lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0d475fec-775e-007e-3489-514d93253abb@csgroup.eu>
Date:   Fri, 12 Mar 2021 09:37:37 +0100
From:   Christophe Leroy <christophe.leroy@...roup.eu>
To:     Nicholas Piggin <npiggin@...il.com>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Michael Ellerman <mpe@...erman.id.au>,
        Paul Mackerras <paulus@...ba.org>
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH v2 40/43] powerpc/64s: Make kuap_check_amr() and
 kuap_get_and_check_amr() generic



Le 10/03/2021 à 02:37, Nicholas Piggin a écrit :
> Excerpts from Christophe Leroy's message of March 9, 2021 10:10 pm:
>> In preparation of porting powerpc32 to C syscall entry/exit,
>> rename kuap_check_amr() and kuap_get_and_check_amr() as kuap_check()
>> and kuap_get_and_check(), and move in the generic asm/kup.h the stub
>> for when CONFIG_PPC_KUAP is not selected.
> 
> Looks pretty straightforward to me.
> 
> While you're renaming things, could kuap_check_amr() be changed to
> kuap_assert_locked() or similar? Otherwise,

Ok, renamed kuap_assert_locked() and kuap_get_and_assert_locked()

> 
> Reviewed-by: Nicholas Piggin <npiggin@...il.com>
> 
>>
>> Signed-off-by: Christophe Leroy <christophe.leroy@...roup.eu>
>> ---
>>   arch/powerpc/include/asm/book3s/64/kup.h | 24 ++----------------------
>>   arch/powerpc/include/asm/kup.h           | 10 +++++++++-
>>   arch/powerpc/kernel/interrupt.c          | 12 ++++++------
>>   arch/powerpc/kernel/irq.c                |  2 +-
>>   4 files changed, 18 insertions(+), 30 deletions(-)
>>
>> diff --git a/arch/powerpc/include/asm/book3s/64/kup.h b/arch/powerpc/include/asm/book3s/64/kup.h
>> index 8bd905050896..d9b07e9998be 100644
>> --- a/arch/powerpc/include/asm/book3s/64/kup.h
>> +++ b/arch/powerpc/include/asm/book3s/64/kup.h
>> @@ -287,7 +287,7 @@ static inline void kuap_kernel_restore(struct pt_regs *regs,
>>   	 */
>>   }
>>   
>> -static inline unsigned long kuap_get_and_check_amr(void)
>> +static inline unsigned long kuap_get_and_check(void)
>>   {
>>   	if (mmu_has_feature(MMU_FTR_BOOK3S_KUAP)) {
>>   		unsigned long amr = mfspr(SPRN_AMR);
>> @@ -298,27 +298,7 @@ static inline unsigned long kuap_get_and_check_amr(void)
>>   	return 0;
>>   }
>>   
>> -#else /* CONFIG_PPC_PKEY */
>> -
>> -static inline void kuap_user_restore(struct pt_regs *regs)
>> -{
>> -}
>> -
>> -static inline void kuap_kernel_restore(struct pt_regs *regs, unsigned long amr)
>> -{
>> -}
>> -
>> -static inline unsigned long kuap_get_and_check_amr(void)
>> -{
>> -	return 0;
>> -}
>> -
>> -#endif /* CONFIG_PPC_PKEY */
>> -
>> -
>> -#ifdef CONFIG_PPC_KUAP
>> -
>> -static inline void kuap_check_amr(void)
>> +static inline void kuap_check(void)
>>   {
>>   	if (IS_ENABLED(CONFIG_PPC_KUAP_DEBUG) && mmu_has_feature(MMU_FTR_BOOK3S_KUAP))
>>   		WARN_ON_ONCE(mfspr(SPRN_AMR) != AMR_KUAP_BLOCKED);
>> diff --git a/arch/powerpc/include/asm/kup.h b/arch/powerpc/include/asm/kup.h
>> index 25671f711ec2..b7efa46b3109 100644
>> --- a/arch/powerpc/include/asm/kup.h
>> +++ b/arch/powerpc/include/asm/kup.h
>> @@ -74,7 +74,15 @@ bad_kuap_fault(struct pt_regs *regs, unsigned long address, bool is_write)
>>   	return false;
>>   }
>>   
>> -static inline void kuap_check_amr(void) { }
>> +static inline void kuap_check(void) { }
>> +static inline void kuap_save_and_lock(struct pt_regs *regs) { }
>> +static inline void kuap_user_restore(struct pt_regs *regs) { }
>> +static inline void kuap_kernel_restore(struct pt_regs *regs, unsigned long amr) { }
>> +
>> +static inline unsigned long kuap_get_and_check(void)
>> +{
>> +	return 0;
>> +}
>>   
>>   /*
>>    * book3s/64/kup-radix.h defines these functions for the !KUAP case to flush
>> diff --git a/arch/powerpc/kernel/interrupt.c b/arch/powerpc/kernel/interrupt.c
>> index 727b7848c9cc..40ed55064e54 100644
>> --- a/arch/powerpc/kernel/interrupt.c
>> +++ b/arch/powerpc/kernel/interrupt.c
>> @@ -76,7 +76,7 @@ notrace long system_call_exception(long r3, long r4, long r5,
>>   	} else
>>   #endif
>>   #ifdef CONFIG_PPC64
>> -		kuap_check_amr();
>> +		kuap_check();
>>   #endif
>>   
>>   	booke_restore_dbcr0();
>> @@ -254,7 +254,7 @@ notrace unsigned long syscall_exit_prepare(unsigned long r3,
>>   	CT_WARN_ON(ct_state() == CONTEXT_USER);
>>   
>>   #ifdef CONFIG_PPC64
>> -	kuap_check_amr();
>> +	kuap_check();
>>   #endif
>>   
>>   	regs->result = r3;
>> @@ -380,7 +380,7 @@ notrace unsigned long interrupt_exit_user_prepare(struct pt_regs *regs, unsigned
>>   	 * AMR can only have been unlocked if we interrupted the kernel.
>>   	 */
>>   #ifdef CONFIG_PPC64
>> -	kuap_check_amr();
>> +	kuap_check();
>>   #endif
>>   
>>   	local_irq_save(flags);
>> @@ -451,7 +451,7 @@ notrace unsigned long interrupt_exit_kernel_prepare(struct pt_regs *regs, unsign
>>   	unsigned long flags;
>>   	unsigned long ret = 0;
>>   #ifdef CONFIG_PPC64
>> -	unsigned long amr;
>> +	unsigned long kuap;
>>   #endif
>>   
>>   	if (!IS_ENABLED(CONFIG_BOOKE) && !IS_ENABLED(CONFIG_40x) &&
>> @@ -467,7 +467,7 @@ notrace unsigned long interrupt_exit_kernel_prepare(struct pt_regs *regs, unsign
>>   		CT_WARN_ON(ct_state() == CONTEXT_USER);
>>   
>>   #ifdef CONFIG_PPC64
>> -	amr = kuap_get_and_check_amr();
>> +	kuap = kuap_get_and_check();
>>   #endif
>>   
>>   	if (unlikely(current_thread_info()->flags & _TIF_EMULATE_STACK_STORE)) {
>> @@ -511,7 +511,7 @@ notrace unsigned long interrupt_exit_kernel_prepare(struct pt_regs *regs, unsign
>>   	 * value from the check above.
>>   	 */
>>   #ifdef CONFIG_PPC64
>> -	kuap_kernel_restore(regs, amr);
>> +	kuap_kernel_restore(regs, kuap);
>>   #endif
>>   
>>   	return ret;
>> diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c
>> index d71fd10a1dd4..3b18d2b2c702 100644
>> --- a/arch/powerpc/kernel/irq.c
>> +++ b/arch/powerpc/kernel/irq.c
>> @@ -282,7 +282,7 @@ static inline void replay_soft_interrupts_irqrestore(void)
>>   	 * and re-locking AMR but we shouldn't get here in the first place,
>>   	 * hence the warning.
>>   	 */
>> -	kuap_check_amr();
>> +	kuap_check();
>>   
>>   	if (kuap_state != AMR_KUAP_BLOCKED)
>>   		set_kuap(AMR_KUAP_BLOCKED);
>> -- 
>> 2.25.0
>>
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ