pkeys.h (4279B)
1/* SPDX-License-Identifier: GPL-2.0+ */ 2/* 3 * PowerPC Memory Protection Keys management 4 * 5 * Copyright 2017, Ram Pai, IBM Corporation. 6 */ 7 8#ifndef _ASM_POWERPC_KEYS_H 9#define _ASM_POWERPC_KEYS_H 10 11#include <linux/jump_label.h> 12#include <asm/firmware.h> 13 14extern int num_pkey; 15extern u32 reserved_allocation_mask; /* bits set for reserved keys */ 16 17#define ARCH_VM_PKEY_FLAGS (VM_PKEY_BIT0 | VM_PKEY_BIT1 | VM_PKEY_BIT2 | \ 18 VM_PKEY_BIT3 | VM_PKEY_BIT4) 19 20/* Override any generic PKEY permission defines */ 21#define PKEY_DISABLE_EXECUTE 0x4 22#define PKEY_ACCESS_MASK (PKEY_DISABLE_ACCESS | \ 23 PKEY_DISABLE_WRITE | \ 24 PKEY_DISABLE_EXECUTE) 25 26#ifdef CONFIG_PPC_BOOK3S_64 27#include <asm/book3s/64/pkeys.h> 28#else 29#error "Not supported" 30#endif 31 32 33static inline u64 pkey_to_vmflag_bits(u16 pkey) 34{ 35 return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS); 36} 37 38static inline int vma_pkey(struct vm_area_struct *vma) 39{ 40 if (!mmu_has_feature(MMU_FTR_PKEY)) 41 return 0; 42 return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT; 43} 44 45static inline int arch_max_pkey(void) 46{ 47 return num_pkey; 48} 49 50#define pkey_alloc_mask(pkey) (0x1 << pkey) 51 52#define mm_pkey_allocation_map(mm) (mm->context.pkey_allocation_map) 53 54#define __mm_pkey_allocated(mm, pkey) { \ 55 mm_pkey_allocation_map(mm) |= pkey_alloc_mask(pkey); \ 56} 57 58#define __mm_pkey_free(mm, pkey) { \ 59 mm_pkey_allocation_map(mm) &= ~pkey_alloc_mask(pkey); \ 60} 61 62#define __mm_pkey_is_allocated(mm, pkey) \ 63 (mm_pkey_allocation_map(mm) & pkey_alloc_mask(pkey)) 64 65#define __mm_pkey_is_reserved(pkey) (reserved_allocation_mask & \ 66 pkey_alloc_mask(pkey)) 67 68static inline bool mm_pkey_is_allocated(struct mm_struct *mm, int pkey) 69{ 70 if (pkey < 0 || pkey >= arch_max_pkey()) 71 return false; 72 73 /* Reserved keys are never allocated. */ 74 if (__mm_pkey_is_reserved(pkey)) 75 return false; 76 77 return __mm_pkey_is_allocated(mm, pkey); 78} 79 80/* 81 * Returns a positive, 5-bit key on success, or -1 on failure. 82 * Relies on the mmap_lock to protect against concurrency in mm_pkey_alloc() and 83 * mm_pkey_free(). 84 */ 85static inline int mm_pkey_alloc(struct mm_struct *mm) 86{ 87 /* 88 * Note: this is the one and only place we make sure that the pkey is 89 * valid as far as the hardware is concerned. The rest of the kernel 90 * trusts that only good, valid pkeys come out of here. 91 */ 92 u32 all_pkeys_mask = (u32)(~(0x0)); 93 int ret; 94 95 if (!mmu_has_feature(MMU_FTR_PKEY)) 96 return -1; 97 /* 98 * Are we out of pkeys? We must handle this specially because ffz() 99 * behavior is undefined if there are no zeros. 100 */ 101 if (mm_pkey_allocation_map(mm) == all_pkeys_mask) 102 return -1; 103 104 ret = ffz((u32)mm_pkey_allocation_map(mm)); 105 __mm_pkey_allocated(mm, ret); 106 107 return ret; 108} 109 110static inline int mm_pkey_free(struct mm_struct *mm, int pkey) 111{ 112 if (!mmu_has_feature(MMU_FTR_PKEY)) 113 return -1; 114 115 if (!mm_pkey_is_allocated(mm, pkey)) 116 return -EINVAL; 117 118 __mm_pkey_free(mm, pkey); 119 120 return 0; 121} 122 123/* 124 * Try to dedicate one of the protection keys to be used as an 125 * execute-only protection key. 126 */ 127extern int execute_only_pkey(struct mm_struct *mm); 128extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma, 129 int prot, int pkey); 130static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma, 131 int prot, int pkey) 132{ 133 if (!mmu_has_feature(MMU_FTR_PKEY)) 134 return 0; 135 136 /* 137 * Is this an mprotect_pkey() call? If so, never override the value that 138 * came from the user. 139 */ 140 if (pkey != -1) 141 return pkey; 142 143 return __arch_override_mprotect_pkey(vma, prot, pkey); 144} 145 146extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey, 147 unsigned long init_val); 148static inline int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, 149 unsigned long init_val) 150{ 151 if (!mmu_has_feature(MMU_FTR_PKEY)) 152 return -EINVAL; 153 154 /* 155 * userspace should not change pkey-0 permissions. 156 * pkey-0 is associated with every page in the kernel. 157 * If userspace denies any permission on pkey-0, the 158 * kernel cannot operate. 159 */ 160 if (pkey == 0) 161 return init_val ? -EINVAL : 0; 162 163 return __arch_set_user_pkey_access(tsk, pkey, init_val); 164} 165 166static inline bool arch_pkeys_enabled(void) 167{ 168 return mmu_has_feature(MMU_FTR_PKEY); 169} 170 171extern void pkey_mm_init(struct mm_struct *mm); 172#endif /*_ASM_POWERPC_KEYS_H */