From: Ram Pai <linuxram@us.ibm.com>
To: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
Cc: linuxppc-dev@lists.ozlabs.org, benh@kernel.crashing.org,
paulus@samba.org, mpe@ellerman.id.au,
khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com,
bsingharora@gmail.com, hbabu@us.ibm.com, mhocko@kernel.org
Subject: Re: [RFC v7 25/25] powerpc: Enable pkey subsystem
Date: Thu, 17 Aug 2017 16:48:39 -0700 [thread overview]
Message-ID: <20170817234839.GD5427@ram.oc3035372033.ibm.com> (raw)
In-Reply-To: <87efsaym1o.fsf@linux.vnet.ibm.com>
On Thu, Aug 17, 2017 at 05:30:27PM -0300, Thiago Jung Bauermann wrote:
>
> Ram Pai <linuxram@us.ibm.com> writes:
>
> > On Thu, Aug 10, 2017 at 06:27:34PM -0300, Thiago Jung Bauermann wrote:
> >>
> >> Ram Pai <linuxram@us.ibm.com> writes:
> >> > --- a/arch/powerpc/include/asm/cputable.h
> >> > +++ b/arch/powerpc/include/asm/cputable.h
> >> > @@ -214,6 +214,7 @@ enum {
> >> > #define CPU_FTR_DAWR LONG_ASM_CONST(0x0400000000000000)
> >> > #define CPU_FTR_DABRX LONG_ASM_CONST(0x0800000000000000)
> >> > #define CPU_FTR_PMAO_BUG LONG_ASM_CONST(0x1000000000000000)
> >> > +#define CPU_FTR_PKEY LONG_ASM_CONST(0x2000000000000000)
> >> > #define CPU_FTR_POWER9_DD1 LONG_ASM_CONST(0x4000000000000000)
> >> >
> >> > #ifndef __ASSEMBLY__
> >> > @@ -452,7 +453,7 @@ enum {
> >> > CPU_FTR_DSCR | CPU_FTR_SAO | CPU_FTR_ASYM_SMT | \
> >> > CPU_FTR_STCX_CHECKS_ADDRESS | CPU_FTR_POPCNTB | CPU_FTR_POPCNTD | \
> >> > CPU_FTR_ICSWX | CPU_FTR_CFAR | CPU_FTR_HVMODE | \
> >> > - CPU_FTR_VMX_COPY | CPU_FTR_HAS_PPR | CPU_FTR_DABRX)
> >> > + CPU_FTR_VMX_COPY | CPU_FTR_HAS_PPR | CPU_FTR_DABRX | CPU_FTR_PKEY)
> >>
> >> P7 supports protection keys for data access (AMR) but not for
> >> instruction access (IAMR), right? There's nothing in the code making
> >> this distinction, so either CPU_FTR_PKEY shouldn't be enabled in P7 or
> >> separate feature bits for AMR and IAMR should be used and checked before
> >> trying to access the IAMR.
> >
> > did'nt David say P7 supports both? P6, i think, only support data.
> > my pkey tests have passed on p7.
>
> He said that P7 was the first processor to support 32 keys, but if you
> look at the Virtual Page Class Key Protection section in ISA 2.06,
> there's no IAMR.
>
> There was a bug in the code where init_iamr was calling write_amr
> instead of write_iamr, perhaps that's why it worked when you tested on P7?
>
> >>
> >> > #define CPU_FTRS_POWER8 (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
> >> > CPU_FTR_PPCAS_ARCH_V2 | CPU_FTR_CTRL | CPU_FTR_ARCH_206 |\
> >> > CPU_FTR_MMCRA | CPU_FTR_SMT | \
> >> > @@ -462,7 +463,7 @@ enum {
> >> > CPU_FTR_STCX_CHECKS_ADDRESS | CPU_FTR_POPCNTB | CPU_FTR_POPCNTD | \
> >> > CPU_FTR_ICSWX | CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \
> >> > CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_DAWR | \
> >> > - CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP)
> >> > + CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_PKEY)
> >> > #define CPU_FTRS_POWER8E (CPU_FTRS_POWER8 | CPU_FTR_PMAO_BUG)
> >> > #define CPU_FTRS_POWER8_DD1 (CPU_FTRS_POWER8 & ~CPU_FTR_DBELL)
> >> > #define CPU_FTRS_POWER9 (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
> >> > @@ -474,7 +475,8 @@ enum {
> >> > CPU_FTR_STCX_CHECKS_ADDRESS | CPU_FTR_POPCNTB | CPU_FTR_POPCNTD | \
> >> > CPU_FTR_CFAR | CPU_FTR_HVMODE | CPU_FTR_VMX_COPY | \
> >> > CPU_FTR_DBELL | CPU_FTR_HAS_PPR | CPU_FTR_DAWR | \
> >> > - CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300)
> >> > + CPU_FTR_ARCH_207S | CPU_FTR_TM_COMP | CPU_FTR_ARCH_300 | \
> >> > + CPU_FTR_PKEY)
> >> > #define CPU_FTRS_POWER9_DD1 ((CPU_FTRS_POWER9 | CPU_FTR_POWER9_DD1) & \
> >> > (~CPU_FTR_SAO))
> >> > #define CPU_FTRS_CELL (CPU_FTR_USE_TB | CPU_FTR_LWSYNC | \
> >> > diff --git a/arch/powerpc/include/asm/mmu_context.h b/arch/powerpc/include/asm/mmu_context.h
> >> > index a1cfcca..acd59d8 100644
> >> > --- a/arch/powerpc/include/asm/mmu_context.h
> >> > +++ b/arch/powerpc/include/asm/mmu_context.h
> >> > @@ -188,6 +188,7 @@ static inline bool arch_vma_access_permitted(struct vm_area_struct *vma,
> >> >
> >> > #define pkey_initialize()
> >> > #define pkey_mm_init(mm)
> >> > +#define pkey_mmu_values(total_data, total_execute)
> >> >
> >> > static inline int vma_pkey(struct vm_area_struct *vma)
> >> > {
> >> > diff --git a/arch/powerpc/include/asm/pkeys.h b/arch/powerpc/include/asm/pkeys.h
> >> > index ba7bff6..e61ed6c 100644
> >> > --- a/arch/powerpc/include/asm/pkeys.h
> >> > +++ b/arch/powerpc/include/asm/pkeys.h
> >> > @@ -1,6 +1,8 @@
> >> > #ifndef _ASM_PPC64_PKEYS_H
> >> > #define _ASM_PPC64_PKEYS_H
> >> >
> >> > +#include <asm/firmware.h>
> >> > +
> >> > extern bool pkey_inited;
> >> > extern int pkeys_total; /* total pkeys as per device tree */
> >> > extern u32 initial_allocation_mask;/* bits set for reserved keys */
> >> > @@ -227,6 +229,24 @@ static inline void pkey_mm_init(struct mm_struct *mm)
> >> > mm->context.execute_only_pkey = -1;
> >> > }
> >> >
> >> > +static inline void pkey_mmu_values(int total_data, int total_execute)
> >> > +{
> >> > + /*
> >> > + * since any pkey can be used for data or execute, we
> >> > + * will just treat all keys as equal and track them
> >> > + * as one entity.
> >> > + */
> >> > + pkeys_total = total_data + total_execute;
> >> > +}
> >>
> >> Right now this works because the firmware reports 0 execute keys in the
> >> device tree, but if (when?) it is fixed to report 32 execute keys as
> >> well as 32 data keys (which are the same keys), any place using
> >> pkeys_total expecting it to mean the number of keys that are available
> >> will be broken. This includes pkey_initialize and mm_pkey_is_allocated.
> >
> > Good point. we should just ignore total_execute. It should
> > be the same value as total_data on the latest platforms.
> > On older platforms it will continue to be zero.
>
> Indeed. There should just be a special case to disable execute
> protection for P7.
Ok. we should disable execute protection for P7 and earlier generations of CPU.
RP.
next prev parent reply other threads:[~2017-08-17 23:48 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-31 0:12 [RFC v7 00/25] powerpc: Memory Protection Keys Ram Pai
2017-07-31 0:12 ` [RFC v7 01/25] powerpc: define an additional vma bit for protection keys Ram Pai
2017-07-31 0:12 ` [RFC v7 02/25] powerpc: track allocation status of all pkeys Ram Pai
2017-08-10 20:25 ` Thiago Jung Bauermann
2017-08-11 5:39 ` Michael Ellerman
2017-08-17 16:00 ` Ram Pai
2017-08-17 15:48 ` Ram Pai
2017-08-17 20:40 ` Thiago Jung Bauermann
2017-10-18 2:42 ` Balbir Singh
2017-10-18 3:40 ` Ram Pai
2017-10-18 16:08 ` Laurent Dufour
2017-10-18 22:04 ` Ram Pai
2017-07-31 0:12 ` [RFC v7 03/25] powerpc: helper function to read, write AMR, IAMR, UAMOR registers Ram Pai
2017-07-31 0:12 ` [RFC v7 04/25] powerpc: helper functions to initialize AMR, IAMR and " Ram Pai
2017-07-31 0:12 ` [RFC v7 05/25] powerpc: cleaup AMR, iAMR when a key is allocated or freed Ram Pai
2017-07-31 0:12 ` [RFC v7 06/25] powerpc: implementation for arch_set_user_pkey_access() Ram Pai
2017-07-31 0:12 ` [RFC v7 07/25] powerpc: sys_pkey_alloc() and sys_pkey_free() system calls Ram Pai
2017-07-31 0:12 ` [RFC v7 08/25] powerpc: ability to create execute-disabled pkeys Ram Pai
2017-07-31 0:12 ` [RFC v7 09/25] powerpc: store and restore the pkey state across context switches Ram Pai
2017-08-10 20:46 ` Thiago Jung Bauermann
2017-08-11 6:34 ` Michael Ellerman
2017-08-17 16:41 ` Ram Pai
2017-07-31 0:12 ` [RFC v7 10/25] powerpc: introduce execute-only pkey Ram Pai
2017-07-31 0:12 ` [RFC v7 11/25] powerpc: ability to associate pkey to a vma Ram Pai
2017-07-31 0:12 ` [RFC v7 12/25] powerpc: implementation for arch_override_mprotect_pkey() Ram Pai
2017-10-18 15:58 ` Laurent Dufour
2017-10-18 21:37 ` Ram Pai
2017-07-31 0:12 ` [RFC v7 13/25] powerpc: map vma key-protection bits to pte key bits Ram Pai
2017-07-31 0:12 ` [RFC v7 14/25] powerpc: sys_pkey_mprotect() system call Ram Pai
2017-07-31 0:12 ` [RFC v7 15/25] powerpc: Program HPTE key protection bits Ram Pai
2017-10-18 16:15 ` Laurent Dufour
2017-10-18 22:12 ` Ram Pai
2017-10-19 5:12 ` Michael Ellerman
2017-07-31 0:12 ` [RFC v7 16/25] powerpc: helper to validate key-access permissions of a pte Ram Pai
2017-10-18 16:08 ` Laurent Dufour
2017-10-18 21:56 ` Ram Pai
2017-10-19 5:13 ` Michael Ellerman
2017-07-31 0:12 ` [RFC v7 17/25] powerpc: check key protection for user page access Ram Pai
2017-07-31 0:12 ` [RFC v7 18/25] powerpc: Macro the mask used for checking DSI exception Ram Pai
2017-07-31 0:12 ` [RFC v7 19/25] powerpc: implementation for arch_vma_access_permitted() Ram Pai
2017-07-31 0:12 ` [RFC v7 20/25] powerpc: Handle exceptions caused by pkey violation Ram Pai
2017-07-31 0:12 ` [RFC v7 21/25] powerpc: capture AMR register content on " Ram Pai
2017-07-31 0:12 ` [RFC v7 22/25] powerpc: introduce get_pte_pkey() helper Ram Pai
2017-07-31 0:12 ` [RFC v7 23/25] powerpc: capture the violated protection key on fault Ram Pai
2017-07-31 0:12 ` [RFC v7 24/25] powerpc: Deliver SEGV signal on pkey violation Ram Pai
2017-08-10 21:00 ` Thiago Jung Bauermann
2017-08-11 10:26 ` Michael Ellerman
2017-08-17 17:14 ` Ram Pai
2017-08-18 4:48 ` Michael Ellerman
2017-08-18 17:04 ` Ram Pai
2017-08-18 21:54 ` Benjamin Herrenschmidt
2017-08-18 22:36 ` Ram Pai
2017-10-18 2:25 ` Balbir Singh
2017-10-18 3:01 ` Ram Pai
2017-08-18 22:49 ` Ram Pai
2017-08-19 8:23 ` Benjamin Herrenschmidt
2017-07-31 0:12 ` [RFC v7 25/25] powerpc: Enable pkey subsystem Ram Pai
2017-08-10 21:27 ` Thiago Jung Bauermann
2017-08-17 17:40 ` Ram Pai
2017-08-17 20:30 ` Thiago Jung Bauermann
2017-08-17 23:48 ` Ram Pai [this message]
2017-08-18 5:07 ` Michael Ellerman
2017-08-18 15:26 ` Thiago Jung Bauermann
2017-08-18 16:32 ` Ram Pai
2017-08-11 17:34 ` [RFC v7 26/25] mm/mprotect, powerpc/mm/pkeys, x86/mm/pkeys: Add sysfs interface Thiago Jung Bauermann
2017-08-18 0:25 ` Ram Pai
2017-08-18 23:19 ` Thiago Jung Bauermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170817234839.GD5427@ram.oc3035372033.ibm.com \
--to=linuxram@us.ibm.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=bauerman@linux.vnet.ibm.com \
--cc=benh@kernel.crashing.org \
--cc=bsingharora@gmail.com \
--cc=hbabu@us.ibm.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mhocko@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).