From: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org, mpe@ellerman.id.au
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
linuxram@us.ibm.com, bauerman@linux.ibm.com
Subject: [PATCH v3 40/41] powerpc/book3s64/keys/kuap: Reset AMR/IAMR values on kexec
Date: Wed, 10 Jun 2020 15:22:03 +0530 [thread overview]
Message-ID: <20200610095204.608183-41-aneesh.kumar@linux.ibm.com> (raw)
In-Reply-To: <20200610095204.608183-1-aneesh.kumar@linux.ibm.com>
We can kexec into a kernel that doesn't use memory keys for kernel
mapping (such as an older kernel which doesn't support kuap/kuep with hash
translation). We need to make sure we reset the AMR/IAMR value on kexec
otherwise, the new kernel will use key 0 for kernel mapping and the old
AMR value prevents access to key 0.
This patch also removes reset if IAMR and AMOR in kexec_sequence. Reset of AMOR
is not needed and the IAMR reset is partial (it doesn't do the reset
on secondary cpus) and is redundant with this patch.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
---
arch/powerpc/include/asm/book3s/64/kup.h | 20 ++++++++++++++++++++
arch/powerpc/include/asm/kup.h | 14 ++++++++++++++
arch/powerpc/kernel/misc_64.S | 14 --------------
arch/powerpc/kexec/core_64.c | 3 +++
arch/powerpc/mm/book3s64/pgtable.c | 3 +++
5 files changed, 40 insertions(+), 14 deletions(-)
diff --git a/arch/powerpc/include/asm/book3s/64/kup.h b/arch/powerpc/include/asm/book3s/64/kup.h
index f38748e1e37e..44a80fa94079 100644
--- a/arch/powerpc/include/asm/book3s/64/kup.h
+++ b/arch/powerpc/include/asm/book3s/64/kup.h
@@ -341,6 +341,26 @@ static inline bool bad_kuap_fault(struct pt_regs *regs, unsigned long address,
return !!(error_code & DSISR_KEYFAULT);
}
+#define reset_kuap reset_kuap
+static inline void reset_kuap(void)
+{
+ if (mmu_has_feature(MMU_FTR_KUAP)) {
+ mtspr(SPRN_AMR, 0);
+ /* Do we need isync()? We are going via a kexec reset */
+ isync();
+ }
+}
+
+#define reset_kuep reset_kuep
+static inline void reset_kuep(void)
+{
+ if (mmu_has_feature(MMU_FTR_KUEP)) {
+ mtspr(SPRN_IAMR, 0);
+ /* Do we need isync()? We are going via a kexec reset */
+ isync();
+ }
+}
+
#else /* CONFIG_PPC_MEM_KEYS */
static inline void kuap_restore_user_amr(struct pt_regs *regs)
{
diff --git a/arch/powerpc/include/asm/kup.h b/arch/powerpc/include/asm/kup.h
index a29f69bbf6ec..c7ab7310f230 100644
--- a/arch/powerpc/include/asm/kup.h
+++ b/arch/powerpc/include/asm/kup.h
@@ -113,6 +113,20 @@ static inline void prevent_current_write_to_user(void)
prevent_user_access(NULL, NULL, ~0UL, KUAP_CURRENT_WRITE);
}
+#ifndef reset_kuap
+#define reset_kuap reset_kuap
+static inline void reset_kuap(void)
+{
+}
+#endif
+
+#ifndef reset_kuep
+#define reset_kuep reset_kuep
+static inline void reset_kuep(void)
+{
+}
+#endif
+
#endif /* !__ASSEMBLY__ */
#endif /* _ASM_POWERPC_KUAP_H_ */
diff --git a/arch/powerpc/kernel/misc_64.S b/arch/powerpc/kernel/misc_64.S
index 1864605eca29..7bb46ad98207 100644
--- a/arch/powerpc/kernel/misc_64.S
+++ b/arch/powerpc/kernel/misc_64.S
@@ -413,20 +413,6 @@ _GLOBAL(kexec_sequence)
li r0,0
std r0,16(r1)
-BEGIN_FTR_SECTION
- /*
- * This is the best time to turn AMR/IAMR off.
- * key 0 is used in radix for supervisor<->user
- * protection, but on hash key 0 is reserved
- * ideally we want to enter with a clean state.
- * NOTE, we rely on r0 being 0 from above.
- */
- mtspr SPRN_IAMR,r0
-BEGIN_FTR_SECTION_NESTED(42)
- mtspr SPRN_AMOR,r0
-END_FTR_SECTION_NESTED_IFSET(CPU_FTR_HVMODE, 42)
-END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
-
/* save regs for local vars on new stack.
* yes, we won't go back, but ...
*/
diff --git a/arch/powerpc/kexec/core_64.c b/arch/powerpc/kexec/core_64.c
index b4184092172a..a124715f33ea 100644
--- a/arch/powerpc/kexec/core_64.c
+++ b/arch/powerpc/kexec/core_64.c
@@ -152,6 +152,9 @@ static void kexec_smp_down(void *arg)
if (ppc_md.kexec_cpu_down)
ppc_md.kexec_cpu_down(0, 1);
+ reset_kuap();
+ reset_kuep();
+
kexec_smp_wait();
/* NOTREACHED */
}
diff --git a/arch/powerpc/mm/book3s64/pgtable.c b/arch/powerpc/mm/book3s64/pgtable.c
index c58ad1049909..9673f4b74c9a 100644
--- a/arch/powerpc/mm/book3s64/pgtable.c
+++ b/arch/powerpc/mm/book3s64/pgtable.c
@@ -165,6 +165,9 @@ void mmu_cleanup_all(void)
radix__mmu_cleanup_all();
else if (mmu_hash_ops.hpte_clear_all)
mmu_hash_ops.hpte_clear_all();
+
+ reset_kuap();
+ reset_kuep();
}
#ifdef CONFIG_MEMORY_HOTPLUG
--
2.26.2
next prev parent reply other threads:[~2020-06-10 11:14 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-10 9:51 [PATCH v3 00/41] Kernel userspace access/execution prevention with hash translation Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 01/41] powerpc/book3s64/pkeys: Fixup bit numbering Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 02/41] powerpc/book3s64/pkeys: pkeys are supported only on hash on book3s Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 03/41] powerpc/book3s64/pkeys: Move pkey related bits in the linux page table Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 04/41] powerpc/book3s64/pkeys: Explain key 1 reservation details Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 05/41] powerpc/book3s64/pkeys: Simplify the key initialization Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 06/41] powerpc/book3s64/pkeys: Prevent key 1 modification from userspace Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 07/41] powerpc/book3s64/pkeys: kill cpu feature key CPU_FTR_PKEY Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 08/41] powerpc/book3s64/pkeys: Convert execute key support to static key Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 09/41] powerpc/book3s64/pkeys: Simplify pkey disable branch Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 10/41] powerpc/book3s64/pkeys: Convert pkey_total to max_pkey Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 11/41] powerpc/book3s64/pkeys: Make initial_allocation_mask static Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 12/41] powerpc/book3s64/pkeys: Mark all the pkeys above max pkey as reserved Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 13/41] powerpc/book3s64/pkeys: Enable MMU_FTR_PKEY Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 14/41] powerpc/book3s64/kuep: Add MMU_FTR_KUEP Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 15/41] powerpc/book3s64/pkeys: Use execute_pkey_disable static key Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 16/41] powerpc/book3s64/pkeys: Use MMU_FTR_PKEY instead of pkey_disabled " Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 17/41] powerpc/book3s64/kuap: Move KUAP related function outside radix Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 18/41] powerpc/book3s64/kuep: Move KUEP " Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 19/41] powerpc/book3s64/kuap: Rename MMU_FTR_RADIX_KUAP to MMU_FTR_KUAP Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 20/41] powerpc/book3s64/kuap/kuep: Make KUAP and KUEP a subfeature of PPC_MEM_KEYS Aneesh Kumar K.V
2020-06-12 13:36 ` kernel test robot
2020-06-12 13:36 ` kernel test robot
2020-06-10 9:51 ` [PATCH v3 21/41] powerpc/book3s64/kuap: Move UAMOR setup to key init function Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 22/41] powerpc/book3s64/kuap: Use Key 3 for kernel mapping with hash translation Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 23/41] powerpc/exec: Set thread.regs early during exec Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 24/41] powerpc/book3s64/pkeys: Store/restore userspace AMR correctly on entry and exit from kernel Aneesh Kumar K.V
2020-06-10 17:36 ` kernel test robot
2020-06-10 17:36 ` kernel test robot
2020-06-10 22:29 ` kernel test robot
2020-06-10 22:29 ` kernel test robot
2020-06-10 9:51 ` [PATCH v3 25/41] powerpc/book3s64/kuep: Store/restore userspace IAMR " Aneesh Kumar K.V
2020-06-10 18:47 ` kernel test robot
2020-06-10 18:47 ` kernel test robot
2020-06-11 0:03 ` kernel test robot
2020-06-11 0:03 ` kernel test robot
2020-06-10 9:51 ` [PATCH v3 26/41] powerpc/book3s64/pkeys: Inherit correctly on fork Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 27/41] powerpc/book3s64/pkeys: Reset userspace AMR correctly on exec Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 28/41] powerpc/ptrace-view: Use pt_regs values instead of thread_struct based one Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 29/41] powerpc/book3s64/pkeys: Don't update SPRN_AMR when in kernel mode Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 30/41] powerpc/book3s64/kuap: Restrict access to userspace based on userspace AMR Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 31/41] powerpc/book3s64/kuap: Improve error reporting with KUAP Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 32/41] powerpc/book3s64/kuap: Use Key 3 to implement KUAP with hash translation Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 33/41] powerpc/book3s64/kuep: Use Key 3 to implement KUEP " Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 34/41] powerpc/book3s64/hash/kuap: Enable kuap on hash Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 35/41] powerpc/book3s64/hash/kuep: Enable KUEP " Aneesh Kumar K.V
2020-06-10 9:51 ` [PATCH v3 36/41] powerpc/book3s64/keys: Print information during boot Aneesh Kumar K.V
2020-06-10 9:52 ` [PATCH v3 37/41] powerpc/selftest/ptrave-pkey: Rename variables to make it easier to follow code Aneesh Kumar K.V
2020-06-10 9:52 ` [PATCH v3 38/41] powerpc/selftest/ptrace-pkey: Update the test to mark an invalid pkey correctly Aneesh Kumar K.V
2020-06-10 9:52 ` [PATCH v3 39/41] powerpc/selftest/ptrace-pkey: IAMR and uamor cannot be updated by ptrace Aneesh Kumar K.V
2020-06-10 9:52 ` Aneesh Kumar K.V [this message]
2020-06-10 9:52 ` [PATCH v3 41/41] powerpc/book3s64/hash/kup: Don't hardcode kup key Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200610095204.608183-41-aneesh.kumar@linux.ibm.com \
--to=aneesh.kumar@linux.ibm.com \
--cc=bauerman@linux.ibm.com \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=mpe@ellerman.id.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.