From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt0-x243.google.com (mail-qt0-x243.google.com [IPv6:2607:f8b0:400d:c0d::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 41F8mb5pdGzF1D5 for ; Tue, 26 Jun 2018 12:16:31 +1000 (AEST) Received: by mail-qt0-x243.google.com with SMTP id 92-v6so9409288qta.11 for ; Mon, 25 Jun 2018 19:16:31 -0700 (PDT) Sender: Ram Pai From: Ram Pai To: mpe@ellerman.id.au Cc: linuxppc-dev@lists.ozlabs.org, hbabu@us.ibm.com, mhocko@kernel.org, bauerman@linux.vnet.ibm.com, linuxram@us.ibm.com, Ulrich.Weigand@de.ibm.com, fweimer@redhat.com, msuchanek@suse.de Subject: [PATCH 1/2] powerpc/pkeys: preallocate execute_only key only if the key is available. Date: Mon, 25 Jun 2018 19:16:13 -0700 Message-Id: <1529979376-7292-1-git-send-email-linuxram@us.ibm.com> List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Key 2 is preallocated and reserved for execute-only key. In rare cases if key-2 is unavailable, mprotect(PROT_EXEC) will behave incorrectly. NOTE: mprotect(PROT_EXEC) uses execute-only key. Ensure key 2 is available for preallocation before reserving it for execute_only purpose. Problem noticed by Michael Ellermen. Signed-off-by: Ram Pai --- arch/powerpc/mm/pkeys.c | 14 +++++++++----- 1 files changed, 9 insertions(+), 5 deletions(-) diff --git a/arch/powerpc/mm/pkeys.c b/arch/powerpc/mm/pkeys.c index cec990c..0b03914 100644 --- a/arch/powerpc/mm/pkeys.c +++ b/arch/powerpc/mm/pkeys.c @@ -19,6 +19,7 @@ u64 pkey_amr_mask; /* Bits in AMR not to be touched */ u64 pkey_iamr_mask; /* Bits in AMR not to be touched */ u64 pkey_uamor_mask; /* Bits in UMOR not to be touched */ +int execute_only_key = 2; #define AMR_BITS_PER_PKEY 2 #define AMR_RD_BIT 0x1UL @@ -26,7 +27,6 @@ #define IAMR_EX_BIT 0x1UL #define PKEY_REG_BITS (sizeof(u64)*8) #define pkeyshift(pkey) (PKEY_REG_BITS - ((pkey+1) * AMR_BITS_PER_PKEY)) -#define EXECUTE_ONLY_KEY 2 static void scan_pkey_feature(void) { @@ -122,8 +122,12 @@ int pkey_initialize(void) #else os_reserved = 0; #endif + + if ((pkeys_total - os_reserved) <= execute_only_key) + execute_only_key = -1; + /* Bits are in LE format. */ - reserved_allocation_mask = (0x1 << 1) | (0x1 << EXECUTE_ONLY_KEY); + reserved_allocation_mask = (0x1 << 1) | (0x1 << execute_only_key); initial_allocation_mask = reserved_allocation_mask | (0x1 << PKEY_0); /* register mask is in BE format */ @@ -132,11 +136,11 @@ int pkey_initialize(void) pkey_iamr_mask = ~0x0ul; pkey_iamr_mask &= ~(0x3ul << pkeyshift(PKEY_0)); - pkey_iamr_mask &= ~(0x3ul << pkeyshift(EXECUTE_ONLY_KEY)); + pkey_iamr_mask &= ~(0x3ul << pkeyshift(execute_only_key)); pkey_uamor_mask = ~0x0ul; pkey_uamor_mask &= ~(0x3ul << pkeyshift(PKEY_0)); - pkey_uamor_mask &= ~(0x3ul << pkeyshift(EXECUTE_ONLY_KEY)); + pkey_uamor_mask &= ~(0x3ul << pkeyshift(execute_only_key)); for (i = (pkeys_total - os_reserved); i < pkeys_total; i++) pkey_uamor_mask &= ~(0x3ul << pkeyshift(i)); @@ -151,7 +155,7 @@ void pkey_mm_init(struct mm_struct *mm) if (static_branch_likely(&pkey_disabled)) return; mm_pkey_allocation_map(mm) = initial_allocation_mask; - mm->context.execute_only_pkey = EXECUTE_ONLY_KEY; + mm->context.execute_only_pkey = execute_only_key; } static inline u64 read_amr(void) -- 1.7.1