pkeys.h - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
pkeys.h (4279B)
      1/* SPDX-License-Identifier: GPL-2.0+ */
      2/*
      3 * PowerPC Memory Protection Keys management
      4 *
      5 * Copyright 2017, Ram Pai, IBM Corporation.
      6 */
      7
      8#ifndef _ASM_POWERPC_KEYS_H
      9#define _ASM_POWERPC_KEYS_H
     10
     11#include <linux/jump_label.h>
     12#include <asm/firmware.h>
     13
     14extern int num_pkey;
     15extern u32 reserved_allocation_mask; /* bits set for reserved keys */
     16
     17#define ARCH_VM_PKEY_FLAGS (VM_PKEY_BIT0 | VM_PKEY_BIT1 | VM_PKEY_BIT2 | \
     18			    VM_PKEY_BIT3 | VM_PKEY_BIT4)
     19
     20/* Override any generic PKEY permission defines */
     21#define PKEY_DISABLE_EXECUTE   0x4
     22#define PKEY_ACCESS_MASK       (PKEY_DISABLE_ACCESS | \
     23				PKEY_DISABLE_WRITE  | \
     24				PKEY_DISABLE_EXECUTE)
     25
     26#ifdef CONFIG_PPC_BOOK3S_64
     27#include <asm/book3s/64/pkeys.h>
     28#else
     29#error "Not supported"
     30#endif
     31
     32
     33static inline u64 pkey_to_vmflag_bits(u16 pkey)
     34{
     35	return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS);
     36}
     37
     38static inline int vma_pkey(struct vm_area_struct *vma)
     39{
     40	if (!mmu_has_feature(MMU_FTR_PKEY))
     41		return 0;
     42	return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT;
     43}
     44
     45static inline int arch_max_pkey(void)
     46{
     47	return num_pkey;
     48}
     49
     50#define pkey_alloc_mask(pkey) (0x1 << pkey)
     51
     52#define mm_pkey_allocation_map(mm) (mm->context.pkey_allocation_map)
     53
     54#define __mm_pkey_allocated(mm, pkey) {	\
     55	mm_pkey_allocation_map(mm) |= pkey_alloc_mask(pkey); \
     56}
     57
     58#define __mm_pkey_free(mm, pkey) {	\
     59	mm_pkey_allocation_map(mm) &= ~pkey_alloc_mask(pkey);	\
     60}
     61
     62#define __mm_pkey_is_allocated(mm, pkey)	\
     63	(mm_pkey_allocation_map(mm) & pkey_alloc_mask(pkey))
     64
     65#define __mm_pkey_is_reserved(pkey) (reserved_allocation_mask & \
     66				       pkey_alloc_mask(pkey))
     67
     68static inline bool mm_pkey_is_allocated(struct mm_struct *mm, int pkey)
     69{
     70	if (pkey < 0 || pkey >= arch_max_pkey())
     71		return false;
     72
     73	/* Reserved keys are never allocated. */
     74	if (__mm_pkey_is_reserved(pkey))
     75		return false;
     76
     77	return __mm_pkey_is_allocated(mm, pkey);
     78}
     79
     80/*
     81 * Returns a positive, 5-bit key on success, or -1 on failure.
     82 * Relies on the mmap_lock to protect against concurrency in mm_pkey_alloc() and
     83 * mm_pkey_free().
     84 */
     85static inline int mm_pkey_alloc(struct mm_struct *mm)
     86{
     87	/*
     88	 * Note: this is the one and only place we make sure that the pkey is
     89	 * valid as far as the hardware is concerned. The rest of the kernel
     90	 * trusts that only good, valid pkeys come out of here.
     91	 */
     92	u32 all_pkeys_mask = (u32)(~(0x0));
     93	int ret;
     94
     95	if (!mmu_has_feature(MMU_FTR_PKEY))
     96		return -1;
     97	/*
     98	 * Are we out of pkeys? We must handle this specially because ffz()
     99	 * behavior is undefined if there are no zeros.
    100	 */
    101	if (mm_pkey_allocation_map(mm) == all_pkeys_mask)
    102		return -1;
    103
    104	ret = ffz((u32)mm_pkey_allocation_map(mm));
    105	__mm_pkey_allocated(mm, ret);
    106
    107	return ret;
    108}
    109
    110static inline int mm_pkey_free(struct mm_struct *mm, int pkey)
    111{
    112	if (!mmu_has_feature(MMU_FTR_PKEY))
    113		return -1;
    114
    115	if (!mm_pkey_is_allocated(mm, pkey))
    116		return -EINVAL;
    117
    118	__mm_pkey_free(mm, pkey);
    119
    120	return 0;
    121}
    122
    123/*
    124 * Try to dedicate one of the protection keys to be used as an
    125 * execute-only protection key.
    126 */
    127extern int execute_only_pkey(struct mm_struct *mm);
    128extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma,
    129					 int prot, int pkey);
    130static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma,
    131					      int prot, int pkey)
    132{
    133	if (!mmu_has_feature(MMU_FTR_PKEY))
    134		return 0;
    135
    136	/*
    137	 * Is this an mprotect_pkey() call? If so, never override the value that
    138	 * came from the user.
    139	 */
    140	if (pkey != -1)
    141		return pkey;
    142
    143	return __arch_override_mprotect_pkey(vma, prot, pkey);
    144}
    145
    146extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
    147				       unsigned long init_val);
    148static inline int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
    149					    unsigned long init_val)
    150{
    151	if (!mmu_has_feature(MMU_FTR_PKEY))
    152		return -EINVAL;
    153
    154	/*
    155	 * userspace should not change pkey-0 permissions.
    156	 * pkey-0 is associated with every page in the kernel.
    157	 * If userspace denies any permission on pkey-0, the
    158	 * kernel cannot operate.
    159	 */
    160	if (pkey == 0)
    161		return init_val ? -EINVAL : 0;
    162
    163	return __arch_set_user_pkey_access(tsk, pkey, init_val);
    164}
    165
    166static inline bool arch_pkeys_enabled(void)
    167{
    168	return mmu_has_feature(MMU_FTR_PKEY);
    169}
    170
    171extern void pkey_mm_init(struct mm_struct *mm);
    172#endif /*_ASM_POWERPC_KEYS_H */