lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220419170649.1022246-45-ira.weiny@intel.com>
Date:   Tue, 19 Apr 2022 10:06:49 -0700
From:   ira.weiny@...el.com
To:     Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Dan Williams <dan.j.williams@...el.com>
Cc:     Ira Weiny <ira.weiny@...el.com>, Fenghua Yu <fenghua.yu@...el.com>,
        Rick Edgecombe <rick.p.edgecombe@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        linux-kernel@...r.kernel.org
Subject: [PATCH V10 44/44] mm/pkeys: PKS testing, add test for all keys

From: Ira Weiny <ira.weiny@...el.com>

To help test hardware and qemu it is necessary to be able to run through
all the available pkeys and run the access checks.  However, running
this test will conflict with normal PKS consumers.

Make a test, which is mutually exclusive from all other PKS consumers,
that loops through all the pkeys and tests the various access modes.

Update the documentation.

Signed-off-by: Ira Weiny <ira.weiny@...el.com>

---
Changes for V9
	Update commit message
	Create ENABLE_PKS_CONSUMER Kconfig to make this test mutually
		exclusive with any other pks consumer

Changes for V8
	Split this off from the large testing patch
	Remove debugging version
---
 Documentation/core-api/protection-keys.rst | 12 +++----
 arch/x86/mm/pkeys.c                        | 10 ++++++
 include/linux/pks-keys.h                   |  5 +++
 lib/Kconfig.debug                          | 21 +++++++++++
 lib/pks/pks_test.c                         | 41 +++++++++++++++++++++-
 mm/Kconfig                                 |  9 +++++
 tools/testing/selftests/x86/test_pks.c     |  5 ++-
 7 files changed, 95 insertions(+), 8 deletions(-)

diff --git a/Documentation/core-api/protection-keys.rst b/Documentation/core-api/protection-keys.rst
index d492ec194e2a..36621cbc2cc6 100644
--- a/Documentation/core-api/protection-keys.rst
+++ b/Documentation/core-api/protection-keys.rst
@@ -117,20 +117,20 @@ Kconfig
 -------
 
 Kernel users intending to use PKS support should depend on
-ARCH_HAS_SUPERVISOR_PKEYS, and select ARCH_ENABLE_SUPERVISOR_PKEYS to turn on
-this support within the core.  For example:
+ARCH_HAS_SUPERVISOR_PKEYS, and select ARCH_ENABLE_PKS_CONSUMER to turn on this
+support within the core.  For example:
 
 .. code-block:: c
 
         config MY_NEW_FEATURE
                 depends on ARCH_HAS_SUPERVISOR_PKEYS
-                select ARCH_ENABLE_SUPERVISOR_PKEYS
+                select ARCH_ENABLE_PKS_CONSUMER
 
 This will make "MY_NEW_FEATURE" unavailable unless the architecture sets
 ARCH_HAS_SUPERVISOR_PKEYS.  It also makes it possible for multiple independent
-features to "select ARCH_ENABLE_SUPERVISOR_PKEYS".  If no features enable PKS
-by selecting ARCH_ENABLE_SUPERVISOR_PKEYS, PKS support will not be compiled
-into the kernel.
+features to "select ARCH_ENABLE_PKS_CONSUMER".  If no features enable PKS by
+selecting ARCH_ENABLE_PKS_CONSUMER, PKS support will not be compiled into the
+kernel.
 
 PKS Key Allocation
 ------------------
diff --git a/arch/x86/mm/pkeys.c b/arch/x86/mm/pkeys.c
index ee5eff6bdbf3..74ba51b9853b 100644
--- a/arch/x86/mm/pkeys.c
+++ b/arch/x86/mm/pkeys.c
@@ -244,6 +244,8 @@ __static_or_pks_test DEFINE_PER_CPU(u32, pkrs_cache);
  *	#endif
  *	};
  */
+#ifndef CONFIG_PKS_TEST_ALL_KEYS
+
 static const pks_key_callback pks_key_callbacks[PKS_KEY_MAX] = {
 #ifdef CONFIG_DEVMAP_ACCESS_PROTECTION
 	[PKS_KEY_PGMAP_PROTECTION]   = pgmap_pks_fault_callback,
@@ -253,6 +255,14 @@ static const pks_key_callback pks_key_callbacks[PKS_KEY_MAX] = {
 #endif
 };
 
+#else /* CONFIG_PKS_TEST_ALL_KEYS */
+
+static const pks_key_callback pks_key_callbacks[PKS_KEY_MAX] = {
+	[1 ... (PKS_KEY_MAX-1)]	= pks_test_fault_callback,
+};
+
+#endif
+
 static bool pks_call_fault_callback(struct pt_regs *regs, unsigned long address,
 				    bool write, u16 key)
 {
diff --git a/include/linux/pks-keys.h b/include/linux/pks-keys.h
index 380bc999cbe3..aef1cb3c0f7f 100644
--- a/include/linux/pks-keys.h
+++ b/include/linux/pks-keys.h
@@ -66,6 +66,11 @@
 					    CONFIG_PKS_TEST)
 #define PKS_KEY_MAX		PKS_NEW_KEY(PKS_KEY_TEST, 1)
 
+#ifdef CONFIG_PKS_TEST_ALL_KEYS
+#undef PKS_KEY_MAX
+#define PKS_KEY_MAX PKS_NUM_PKEYS
+#endif
+
 /* PKS_KEY_DEFAULT_INIT must be RW */
 #define PKS_KEY_DEFAULT_INIT	PKS_DECLARE_INIT_VALUE(PKS_KEY_DEFAULT, RW, 1)
 #define PKS_KEY_PGMAP_INIT	PKS_DECLARE_INIT_VALUE(PKS_KEY_PGMAP_PROTECTION, \
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 7ac43b78c7bb..57a76c096ea7 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -2758,6 +2758,12 @@ config HYPERV_TESTING
 	help
 	  Select this option to enable Hyper-V vmbus testing.
 
+# PKS_TEST is a special PKS consumer and therefore sets
+# ARCH_ENABLE_SUPERVISOR_PKEYS directly rather than through
+# ARCH_ENABLE_PKS_CONSUMER
+#
+# This allows PKS_TEST_ALL_KEYS to remain mutially exclusive to any real PKS
+# consumer
 config PKS_TEST
 	bool "PKey (S)upervisor testing"
 	depends on ARCH_HAS_SUPERVISOR_PKEYS
@@ -2770,6 +2776,21 @@ config PKS_TEST
 
 	  If unsure, say N.
 
+config PKS_TEST_ALL_KEYS
+	bool "PKS test all keys"
+	depends on (PKS_TEST && !ARCH_ENABLE_PKS_CONSUMER)
+	help
+	  Select this option to enable testing of all the PKS keys available in
+	  the architecture.  This option is mutually exclusive with PKS
+	  consumers other than PKS_TEST.  This is because it will consume all
+	  PKS keys for testing purposes.
+
+	  Answer N if you don't know what supervisor keys are or want to have
+	  supervisor keys available for other consumers.
+
+	  If unsure, say N.
+
+
 endmenu # "Kernel Testing and Coverage"
 
 source "Documentation/Kconfig"
diff --git a/lib/pks/pks_test.c b/lib/pks/pks_test.c
index a9cd2a49abfa..e38a487c7065 100644
--- a/lib/pks/pks_test.c
+++ b/lib/pks/pks_test.c
@@ -50,12 +50,12 @@
 #define CHECK_CTX_SWITCH	3
 #define RUN_EXCEPTION		4
 #define RUN_EXCEPTION_UPDATE	5
+#define RUN_ALL_KEYS		6
 #define RUN_CRASH_TEST		9
 
 DECLARE_PER_CPU(u32, pkrs_cache);
 
 static struct dentry *pks_test_dentry;
-
 DEFINE_MUTEX(test_run_lock);
 
 struct pks_test_ctx {
@@ -439,6 +439,39 @@ static bool run_exception_test(struct pks_session_data *sd)
 	return pass;
 }
 
+#ifdef CONFIG_PKS_TEST_ALL_KEYS
+
+static bool run_all_keys(void)
+{
+	struct pks_test_ctx *ctx[PKS_NUM_PKEYS];
+	static char name[PKS_NUM_PKEYS][64];
+	int i;
+	bool rc = true;
+
+	for (i = 1; i < PKS_NUM_PKEYS; i++) {
+		sprintf(name[i], "pks ctx %d", i);
+		ctx[i] = alloc_ctx(i);
+	}
+
+	for (i = 1; i < PKS_NUM_PKEYS; i++) {
+		pr_debug("Running pkey '%d'\n", i);
+		if (!IS_ERR(ctx[i])) {
+			/* sticky fail */
+			if (!test_ctx(ctx[i]))
+				rc = false;
+		}
+	}
+
+	for (i = 1; i < PKS_NUM_PKEYS; i++) {
+		if (!IS_ERR(ctx[i]))
+			free_ctx(ctx[i]);
+	}
+
+	return rc;
+}
+
+#endif
+
 static void crash_it(struct pks_session_data *sd)
 {
 	struct pks_test_ctx *ctx;
@@ -644,6 +677,12 @@ static ssize_t pks_write_file(struct file *file, const char __user *user_buf,
 		pr_debug("Fault clear test\n");
 		sd->last_test_pass = run_exception_update(file->private_data);
 		break;
+#ifdef CONFIG_PKS_TEST_ALL_KEYS
+	case RUN_ALL_KEYS:
+		pr_debug("Run all\n");
+		sd->last_test_pass = run_all_keys();
+		goto unlock_test;
+#endif
 	default:
 		pr_debug("Unknown test\n");
 		sd->last_test_pass = false;
diff --git a/mm/Kconfig b/mm/Kconfig
index 616baee3f62d..a25217f2729d 100644
--- a/mm/Kconfig
+++ b/mm/Kconfig
@@ -842,6 +842,15 @@ config ARCH_HAS_PKEYS
 	bool
 config ARCH_HAS_SUPERVISOR_PKEYS
 	bool
+
+config ARCH_ENABLE_PKS_CONSUMER
+	select ARCH_ENABLE_SUPERVISOR_PKEYS
+	bool
+
+# WARNING Do not set ARCH_ENABLE_SUPERVISOR_PKEYS directly use
+# ARCH_ENABLE_PKS_CONSUMER instead.
+#
+# See the PKey (S)upervisor testing (PKS_TEST) config option for details.
 config ARCH_ENABLE_SUPERVISOR_PKEYS
 	bool
 
diff --git a/tools/testing/selftests/x86/test_pks.c b/tools/testing/selftests/x86/test_pks.c
index 194c9dd9a211..8ffe4596de1f 100644
--- a/tools/testing/selftests/x86/test_pks.c
+++ b/tools/testing/selftests/x86/test_pks.c
@@ -37,6 +37,7 @@
 #define CHECK_CTX_SWITCH	"3"
 #define RUN_EXCEPTION		"4"
 #define RUN_EXCEPTION_UPDATE	"5"
+#define RUN_ALL_KEYS		"6"
 #define RUN_CRASH_TEST		"9"
 
 time_t g_start_time;
@@ -65,6 +66,7 @@ enum {
 	TEST_CTX_SWITCH,
 	TEST_EXCEPTION,
 	TEST_FAULT_CALLBACK,
+	TEST_ALL,
 	MAX_TESTS,
 } tests;
 
@@ -80,7 +82,8 @@ struct test_item {
 	{ "single", RUN_SINGLE, do_simple_test },
 	{ "context_switch", ARM_CTX_SWITCH, do_context_switch },
 	{ "exception", RUN_EXCEPTION, do_simple_test },
-	{ "exception_update", RUN_EXCEPTION_UPDATE, do_simple_test }
+	{ "exception_update", RUN_EXCEPTION_UPDATE, do_simple_test },
+	{ "run_all", RUN_ALL_KEYS, do_simple_test }
 };
 
 static char *get_test_name(int test_num)
-- 
2.35.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ