Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/arch/powerpc/mm/book3s64/pkeys.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0+
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * PowerPC Memory Protection Keys management
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Copyright 2017, Ram Pai, IBM Corporation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) #include <asm/mman.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <asm/mmu_context.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <asm/mmu.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <asm/setup.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <linux/pkeys.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <linux/of_fdt.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) int  num_pkey;		/* Max number of pkeys supported */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17)  *  Keys marked in the reservation list cannot be allocated by  userspace
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) u32 reserved_allocation_mask __ro_after_init;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) /* Bits set for the initially allocated keys */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) static u32 initial_allocation_mask __ro_after_init;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25)  * Even if we allocate keys with sys_pkey_alloc(), we need to make sure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26)  * other thread still find the access denied using the same keys.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) static u64 default_amr = ~0x0UL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) static u64 default_iamr = 0x5555555555555555UL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) u64 default_uamor __ro_after_init;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32)  * Key used to implement PROT_EXEC mmap. Denies READ/WRITE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33)  * We pick key 2 because 0 is special key and 1 is reserved as per ISA.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) static int execute_only_key = 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) static bool pkey_execute_disable_supported;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) #define AMR_BITS_PER_PKEY 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) #define AMR_RD_BIT 0x1UL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) #define AMR_WR_BIT 0x2UL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) #define IAMR_EX_BIT 0x1UL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) #define PKEY_REG_BITS (sizeof(u64) * 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) #define pkeyshift(pkey) (PKEY_REG_BITS - ((pkey+1) * AMR_BITS_PER_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) static int __init dt_scan_storage_keys(unsigned long node,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 				       const char *uname, int depth,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 				       void *data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	const char *type = of_get_flat_dt_prop(node, "device_type", NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	const __be32 *prop;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	int *pkeys_total = (int *) data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	/* We are scanning "cpu" nodes only */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	if (type == NULL || strcmp(type, "cpu") != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	prop = of_get_flat_dt_prop(node, "ibm,processor-storage-keys", NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	if (!prop)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	*pkeys_total = be32_to_cpu(prop[0]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 	return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) static int scan_pkey_feature(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	int pkeys_total = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	 * Pkey is not supported with Radix translation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	if (early_radix_enabled())
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	ret = of_scan_flat_dt(dt_scan_storage_keys, &pkeys_total);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	if (ret == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 		/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 		 * Let's assume 32 pkeys on P8/P9 bare metal, if its not defined by device
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 		 * tree. We make this exception since some version of skiboot forgot to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 		 * expose this property on power8/9.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 		if (!firmware_has_feature(FW_FEATURE_LPAR)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 			unsigned long pvr = mfspr(SPRN_PVR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 			if (PVR_VER(pvr) == PVR_POWER8 || PVR_VER(pvr) == PVR_POWER8E ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 			    PVR_VER(pvr) == PVR_POWER8NVL || PVR_VER(pvr) == PVR_POWER9)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 				pkeys_total = 32;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	 * Adjust the upper limit, based on the number of bits supported by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	 * arch-neutral code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	pkeys_total = min_t(int, pkeys_total,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 			    ((ARCH_VM_PKEY_FLAGS >> VM_PKEY_SHIFT) + 1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	return pkeys_total;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) void __init pkey_early_init_devtree(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 	int pkeys_total, i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 	 * We define PKEY_DISABLE_EXECUTE in addition to the arch-neutral
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	 * generic defines for PKEY_DISABLE_ACCESS and PKEY_DISABLE_WRITE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	 * Ensure that the bits a distinct.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	BUILD_BUG_ON(PKEY_DISABLE_EXECUTE &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 		     (PKEY_DISABLE_ACCESS | PKEY_DISABLE_WRITE));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	 * pkey_to_vmflag_bits() assumes that the pkey bits are contiguous
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 	 * in the vmaflag. Make sure that is really the case.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 	BUILD_BUG_ON(__builtin_clzl(ARCH_VM_PKEY_FLAGS >> VM_PKEY_SHIFT) +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 		     __builtin_popcountl(ARCH_VM_PKEY_FLAGS >> VM_PKEY_SHIFT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 				!= (sizeof(u64) * BITS_PER_BYTE));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	 * Only P7 and above supports SPRN_AMR update with MSR[PR] = 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	if (!early_cpu_has_feature(CPU_FTR_ARCH_206))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	/* scan the device tree for pkey feature */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	pkeys_total = scan_pkey_feature();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 	if (!pkeys_total)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	/* Allow all keys to be modified by default */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 	default_uamor = ~0x0UL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 	cur_cpu_spec->mmu_features |= MMU_FTR_PKEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 	 * The device tree cannot be relied to indicate support for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 	 * execute_disable support. Instead we use a PVR check.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 	if (pvr_version_is(PVR_POWER7) || pvr_version_is(PVR_POWER7p))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 		pkey_execute_disable_supported = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 	else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 		pkey_execute_disable_supported = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) #ifdef CONFIG_PPC_4K_PAGES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 	 * The OS can manage only 8 pkeys due to its inability to represent them
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 	 * in the Linux 4K PTE. Mark all other keys reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 	num_pkey = min(8, pkeys_total);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 	num_pkey = pkeys_total;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	if (unlikely(num_pkey <= execute_only_key) || !pkey_execute_disable_supported) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 		/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 		 * Insufficient number of keys to support
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 		 * execute only key. Mark it unavailable.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 		execute_only_key = -1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 		/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 		 * Mark the execute_only_pkey as not available for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 		 * user allocation via pkey_alloc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 		reserved_allocation_mask |= (0x1 << execute_only_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) 		/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 		 * Deny READ/WRITE for execute_only_key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 		 * Allow execute in IAMR.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 		default_amr  |= (0x3ul << pkeyshift(execute_only_key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 		default_iamr &= ~(0x1ul << pkeyshift(execute_only_key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 		/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 		 * Clear the uamor bits for this key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 		default_uamor &= ~(0x3ul << pkeyshift(execute_only_key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 	 * Allow access for only key 0. And prevent any other modification.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 	default_amr   &= ~(0x3ul << pkeyshift(0));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 	default_iamr  &= ~(0x1ul << pkeyshift(0));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 	default_uamor &= ~(0x3ul << pkeyshift(0));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 	 * key 0 is special in that we want to consider it an allocated
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 	 * key which is preallocated. We don't allow changing AMR bits
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	 * w.r.t key 0. But one can pkey_free(key0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) 	initial_allocation_mask |= (0x1 << 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 	 * key 1 is recommended not to be used. PowerISA(3.0) page 1015,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 	 * programming note.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) 	reserved_allocation_mask |= (0x1 << 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 	default_uamor &= ~(0x3ul << pkeyshift(1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 	 * Prevent the usage of OS reserved keys. Update UAMOR
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 	 * for those keys. Also mark the rest of the bits in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 	 * 32 bit mask as reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 	for (i = num_pkey; i < 32 ; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 		reserved_allocation_mask |= (0x1 << i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 		default_uamor &= ~(0x3ul << pkeyshift(i));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 	 * Prevent the allocation of reserved keys too.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) 	initial_allocation_mask |= reserved_allocation_mask;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 	pr_info("Enabling pkeys with max key count %d\n", num_pkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 	 * Setup uamor on boot cpu
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	mtspr(SPRN_UAMOR, default_uamor);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) void pkey_mm_init(struct mm_struct *mm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 	mm_pkey_allocation_map(mm) = initial_allocation_mask;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 	mm->context.execute_only_pkey = execute_only_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) static inline u64 read_amr(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	return mfspr(SPRN_AMR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) static inline void write_amr(u64 value)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	mtspr(SPRN_AMR, value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) static inline u64 read_iamr(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 	if (!likely(pkey_execute_disable_supported))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 		return 0x0UL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	return mfspr(SPRN_IAMR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) static inline void write_iamr(u64 value)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 	if (!likely(pkey_execute_disable_supported))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 	mtspr(SPRN_IAMR, value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) static inline void init_amr(int pkey, u8 init_bits)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 	u64 new_amr_bits = (((u64)init_bits & 0x3UL) << pkeyshift(pkey));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) 	u64 old_amr = read_amr() & ~((u64)(0x3ul) << pkeyshift(pkey));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	write_amr(old_amr | new_amr_bits);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) static inline void init_iamr(int pkey, u8 init_bits)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) 	u64 new_iamr_bits = (((u64)init_bits & 0x1UL) << pkeyshift(pkey));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) 	u64 old_iamr = read_iamr() & ~((u64)(0x1ul) << pkeyshift(pkey));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) 	write_iamr(old_iamr | new_iamr_bits);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277)  * Set the access rights in AMR IAMR and UAMOR registers for @pkey to that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278)  * specified in @init_val.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 				unsigned long init_val)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) 	u64 new_amr_bits = 0x0ul;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 	u64 new_iamr_bits = 0x0ul;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 	u64 pkey_bits, uamor_pkey_bits;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) 	 * Check whether the key is disabled by UAMOR.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) 	pkey_bits = 0x3ul << pkeyshift(pkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) 	uamor_pkey_bits = (default_uamor & pkey_bits);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) 	 * Both the bits in UAMOR corresponding to the key should be set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) 	if (uamor_pkey_bits != pkey_bits)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) 	if (init_val & PKEY_DISABLE_EXECUTE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) 		if (!pkey_execute_disable_supported)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) 			return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) 		new_iamr_bits |= IAMR_EX_BIT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) 	init_iamr(pkey, new_iamr_bits);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) 	/* Set the bits we need in AMR: */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) 	if (init_val & PKEY_DISABLE_ACCESS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) 		new_amr_bits |= AMR_RD_BIT | AMR_WR_BIT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) 	else if (init_val & PKEY_DISABLE_WRITE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) 		new_amr_bits |= AMR_WR_BIT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) 	init_amr(pkey, new_amr_bits);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) void thread_pkey_regs_save(struct thread_struct *thread)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) 	 * TODO: Skip saving registers if @thread hasn't used any keys yet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) 	thread->amr = read_amr();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) 	thread->iamr = read_iamr();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) void thread_pkey_regs_restore(struct thread_struct *new_thread,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) 			      struct thread_struct *old_thread)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) 	if (old_thread->amr != new_thread->amr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) 		write_amr(new_thread->amr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) 	if (old_thread->iamr != new_thread->iamr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) 		write_iamr(new_thread->iamr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) void thread_pkey_regs_init(struct thread_struct *thread)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) 	thread->amr   = default_amr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) 	thread->iamr  = default_iamr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) 	write_amr(default_amr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) 	write_iamr(default_iamr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) int execute_only_pkey(struct mm_struct *mm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) 	return mm->context.execute_only_pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) static inline bool vma_is_pkey_exec_only(struct vm_area_struct *vma)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) 	/* Do this check first since the vm_flags should be hot */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) 	if ((vma->vm_flags & VM_ACCESS_FLAGS) != VM_EXEC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) 		return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) 	return (vma_pkey(vma) == vma->vm_mm->context.execute_only_pkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367)  * This should only be called for *plain* mprotect calls.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) 				  int pkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) 	 * If the currently associated pkey is execute-only, but the requested
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) 	 * protection is not execute-only, move it back to the default pkey.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) 	if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) 	 * The requested protection is execute-only. Hence let's use an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) 	 * execute-only pkey.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) 	if (prot == PROT_EXEC) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) 		pkey = execute_only_pkey(vma->vm_mm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) 		if (pkey > 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) 			return pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) 	/* Nothing to override. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) 	return vma_pkey(vma);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) static bool pkey_access_permitted(int pkey, bool write, bool execute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) 	int pkey_shift;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) 	u64 amr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) 	pkey_shift = pkeyshift(pkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) 	if (execute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) 		return !(read_iamr() & (IAMR_EX_BIT << pkey_shift));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) 	amr = read_amr();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) 	if (write)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) 		return !(amr & (AMR_WR_BIT << pkey_shift));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) 	return !(amr & (AMR_RD_BIT << pkey_shift));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) bool arch_pte_access_permitted(u64 pte, bool write, bool execute)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) 		return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) 	return pkey_access_permitted(pte_to_pkey_bits(pte), write, execute);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418)  * We only want to enforce protection keys on the current thread because we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419)  * effectively have no access to AMR/IAMR for other threads or any way to tell
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420)  * which AMR/IAMR in a threaded process we could use.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422)  * So do not enforce things if the VMA is not from the current mm, or if we are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423)  * in a kernel thread.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) bool arch_vma_access_permitted(struct vm_area_struct *vma, bool write,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) 			       bool execute, bool foreign)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) 		return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) 	 * Do not enforce our key-permissions on a foreign vma.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) 	if (foreign || vma_is_foreign(vma))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) 		return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) 	return pkey_access_permitted(vma_pkey(vma), write, execute);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) void arch_dup_pkeys(struct mm_struct *oldmm, struct mm_struct *mm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) 	if (!mmu_has_feature(MMU_FTR_PKEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) 	/* Duplicate the oldmm pkey state in mm: */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) 	mm_pkey_allocation_map(mm) = mm_pkey_allocation_map(oldmm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) 	mm->context.execute_only_pkey = oldmm->context.execute_only_pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.