From: Christophe Leroy <christophe.leroy@csgroup.eu>
To: Michael Ellerman <mpe@ellerman.id.au>,
Nicholas Piggin <npiggin@gmail.com>
Cc: Christophe Leroy <christophe.leroy@csgroup.eu>,
linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org
Subject: [PATCH v2 00/37] Implement execute-only protection on powerpc
Date: Mon, 25 Sep 2023 20:31:14 +0200 [thread overview]
Message-ID: <cover.1695659959.git.christophe.leroy@csgroup.eu> (raw)
This series reworks _PAGE_FLAGS on all platforms in order
to implement execute-only protection on all powerpc.
For all targets except 40x and 604 it will be a real execute-only
protection as the hardware and/or software allows a distinct protection.
For 40x and 604 that's a poor's man execute-only protection in the
way that once the page is in the TLB it can be executed. But it's
better than nothing and allows to have a similar implementation for
all sorts of powerpc.
Patches 1 and 2 are fixes that should also be back-ported to stable
version.
Patches 3 to 7 are generic trivial cleanups.
Patches 8 to 19 are a cleanup of pgtable.h for nohash. Main purpose
is to refactor a lot of common code between nohash/32 and nohash/64.
Patches 20 to 37 do the real work on PAGE flags in order to
switch all platforms to _PAGE_READ and _PAGE_WRITE like book3s/64
today. Once that is done it is easy to implement execute-only
protection.
Patch 1 to 19 were already sent-out as v1 of series
named "cleanup/refactor pgtable.h". Problems reported by robots
are fixed here.
Christophe Leroy (37):
powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE
powerpc/64e: Fix wrong test in __ptep_test_and_clear_young()
powerpc/40x: Remove stale PTE_ATOMIC_UPDATES macro
powerpc: Remove pte_ERROR()
powerpc: Deduplicate prototypes of ptep_set_access_flags() and
phys_mem_access_prot()
powerpc: Refactor update_mmu_cache_range()
powerpc: Untangle fixmap.h and pgtable.h and mmu.h
powerpc/nohash: Remove {pte/pmd}_protnone()
powerpc/nohash: Refactor declaration of {map/unmap}_kernel_page()
powerpc/nohash: Move 8xx version of pte_update() into pte-8xx.h
powerpc/nohash: Replace #ifdef CONFIG_44x by IS_ENABLED(CONFIG_44x) in
pgtable.h
powerpc/nohash: Refactor pte_update()
powerpc/nohash: Refactor checking of no-change in pte_update()
powerpc/nohash: Deduplicate _PAGE_CHG_MASK
powerpc/nohash: Deduplicate pte helpers
powerpc/nohash: Refactor ptep_test_and_clear_young()
powerpc/nohash: Deduplicate ptep_set_wrprotect() and
ptep_get_and_clear()
powerpc/nohash: Refactor pte_clear()
powerpc/nohash: Refactor __ptep_set_access_flags()
powerpc/e500: Simplify pte_mkexec()
powerpc: Implement and use pgprot_nx()
powerpc: Fail ioremap() instead of silently ignoring flags when
PAGE_USER is set
powerpc: Remove pte_mkuser() and pte_mkpriviledged()
powerpc: Rely on address instead of pte_user()
powerpc: Refactor permission masks used for __P/__S table and kernel
memory flags
powerpc/8xx: Use generic permission masks
powerpc/64s: Use generic permission masks
powerpc/nohash: Add _PAGE_WRITE to supplement _PAGE_RW
powerpc/nohash: Replace pte_user() by pte_read()
powerpc/e500: Introduce _PAGE_READ and remove _PAGE_USER
powerpc/44x: Introduce _PAGE_READ and remove _PAGE_USER
powerpc/40x: Introduce _PAGE_READ and remove _PAGE_USER
powerpc/32s: Add _PAGE_WRITE to supplement _PAGE_RW
powerpc/32s: Introduce _PAGE_READ and remove _PAGE_USER
powerpc/ptdump: Display _PAGE_READ and _PAGE_WRITE
powerpc: Finally remove _PAGE_USER
powerpc: Support execute-only on all powerpc
arch/powerpc/include/asm/book3s/32/pgtable.h | 83 +++----
arch/powerpc/include/asm/book3s/64/pgtable.h | 35 +--
arch/powerpc/include/asm/book3s/pgtable.h | 33 ---
arch/powerpc/include/asm/fixmap.h | 16 +-
arch/powerpc/include/asm/nohash/32/mmu-8xx.h | 1 -
arch/powerpc/include/asm/nohash/32/pgtable.h | 201 +---------------
arch/powerpc/include/asm/nohash/32/pte-40x.h | 21 +-
arch/powerpc/include/asm/nohash/32/pte-44x.h | 20 +-
arch/powerpc/include/asm/nohash/32/pte-85xx.h | 20 +-
arch/powerpc/include/asm/nohash/32/pte-8xx.h | 99 +++++---
arch/powerpc/include/asm/nohash/64/pgtable.h | 120 +---------
arch/powerpc/include/asm/nohash/pgtable.h | 216 ++++++++++++------
arch/powerpc/include/asm/nohash/pte-e500.h | 41 +---
arch/powerpc/include/asm/pgtable-masks.h | 32 +++
arch/powerpc/include/asm/pgtable.h | 35 +++
arch/powerpc/kernel/head_40x.S | 19 +-
arch/powerpc/kernel/head_44x.S | 40 ++--
arch/powerpc/kernel/head_85xx.S | 12 +-
arch/powerpc/kernel/head_book3s_32.S | 63 ++---
arch/powerpc/mm/book3s32/hash_low.S | 32 ++-
arch/powerpc/mm/book3s32/mmu.c | 6 +-
arch/powerpc/mm/book3s64/pgtable.c | 10 +-
arch/powerpc/mm/fault.c | 9 +-
arch/powerpc/mm/init_32.c | 1 +
arch/powerpc/mm/ioremap.c | 6 +-
arch/powerpc/mm/mem.c | 1 +
arch/powerpc/mm/nohash/40x.c | 19 +-
arch/powerpc/mm/nohash/8xx.c | 2 +
arch/powerpc/mm/nohash/book3e_pgtable.c | 2 +-
arch/powerpc/mm/nohash/e500.c | 6 +-
arch/powerpc/mm/nohash/e500_hugetlbpage.c | 3 +-
arch/powerpc/mm/pgtable.c | 26 +--
arch/powerpc/mm/ptdump/8xx.c | 5 -
arch/powerpc/mm/ptdump/shared.c | 14 +-
arch/powerpc/platforms/83xx/misc.c | 2 +
arch/powerpc/platforms/8xx/cpm1.c | 1 +
36 files changed, 511 insertions(+), 741 deletions(-)
create mode 100644 arch/powerpc/include/asm/pgtable-masks.h
--
2.41.0
next reply other threads:[~2023-09-25 18:31 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-25 18:31 Christophe Leroy [this message]
2023-09-25 18:31 ` [PATCH v2 01/37] powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 02/37] powerpc/64e: Fix wrong test in __ptep_test_and_clear_young() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 03/37] powerpc/40x: Remove stale PTE_ATOMIC_UPDATES macro Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 04/37] powerpc: Remove pte_ERROR() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 05/37] powerpc: Deduplicate prototypes of ptep_set_access_flags() and phys_mem_access_prot() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 06/37] powerpc: Refactor update_mmu_cache_range() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 07/37] powerpc: Untangle fixmap.h and pgtable.h and mmu.h Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 08/37] powerpc/nohash: Remove {pte/pmd}_protnone() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 09/37] powerpc/nohash: Refactor declaration of {map/unmap}_kernel_page() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 10/37] powerpc/nohash: Move 8xx version of pte_update() into pte-8xx.h Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 11/37] powerpc/nohash: Replace #ifdef CONFIG_44x by IS_ENABLED(CONFIG_44x) in pgtable.h Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 12/37] powerpc/nohash: Refactor pte_update() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 13/37] powerpc/nohash: Refactor checking of no-change in pte_update() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 14/37] powerpc/nohash: Deduplicate _PAGE_CHG_MASK Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 15/37] powerpc/nohash: Deduplicate pte helpers Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 16/37] powerpc/nohash: Refactor ptep_test_and_clear_young() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 17/37] powerpc/nohash: Deduplicate ptep_set_wrprotect() and ptep_get_and_clear() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 18/37] powerpc/nohash: Refactor pte_clear() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 19/37] powerpc/nohash: Refactor __ptep_set_access_flags() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 20/37] powerpc/e500: Simplify pte_mkexec() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 21/37] powerpc: Implement and use pgprot_nx() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 22/37] powerpc: Fail ioremap() instead of silently ignoring flags when PAGE_USER is set Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 23/37] powerpc: Remove pte_mkuser() and pte_mkpriviledged() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 24/37] powerpc: Rely on address instead of pte_user() Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 25/37] powerpc: Refactor permission masks used for __P/__S table and kernel memory flags Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 26/37] powerpc/8xx: Use generic permission masks Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 27/37] powerpc/64s: " Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 28/37] powerpc/nohash: Add _PAGE_WRITE to supplement _PAGE_RW Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 29/37] powerpc/nohash: Replace pte_user() by pte_read() Christophe Leroy
2023-10-31 10:15 ` Aneesh Kumar K.V
[not found] ` <02c4b724-f503-31ea-eb77-4b3cd6776fd8@csgroup.eu>
2023-11-07 13:34 ` Aneesh Kumar K.V
[not found] ` <a67c0d93-f4e9-d5c5-a5ee-3347c80f0a64@csgroup.eu>
2023-11-13 10:23 ` Aneesh Kumar K.V
2023-09-25 18:31 ` [PATCH v2 30/37] powerpc/e500: Introduce _PAGE_READ and remove _PAGE_USER Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 31/37] powerpc/44x: " Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 32/37] powerpc/40x: " Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 33/37] powerpc/32s: Add _PAGE_WRITE to supplement _PAGE_RW Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 34/37] powerpc/32s: Introduce _PAGE_READ and remove _PAGE_USER Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 35/37] powerpc/ptdump: Display _PAGE_READ and _PAGE_WRITE Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 36/37] powerpc: Finally remove _PAGE_USER Christophe Leroy
2023-09-25 18:31 ` [PATCH v2 37/37] powerpc: Support execute-only on all powerpc Christophe Leroy
2023-11-02 5:39 ` Aneesh Kumar K.V
[not found] ` <efcfb376-5b43-4f35-e1d2-8cfce782ae3d@csgroup.eu>
2023-11-07 6:15 ` Aneesh Kumar K V
2023-11-09 17:38 ` Christophe Leroy
2023-10-15 10:00 ` (subset) [PATCH v2 00/37] Implement execute-only protection on powerpc Michael Ellerman
2023-10-27 9:59 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1695659959.git.christophe.leroy@csgroup.eu \
--to=christophe.leroy@csgroup.eu \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=npiggin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox