[v4,20/29] arm64: enable POE and PIE to coexist

Message ID	20240503130147.1154804-21-joey.gouly@arm.com (mailing list archive)
State	New, archived
Headers	show Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7BE39153835 for <linux-fsdevel@vger.kernel.org>; Fri, 3 May 2024 13:03:02 +0000 (UTC) From: Joey Gouly <joey.gouly@arm.com> To: linux-arm-kernel@lists.infradead.org Cc: akpm@linux-foundation.org, aneesh.kumar@kernel.org, aneesh.kumar@linux.ibm.com, bp@alien8.de, broonie@kernel.org, catalin.marinas@arm.com, christophe.leroy@csgroup.eu, dave.hansen@linux.intel.com, hpa@zytor.com, joey.gouly@arm.com, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linuxppc-dev@lists.ozlabs.org, maz@kernel.org, mingo@redhat.com, mpe@ellerman.id.au, naveen.n.rao@linux.ibm.com, npiggin@gmail.com, oliver.upton@linux.dev, shuah@kernel.org, szabolcs.nagy@arm.com, tglx@linutronix.de, will@kernel.org, x86@kernel.org, kvmarm@lists.linux.dev Subject: [PATCH v4 20/29] arm64: enable POE and PIE to coexist Date: Fri, 3 May 2024 14:01:38 +0100 Message-Id: <20240503130147.1154804-21-joey.gouly@arm.com> In-Reply-To: <20240503130147.1154804-1-joey.gouly@arm.com> References: <20240503130147.1154804-1-joey.gouly@arm.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	arm64: Permission Overlay Extension \| expand [v4,00/29] arm64: Permission Overlay Extension [v4,01/29] powerpc/mm: add ARCH_PKEY_BITS to Kconfig [v4,02/29] x86/mm: add ARCH_PKEY_BITS to Kconfig [v4,03/29] mm: use ARCH_PKEY_BITS to define VM_PKEY_BITN [v4,04/29] arm64: disable trapping of POR_EL0 to EL2 [v4,05/29] arm64: cpufeature: add Permission Overlay Extension cpucap [v4,06/29] arm64: context switch POR_EL0 register [v4,07/29] KVM: arm64: Save/restore POE registers [v4,08/29] KVM: arm64: make kvm_at() take an OP_AT_* [v4,09/29] KVM: arm64: use `at s1e1a` for POE [v4,10/29] arm64: enable the Permission Overlay Extension for EL0 [v4,11/29] arm64: re-order MTE VM_ flags [v4,12/29] arm64: add POIndex defines [v4,13/29] arm64: convert protection key into vm_flags and pgprot values [v4,14/29] arm64: mask out POIndex when modifying a PTE [v4,15/29] arm64: handle PKEY/POE faults [v4,16/29] arm64: add pte_access_permitted_no_overlay() [v4,17/29] arm64: implement PKEYS support [v4,18/29] arm64: add POE signal support [v4,19/29] arm64: enable PKEY support for CPUs with S1POE [v4,20/29] arm64: enable POE and PIE to coexist [v4,21/29] arm64/ptrace: add support for FEAT_POE [v4,22/29] arm64: add Permission Overlay Extension Kconfig [v4,23/29] kselftest/arm64: move get_header() [v4,24/29] selftests: mm: move fpregs printing [v4,25/29] selftests: mm: make protection_keys test work on arm64 [v4,26/29] kselftest/arm64: add HWCAP test for FEAT_S1POE [v4,27/29] kselftest/arm64: parse POE_MAGIC in a signal frame [v4,28/29] kselftest/arm64: Add test case for POR_EL0 signal frame records [v4,29/29] KVM: selftests: get-reg-list: add Permission Overlay registers

Message ID

20240503130147.1154804-21-joey.gouly@arm.com (mailing list archive)

State

New, archived

Headers

From: Joey Gouly <joey.gouly@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: akpm@linux-foundation.org,
	aneesh.kumar@kernel.org,
	aneesh.kumar@linux.ibm.com,
	bp@alien8.de,
	broonie@kernel.org,
	catalin.marinas@arm.com,
	christophe.leroy@csgroup.eu,
	dave.hansen@linux.intel.com,
	hpa@zytor.com,
	joey.gouly@arm.com,
	linux-fsdevel@vger.kernel.org,
	linux-mm@kvack.org,
	linuxppc-dev@lists.ozlabs.org,
	maz@kernel.org,
	mingo@redhat.com,
	mpe@ellerman.id.au,
	naveen.n.rao@linux.ibm.com,
	npiggin@gmail.com,
	oliver.upton@linux.dev,
	shuah@kernel.org,
	szabolcs.nagy@arm.com,
	tglx@linutronix.de,
	will@kernel.org,
	x86@kernel.org,
	kvmarm@lists.linux.dev
Subject: [PATCH v4 20/29] arm64: enable POE and PIE to coexist
Date: Fri,  3 May 2024 14:01:38 +0100
Message-Id: <20240503130147.1154804-21-joey.gouly@arm.com>
In-Reply-To: <20240503130147.1154804-1-joey.gouly@arm.com>
References: <20240503130147.1154804-1-joey.gouly@arm.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

arm64: Permission Overlay Extension | expand

Commit Message

Joey Gouly May 3, 2024, 1:01 p.m. UTC

Set the EL0/userspace indirection encodings to be the overlay enabled
variants of the permissions.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
---
 arch/arm64/include/asm/pgtable-prot.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Comments

Catalin Marinas June 21, 2024, 5:16 p.m. UTC | #1

On Fri, May 03, 2024 at 02:01:38PM +0100, Joey Gouly wrote:
> Set the EL0/userspace indirection encodings to be the overlay enabled
> variants of the permissions.
> 
> Signed-off-by: Joey Gouly <joey.gouly@arm.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>

Anshuman Khandual July 16, 2024, 10:41 a.m. UTC | #2

On 5/3/24 18:31, Joey Gouly wrote:
> Set the EL0/userspace indirection encodings to be the overlay enabled
> variants of the permissions.

Could you please explain the rationale for this ? Should POE variants for
pte permissions be used (when available) instead of permission indirection
ones.

> 
> Signed-off-by: Joey Gouly <joey.gouly@arm.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>
> ---
>  arch/arm64/include/asm/pgtable-prot.h | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h
> index dd9ee67d1d87..4f9f85437d3d 100644
> --- a/arch/arm64/include/asm/pgtable-prot.h
> +++ b/arch/arm64/include/asm/pgtable-prot.h
> @@ -147,10 +147,10 @@ static inline bool __pure lpa2_is_enabled(void)
>  
>  #define PIE_E0	( \
>  	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_X_O) | \
> -	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX)  | \
> -	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX) | \
> -	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R)   | \
> -	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW))
> +	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX_O)  | \
> +	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX_O) | \
> +	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R_O)   | \
> +	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW_O))
>  
>  #define PIE_E1	( \
>  	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_NONE_O) | \

Joey Gouly July 16, 2024, 1:46 p.m. UTC | #3

On Tue, Jul 16, 2024 at 04:11:54PM +0530, Anshuman Khandual wrote:
> 
> 
> On 5/3/24 18:31, Joey Gouly wrote:
> > Set the EL0/userspace indirection encodings to be the overlay enabled
> > variants of the permissions.
> 
> Could you please explain the rationale for this ? Should POE variants for
> pte permissions be used (when available) instead of permission indirection
> ones.

POE and PIE can be enabled independently. When PIE is disabled, the POE is
applied on top of the permissions described in the PTE.
If PIE is enabled, then POE is applied on top of the indirect permissions.
However, the indirect permissions have the ability to control whether POE
actually applies or not. So this change makes POE apply if PIE is enabled or
not.

For example:
	Encoding of POE_EL0
	0001 	Read, Overlay applied
	...
	1000	Read, Overlay not applied. 


I will add something to the commit message.

> 
> > 
> > Signed-off-by: Joey Gouly <joey.gouly@arm.com>
> > Cc: Catalin Marinas <catalin.marinas@arm.com>
> > Cc: Will Deacon <will@kernel.org>
> > ---
> >  arch/arm64/include/asm/pgtable-prot.h | 8 ++++----
> >  1 file changed, 4 insertions(+), 4 deletions(-)
> > 
> > diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h
> > index dd9ee67d1d87..4f9f85437d3d 100644
> > --- a/arch/arm64/include/asm/pgtable-prot.h
> > +++ b/arch/arm64/include/asm/pgtable-prot.h
> > @@ -147,10 +147,10 @@ static inline bool __pure lpa2_is_enabled(void)
> >  
> >  #define PIE_E0	( \
> >  	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_X_O) | \
> > -	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX)  | \
> > -	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX) | \
> > -	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R)   | \
> > -	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW))
> > +	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX_O)  | \
> > +	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX_O) | \
> > +	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R_O)   | \
> > +	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW_O))
> >  
> >  #define PIE_E1	( \
> >  	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_NONE_O) | \
>

diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h
index dd9ee67d1d87..4f9f85437d3d 100644
--- a/arch/arm64/include/asm/pgtable-prot.h
+++ b/arch/arm64/include/asm/pgtable-prot.h
@@ -147,10 +147,10 @@  static inline bool __pure lpa2_is_enabled(void)
 
 #define PIE_E0	( \
 	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_X_O) | \
-	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX)  | \
-	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX) | \
-	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R)   | \
-	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW))
+	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX_O)  | \
+	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC),   PIE_RWX_O) | \
+	PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY),      PIE_R_O)   | \
+	PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED),        PIE_RW_O))
 
 #define PIE_E1	( \
 	PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY),      PIE_NONE_O) | \

[v4,20/29] arm64: enable POE and PIE to coexist

Commit Message

Comments

Patch