xref: /openbmc/linux/arch/powerpc/include/asm/pkeys.h (revision 29c37341)
1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3  * PowerPC Memory Protection Keys management
4  *
5  * Copyright 2017, Ram Pai, IBM Corporation.
6  */
7 
8 #ifndef _ASM_POWERPC_KEYS_H
9 #define _ASM_POWERPC_KEYS_H
10 
11 #include <linux/jump_label.h>
12 #include <asm/firmware.h>
13 
14 extern int num_pkey;
15 extern u32 reserved_allocation_mask; /* bits set for reserved keys */
16 
17 #define ARCH_VM_PKEY_FLAGS (VM_PKEY_BIT0 | VM_PKEY_BIT1 | VM_PKEY_BIT2 | \
18 			    VM_PKEY_BIT3 | VM_PKEY_BIT4)
19 
20 /* Override any generic PKEY permission defines */
21 #define PKEY_DISABLE_EXECUTE   0x4
22 #define PKEY_ACCESS_MASK       (PKEY_DISABLE_ACCESS | \
23 				PKEY_DISABLE_WRITE  | \
24 				PKEY_DISABLE_EXECUTE)
25 
26 #ifdef CONFIG_PPC_BOOK3S_64
27 #include <asm/book3s/64/pkeys.h>
28 #else
29 #error "Not supported"
30 #endif
31 
32 
33 static inline u64 pkey_to_vmflag_bits(u16 pkey)
34 {
35 	return (((u64)pkey << VM_PKEY_SHIFT) & ARCH_VM_PKEY_FLAGS);
36 }
37 
38 static inline int vma_pkey(struct vm_area_struct *vma)
39 {
40 	if (!mmu_has_feature(MMU_FTR_PKEY))
41 		return 0;
42 	return (vma->vm_flags & ARCH_VM_PKEY_FLAGS) >> VM_PKEY_SHIFT;
43 }
44 
45 static inline int arch_max_pkey(void)
46 {
47 	return num_pkey;
48 }
49 
50 #define pkey_alloc_mask(pkey) (0x1 << pkey)
51 
52 #define mm_pkey_allocation_map(mm) (mm->context.pkey_allocation_map)
53 
54 #define __mm_pkey_allocated(mm, pkey) {	\
55 	mm_pkey_allocation_map(mm) |= pkey_alloc_mask(pkey); \
56 }
57 
58 #define __mm_pkey_free(mm, pkey) {	\
59 	mm_pkey_allocation_map(mm) &= ~pkey_alloc_mask(pkey);	\
60 }
61 
62 #define __mm_pkey_is_allocated(mm, pkey)	\
63 	(mm_pkey_allocation_map(mm) & pkey_alloc_mask(pkey))
64 
65 #define __mm_pkey_is_reserved(pkey) (reserved_allocation_mask & \
66 				       pkey_alloc_mask(pkey))
67 
68 static inline bool mm_pkey_is_allocated(struct mm_struct *mm, int pkey)
69 {
70 	if (pkey < 0 || pkey >= arch_max_pkey())
71 		return false;
72 
73 	/* Reserved keys are never allocated. */
74 	if (__mm_pkey_is_reserved(pkey))
75 		return false;
76 
77 	return __mm_pkey_is_allocated(mm, pkey);
78 }
79 
80 /*
81  * Returns a positive, 5-bit key on success, or -1 on failure.
82  * Relies on the mmap_lock to protect against concurrency in mm_pkey_alloc() and
83  * mm_pkey_free().
84  */
85 static inline int mm_pkey_alloc(struct mm_struct *mm)
86 {
87 	/*
88 	 * Note: this is the one and only place we make sure that the pkey is
89 	 * valid as far as the hardware is concerned. The rest of the kernel
90 	 * trusts that only good, valid pkeys come out of here.
91 	 */
92 	u32 all_pkeys_mask = (u32)(~(0x0));
93 	int ret;
94 
95 	if (!mmu_has_feature(MMU_FTR_PKEY))
96 		return -1;
97 	/*
98 	 * Are we out of pkeys? We must handle this specially because ffz()
99 	 * behavior is undefined if there are no zeros.
100 	 */
101 	if (mm_pkey_allocation_map(mm) == all_pkeys_mask)
102 		return -1;
103 
104 	ret = ffz((u32)mm_pkey_allocation_map(mm));
105 	__mm_pkey_allocated(mm, ret);
106 
107 	return ret;
108 }
109 
110 static inline int mm_pkey_free(struct mm_struct *mm, int pkey)
111 {
112 	if (!mmu_has_feature(MMU_FTR_PKEY))
113 		return -1;
114 
115 	if (!mm_pkey_is_allocated(mm, pkey))
116 		return -EINVAL;
117 
118 	__mm_pkey_free(mm, pkey);
119 
120 	return 0;
121 }
122 
123 /*
124  * Try to dedicate one of the protection keys to be used as an
125  * execute-only protection key.
126  */
127 extern int execute_only_pkey(struct mm_struct *mm);
128 extern int __arch_override_mprotect_pkey(struct vm_area_struct *vma,
129 					 int prot, int pkey);
130 static inline int arch_override_mprotect_pkey(struct vm_area_struct *vma,
131 					      int prot, int pkey)
132 {
133 	if (!mmu_has_feature(MMU_FTR_PKEY))
134 		return 0;
135 
136 	/*
137 	 * Is this an mprotect_pkey() call? If so, never override the value that
138 	 * came from the user.
139 	 */
140 	if (pkey != -1)
141 		return pkey;
142 
143 	return __arch_override_mprotect_pkey(vma, prot, pkey);
144 }
145 
146 extern int __arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
147 				       unsigned long init_val);
148 static inline int arch_set_user_pkey_access(struct task_struct *tsk, int pkey,
149 					    unsigned long init_val)
150 {
151 	if (!mmu_has_feature(MMU_FTR_PKEY))
152 		return -EINVAL;
153 
154 	/*
155 	 * userspace should not change pkey-0 permissions.
156 	 * pkey-0 is associated with every page in the kernel.
157 	 * If userspace denies any permission on pkey-0, the
158 	 * kernel cannot operate.
159 	 */
160 	if (pkey == 0)
161 		return init_val ? -EINVAL : 0;
162 
163 	return __arch_set_user_pkey_access(tsk, pkey, init_val);
164 }
165 
166 static inline bool arch_pkeys_enabled(void)
167 {
168 	return mmu_has_feature(MMU_FTR_PKEY);
169 }
170 
171 extern void pkey_mm_init(struct mm_struct *mm);
172 extern bool arch_supports_pkeys(int cap);
173 extern unsigned int arch_usable_pkeys(void);
174 extern void thread_pkey_regs_save(struct thread_struct *thread);
175 extern void thread_pkey_regs_restore(struct thread_struct *new_thread,
176 				     struct thread_struct *old_thread);
177 extern void thread_pkey_regs_init(struct thread_struct *thread);
178 #endif /*_ASM_POWERPC_KEYS_H */
179