From patchwork Fri Sep 11 12:40:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 11770479 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BD296618 for ; Fri, 11 Sep 2020 12:43:17 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 6BD58221F1 for ; Fri, 11 Sep 2020 12:43:17 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6BD58221F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 420548E0005; Fri, 11 Sep 2020 08:43:16 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3CFC68E0001; Fri, 11 Sep 2020 08:43:16 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2C43E8E0005; Fri, 11 Sep 2020 08:43:16 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0023.hostedemail.com [216.40.44.23]) by kanga.kvack.org (Postfix) with ESMTP id 16C998E0001 for ; Fri, 11 Sep 2020 08:43:16 -0400 (EDT) Received: from smtpin17.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id C6F6D3633 for ; Fri, 11 Sep 2020 12:43:15 +0000 (UTC) X-FDA: 77250745950.17.fly10_4916cd3270ee Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin17.hostedemail.com (Postfix) with ESMTP id 4CE91180D01B8 for ; Fri, 11 Sep 2020 12:43:06 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,jarkko.sakkinen@linux.intel.com,,RULES_HIT:30003:30054:30055:30064:30069,0,RBL:192.55.52.151:@linux.intel.com:.lbl8.mailshell.net-62.18.0.100 64.95.201.95;04yg6kf46xx1ter7c1b73wc3ct67tope4e5j1ri1yt3bir5hiff9zmuhqiswxcj.k3cj4kxm3ofxrf5jhapcckfktb8yrgj6otsrgi7esfeygwrm9tp1tukchc877xk.c-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:fn,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:25,LUA_SUMMARY:none X-HE-Tag: fly10_4916cd3270ee X-Filterd-Recvd-Size: 4762 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by imf05.hostedemail.com (Postfix) with ESMTP for ; Fri, 11 Sep 2020 12:43:05 +0000 (UTC) IronPort-SDR: cyKk8p33F0A+X8e/K0EtpcaF042nj94zxsfs00qZSkEcvXj/qqP/v3KhnFCSxWUmyJkFFvu3T4 2YcKkkyeex9w== X-IronPort-AV: E=McAfee;i="6000,8403,9740"; a="138764024" X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; d="scan'208";a="138764024" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:43:04 -0700 IronPort-SDR: d+TeafHBgR1STvqVpyaRd27PRY299APENW05+xReP5apRqhUKapR7+BlqDQFcEzrAtH7nMGmb7 rToihZZFUL7Q== X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; d="scan'208";a="408148239" Received: from amaksymi-mobl.ger.corp.intel.com (HELO localhost) ([10.252.60.247]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:42:52 -0700 From: Jarkko Sakkinen To: x86@kernel.org, linux-sgx@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Sean Christopherson , linux-mm@kvack.org, Andrew Morton , Matthew Wilcox , Jethro Beekman , Darren Kenny , Jarkko Sakkinen , andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, luto@kernel.org, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com Subject: [PATCH v37 10/24] mm: Add vm_ops->mprotect() Date: Fri, 11 Sep 2020 15:40:05 +0300 Message-Id: <20200911124019.42178-11-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com> References: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 4CE91180D01B8 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam05 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Sean Christopherson Add vm_ops()->mprotect() for additional constraints for a VMA. Intel Software Guard eXtensions (SGX) will use this callback to add two constraints: 1. Verify that the address range does not have holes: each page address must be filled with an enclave page. 2. Verify that VMA permissions won't surpass the permissions of any enclave page within the address range. Enclave cryptographically sealed permissions for each page address that set the upper limit for possible VMA permissions. Not respecting this can cause #GP's to be emitted. Cc: linux-mm@kvack.org Cc: Andrew Morton Cc: Matthew Wilcox Acked-by: Jethro Beekman Reviewed-by: Darren Kenny Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- include/linux/mm.h | 3 +++ mm/mprotect.c | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index 97c83773b6f0..717726fcace6 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -547,6 +547,9 @@ struct vm_operations_struct { void (*close)(struct vm_area_struct * area); int (*split)(struct vm_area_struct * area, unsigned long addr); int (*mremap)(struct vm_area_struct * area); + int (*mprotect)(struct vm_area_struct *vma, + struct vm_area_struct **pprev, unsigned long start, + unsigned long end, unsigned long newflags); vm_fault_t (*fault)(struct vm_fault *vmf); vm_fault_t (*huge_fault)(struct vm_fault *vmf, enum page_entry_size pe_size); diff --git a/mm/mprotect.c b/mm/mprotect.c index ce8b8a5eacbb..f170f3da8a4f 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -610,7 +610,10 @@ static int do_mprotect_pkey(unsigned long start, size_t len, tmp = vma->vm_end; if (tmp > end) tmp = end; - error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); + if (vma->vm_ops && vma->vm_ops->mprotect) + error = vma->vm_ops->mprotect(vma, &prev, nstart, tmp, newflags); + else + error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); if (error) goto out; nstart = tmp;