Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte

[RFC v6 00/62] powerpc: Memory Protection Keys · Ram Pai <hidden> · 2017-07-16
[RFC v6 02/62] powerpc: Free up four 64K PTE bits in 64K backed HPTE pages · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 02/62] powerpc: Free up four 64K PTE bits in 64K backed HPTE pages · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 04/62] powerpc: introduce pte_get_hash_gslot() helper · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 04/62] powerpc: introduce pte_get_hash_gslot() helper · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 06/62] powerpc: use helper functions in __hash_page_64K() for 64K PTE · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 06/62] powerpc: use helper functions in __hash_page_64K() for 64K PTE · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 10/62] powerpc: use helper functions in flush_hash_page() · Ram Pai <hidden> · 2017-07-16
[RFC v6 11/62] powerpc: initial pkey plumbing · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 11/62] powerpc: initial pkey plumbing · Aneesh Kumar K.V <hidden> · 2017-07-20
Re: [RFC v6 11/62] powerpc: initial pkey plumbing · Ram Pai <hidden> · 2017-07-20
[RFC v6 13/62] powerpc: track allocation status of all pkeys · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 13/62] powerpc: track allocation status of all pkeys · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 13/62] powerpc: track allocation status of all pkeys · Ram Pai <hidden> · 2017-07-29
Re: [RFC v6 13/62] powerpc: track allocation status of all pkeys · Thiago Jung Bauermann <hidden> · 2017-07-31
[RFC v6 15/62] powerpc: helper functions to initialize AMR, IAMR and UMOR registers · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 15/62] powerpc: helper functions to initialize AMR, IAMR and UMOR registers · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 15/62] powerpc: helper functions to initialize AMR, IAMR and UMOR registers · Ram Pai <hidden> · 2017-07-30
[RFC v6 17/62] powerpc: implementation for arch_set_user_pkey_access() · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 17/62] powerpc: implementation for arch_set_user_pkey_access() · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 17/62] powerpc: implementation for arch_set_user_pkey_access() · Ram Pai <hidden> · 2017-07-29
[RFC v6 19/62] powerpc: ability to create execute-disabled pkeys · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 19/62] powerpc: ability to create execute-disabled pkeys · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 19/62] powerpc: ability to create execute-disabled pkeys · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 19/62] powerpc: ability to create execute-disabled pkeys · Ram Pai <hidden> · 2017-07-29
Re: [RFC v6 19/62] powerpc: ability to create execute-disabled pkeys · Michael Ellerman <mpe@ellerman.id.au> · 2017-07-31
[RFC v6 22/62] powerpc: ability to associate pkey to a vma · Ram Pai <hidden> · 2017-07-16
[RFC v6 23/62] powerpc: implementation for arch_override_mprotect_pkey() · Ram Pai <hidden> · 2017-07-16
[RFC v6 26/62] powerpc: Program HPTE key protection bits · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 26/62] powerpc: Program HPTE key protection bits · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 29/62] powerpc: Macro the mask used for checking DSI exception · Ram Pai <hidden> · 2017-07-16
[RFC v6 31/62] powerpc: Handle exceptions caused by pkey violation · Ram Pai <hidden> · 2017-07-16
[RFC v6 33/62] powerpc: introduce get_pte_pkey() helper · Ram Pai <hidden> · 2017-07-16
[RFC v6 37/62] x86: implementation for arch_pkeys_enabled() · Ram Pai <hidden> · 2017-07-16
[RFC v6 36/62] mm: introduce arch_pkeys_enabled() · Ram Pai <hidden> · 2017-07-16
[RFC v6 35/62] powerpc: Deliver SEGV signal on pkey violation · Ram Pai <hidden> · 2017-07-16
[RFC v6 41/62] selftest/x86: Move protecton key selftest to arch neutral directory · Ram Pai <hidden> · 2017-07-16
[RFC v6 42/62] selftest/vm: rename all references to pkru to a generic name · Ram Pai <hidden> · 2017-07-16
[RFC v6 43/62] selftest/vm: move generic definitions to header file · Ram Pai <hidden> · 2017-07-16
[RFC v6 46/62] selftest/vm: fix the wrong assert in pkey_disable_set() · Ram Pai <hidden> · 2017-07-16
[RFC v6 47/62] selftest/vm: fixed bugs in pkey_disable_clear() · Ram Pai <hidden> · 2017-07-16
[RFC v6 49/62] selftest/vm: fix alloc_random_pkey() to make it really random · Ram Pai <hidden> · 2017-07-16
[RFC v6 51/62] selftest/vm: pkey register should match shadow pkey · Ram Pai <hidden> · 2017-07-16
[RFC v6 54/62] selftest/vm: fix an assertion in test_pkey_alloc_exhaust() · Ram Pai <hidden> · 2017-07-16
[RFC v6 53/62] selftest/vm: powerpc implementation for generic abstraction · Ram Pai <hidden> · 2017-07-16
[RFC v6 56/62] selftest/vm: detect no key violation on a freed key · Ram Pai <hidden> · 2017-07-16
[RFC v6 59/62] selftest/vm: detect write violation on a mapped access-denied-key page · Ram Pai <hidden> · 2017-07-16
[RFC v6 61/62] Documentation/x86: Move protecton key documentation to arch neutral directory · Ram Pai <hidden> · 2017-07-16
[RFC v6 62/62] Documentation/vm: PowerPC specific updates to memory protection keys · Ram Pai <hidden> · 2017-07-16
[RFC v6 60/62] selftest/vm: sub-page allocator · Ram Pai <hidden> · 2017-07-16
[RFC v6 58/62] selftest/vm: detect no write key-violation on a freed key · Ram Pai <hidden> · 2017-07-16
[RFC v6 57/62] selftest/vm: associate key on a mapped page and detect write violation · Ram Pai <hidden> · 2017-07-16
[RFC v6 55/62] selftest/vm: associate key on a mapped page and detect access violation · Ram Pai <hidden> · 2017-07-16
[RFC v6 52/62] selftest/vm: generic cleanup · Ram Pai <hidden> · 2017-07-16
[RFC v6 50/62] selftest/vm: introduce two arch independent abstraction · Ram Pai <hidden> · 2017-07-16
[RFC v6 48/62] selftest/vm: clear the bits in shadow reg when a pkey is freed. · Ram Pai <hidden> · 2017-07-16
[RFC v6 45/62] selftest/vm: generics function to handle shadow key register · Ram Pai <hidden> · 2017-07-16
[RFC v6 44/62] selftest/vm: typecast the pkey register · Ram Pai <hidden> · 2017-07-16
[RFC v6 40/62] x86: delete arch_show_smap() · Ram Pai <hidden> · 2017-07-16
[RFC v6 39/62] mm: display pkey in smaps if arch_pkeys_enabled() is true · Ram Pai <hidden> · 2017-07-16
[RFC v6 38/62] powerpc: implementation for arch_pkeys_enabled() · Ram Pai <hidden> · 2017-07-16
[RFC v6 34/62] powerpc: capture the violated protection key on fault · Ram Pai <hidden> · 2017-07-16
[RFC v6 32/62] powerpc: capture AMR register content on pkey violation · Ram Pai <hidden> · 2017-07-16
[RFC v6 30/62] powerpc: implementation for arch_vma_access_permitted() · Ram Pai <hidden> · 2017-07-16
[RFC v6 28/62] powerpc: check key protection for user page access · Ram Pai <hidden> · 2017-07-16
[RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Aneesh Kumar K.V <hidden> · 2017-07-20
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Ram Pai <hidden> · 2017-07-20
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Aneesh Kumar K.V <hidden> · 2017-07-21
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Ram Pai <hidden> · 2017-07-21
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Thiago Jung Bauermann <hidden> · 2017-07-28
Re: [RFC v6 27/62] powerpc: helper to validate key-access permissions of a pte · Ram Pai <hidden> · 2017-07-30
[RFC v6 25/62] powerpc: sys_pkey_mprotect() system call · Ram Pai <hidden> · 2017-07-16
[RFC v6 24/62] powerpc: map vma key-protection bits to pte key bits. · Ram Pai <hidden> · 2017-07-16
[RFC v6 21/62] powerpc: introduce execute-only pkey · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Thiago Jung Bauermann <hidden> · 2017-07-28
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Ram Pai <hidden> · 2017-07-30
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Thiago Jung Bauermann <hidden> · 2017-07-31
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Michael Ellerman <mpe@ellerman.id.au> · 2017-08-01
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Thiago Jung Bauermann <hidden> · 2017-08-01
Re: [RFC v6 21/62] powerpc: introduce execute-only pkey · Michael Ellerman <mpe@ellerman.id.au> · 2017-08-02
[RFC v6 20/62] powerpc: store and restore the pkey state across context switches · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 20/62] powerpc: store and restore the pkey state across context switches · Thiago Jung Bauermann <hidden> · 2017-07-27
Re: [RFC v6 20/62] powerpc: store and restore the pkey state across context switches · Ram Pai <hidden> · 2017-07-29
Re: [RFC v6 20/62] powerpc: store and restore the pkey state across context switches · Michael Ellerman <mpe@ellerman.id.au> · 2017-07-31
[RFC v6 18/62] powerpc: sys_pkey_alloc() and sys_pkey_free() system calls · Ram Pai <hidden> · 2017-07-16
[RFC v6 16/62] powerpc: cleaup AMR,iAMR when a key is allocated or freed · Ram Pai <hidden> · 2017-07-16
[RFC v6 14/62] powerpc: helper function to read,write AMR,IAMR,UAMOR registers · Ram Pai <hidden> · 2017-07-16
[RFC v6 12/62] mm: introduce an additional vma bit for powerpc pkey · Ram Pai <hidden> · 2017-07-16
[RFC v6 09/62] powerpc: use helper functions in __hash_page_4K() for 4K PTE · Ram Pai <hidden> · 2017-07-16
[RFC v6 07/62] powerpc: use helper functions in __hash_page_huge() for 64K PTE · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 07/62] powerpc: use helper functions in __hash_page_huge() for 64K PTE · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 08/62] powerpc: use helper functions in __hash_page_4K() for 64K PTE · Ram Pai <hidden> · 2017-07-16
[RFC v6 05/62] powerpc: capture the PTE format changes in the dump pte report · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 05/62] powerpc: capture the PTE format changes in the dump pte report · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 03/62] powerpc: introduce pte_set_hash_slot() helper · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 03/62] powerpc: introduce pte_set_hash_slot() helper · Aneesh Kumar K.V <hidden> · 2017-07-20
[RFC v6 01/62] powerpc: Free up four 64K PTE bits in 4K backed HPTE pages · Ram Pai <hidden> · 2017-07-16
Re: [RFC v6 01/62] powerpc: Free up four 64K PTE bits in 4K backed HPTE pages · Aneesh Kumar K.V <hidden> · 2017-07-20
Re: [RFC v6 01/62] powerpc: Free up four 64K PTE bits in 4K backed HPTE pages · Ram Pai <hidden> · 2017-07-20

From: Ram Pai <hidden>
Date: 2017-07-21 16:42:51
Also in: linux-arch, linux-mm, lkml

On Fri, Jul 21, 2017 at 12:21:50PM +0530, Aneesh Kumar K.V wrote:

Ram Pai [off-list ref] writes:

quoted

On Thu, Jul 20, 2017 at 12:12:47PM +0530, Aneesh Kumar K.V wrote:

quoted

Ram Pai [off-list ref] writes:

quoted

helper function that checks if the read/write/execute is allowed
on the pte.

Signed-off-by: Ram Pai <redacted>
---
 arch/powerpc/include/asm/book3s/64/pgtable.h |    4 +++
 arch/powerpc/include/asm/pkeys.h             |   12 +++++++++
 arch/powerpc/mm/pkeys.c                      |   33 ++++++++++++++++++++++++++
 3 files changed, 49 insertions(+), 0 deletions(-)

diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h
index 30d7f55..0056e58 100644
--- a/arch/powerpc/include/asm/book3s/64/pgtable.h
+++ b/arch/powerpc/include/asm/book3s/64/pgtable.h

@@ -472,6 +472,10 @@ static inline void write_uamor(u64 value)
 	mtspr(SPRN_UAMOR, value);
 }

+#ifdef CONFIG_PPC64_MEMORY_PROTECTION_KEYS
+extern bool arch_pte_access_permitted(u64 pte, bool write, bool execute);
+#endif /* CONFIG_PPC64_MEMORY_PROTECTION_KEYS */
+
 #define __HAVE_ARCH_PTEP_GET_AND_CLEAR
 static inline pte_t ptep_get_and_clear(struct mm_struct *mm,
 				       unsigned long addr, pte_t *ptep)

diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h
index bbb5d85..7a9aade 100644
--- a/arch/powerpc/include/asm/pkeys.h
+++ b/arch/powerpc/include/asm/pkeys.h

@@ -53,6 +53,18 @@ static inline u64 pte_to_hpte_pkey_bits(u64 pteflags)
 		((pteflags & H_PAGE_PKEY_BIT4) ? HPTE_R_KEY_BIT4 : 0x0UL));
 }

+static inline u16 pte_to_pkey_bits(u64 pteflags)
+{
+	if (!pkey_inited)
+		return 0x0UL;

Do we really need that above check ? We should always find it
peky_inited to be set.

Yes. there are cases where pkey_inited is not enabled. 
a) if the MMU is radix.

That should be be a feature check

quoted

b) if the PAGE size is 4k.

That is a kernel config change

quoted

c) if the device tree says the feature is not available
d) if the CPU is of a older generation. P6 and older.

Both feature check.

how about doing something like

static inline u16 pte_to_pkey_bits(u64 pteflags)
{
	if (!(pteflags & H_PAGE_KEY_MASK))
		return 0x0UL;

This check accomplishes the same thing as the return below.
When (pteflag & H_PAGE_KEY_MASK) is 0,
the code below returns the same 0x0UL.

	return (((pteflags & H_PAGE_PKEY_BIT0) ? 0x10 : 0x0UL) |
		((pteflags & H_PAGE_PKEY_BIT1) ? 0x8 : 0x0UL) |
		((pteflags & H_PAGE_PKEY_BIT2) ? 0x4 : 0x0UL) |
		((pteflags & H_PAGE_PKEY_BIT3) ? 0x2 : 0x0UL) |
		((pteflags & H_PAGE_PKEY_BIT4) ? 0x1 : 0x0UL));
}

The idea  behind
	       if (!pkey_inited)
	               return 0x0UL;

was to not interpret the ptebits if we knew they were not initialized
to begin with. 


-- 
Ram Pai

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help