|
* reset.
|
|
*/
|
|
WARN_ON(uamor_pkey_bits && (uamor_pkey_bits != pkey_bits));
|
|
return !!(uamor_pkey_bits);
|
|
}
|
|
|
|
static inline void init_amr(int pkey, u8 init_bits)
|
|
{
|
|
u64 new_amr_bits = (((u64)init_bits & 0x3UL) << pkeyshift(pkey));
|
|
u64 old_amr = read_amr() & ~((u64)(0x3ul) << pkeyshift(pkey));
|
|
|
|
write_amr(old_amr | new_amr_bits);
|
|
}
|
|
|
|
static inline void init_iamr(int pkey, u8 init_bits)
|
|
{
|
|
u64 new_iamr_bits = (((u64)init_bits & 0x1UL) << pkeyshift(pkey));
|
|
u64 old_iamr = read_iamr() & ~((u64)(0x1ul) << pkeyshift(pkey));
|
|
|
|
write_iamr(old_iamr | new_iamr_bits);
|
|
}
|
|
|
|
static void pkey_status_change(int pkey, bool enable)
|
|
{
|
|
u64 old_uamor;
|
|
|
|
/* Reset the AMR and IAMR bits for this key */
|
|
init_amr(pkey, 0x0);
|
|
init_iamr(pkey, 0x0);
|
|
|
|
/* Enable/disable key */
|
|
old_uamor = read_uamor();
|
|
if (enable)
|
|
old_uamor |= (0x3ul << pkeyshift(pkey));
|
|
else
|
|
old_uamor &= ~(0x3ul << pkeyshift(pkey));
|
|
write_uamor(old_uamor);
|
|
}
|
|
|
|
void __arch_activate_pkey(int pkey)
|
|
{
|
|
pkey_status_change(pkey, true);
|
|
}
|
|
|
|
void __arch_deactivate_pkey(int pkey)
|
|
{
|
|
pkey_status_change(pkey, false);
|
|
}
|
|
|
|
/*
|
|
* Set the access rights in AMR IAMR and UAMOR registers for @pkey to that
|
|
* specified in @init_val.
|
|
*/
|
|
int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
|
|
unsigned long init_val)
|
|
{
|
|
u64 new_amr_bits = 0x0ul;
|
|
u64 new_iamr_bits = 0x0ul;
|
|
|
|
if (!is_pkey_enabled(pkey))
|
|
return -EINVAL;
|
|
|
|
if (init_val & PKEY_DISABLE_EXECUTE) {
|
|
if (!pkey_execute_disable_supported)
|
|
return -EINVAL;
|
|
new_iamr_bits |= IAMR_EX_BIT;
|
|
}
|
|
init_iamr(pkey, new_iamr_bits);
|
|
|
|
/* Set the bits we need in AMR: */
|
|
if (init_val & PKEY_DISABLE_ACCESS)
|
|
new_amr_bits |= AMR_RD_BIT | AMR_WR_BIT;
|
|
else if (init_val & PKEY_DISABLE_WRITE)
|
|
new_amr_bits |= AMR_WR_BIT;
|
|
|
|
init_amr(pkey, new_amr_bits);
|
|
return 0;
|
|
}
|