From patchwork Fri Oct 27 18:08:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joey Gouly X-Patchwork-Id: 13438783 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E118BC25B72 for ; Fri, 27 Oct 2023 18:09:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7BF6B6B03DC; Fri, 27 Oct 2023 14:09:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 722AF6B03E2; Fri, 27 Oct 2023 14:09:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 526A56B03E3; Fri, 27 Oct 2023 14:09:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 43AE56B03DC for ; Fri, 27 Oct 2023 14:09:36 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 21E81140DC7 for ; Fri, 27 Oct 2023 18:09:36 +0000 (UTC) X-FDA: 81392029152.02.097E12C Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by imf10.hostedemail.com (Postfix) with ESMTP id 3FBAAC001C for ; Fri, 27 Oct 2023 18:09:34 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=none; spf=pass (imf10.hostedemail.com: domain of joey.gouly@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=joey.gouly@arm.com; dmarc=pass (policy=none) header.from=arm.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1698430174; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vuo8v3KQZZ5G1lau5frEUe3G2s31MxiHqO0eolb8Zpc=; b=u4fCNaih/CUvZa2ThsZivsh3Cy6gPigMGGfLBL02i8k5OpBoB4ydeJafX4rGPHh+wiVD9W AcfoO05F1gCtNn+11ttEYqBoPGvhhuCnhxCw6bESfc/UsaoY7GT+LKjyBmRDMO2DnNXNqh 69Q7dptSB9VlGEfZ56KXGYa0oU78BoE= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1698430174; a=rsa-sha256; cv=none; b=L4oFFYAydtHdA6R2slU5QAmwKKMokyLS4n/XjxJhLRNYbKZKB+gKqfWIeHhVLPTmwFpAkh 5xhY4b3WVNljNEcW38+oaQ3bBzv9gRNEPO2KLjY1ciX6Z9I2d1nAo7FeBK89jI8PmrZIez 7XIE/1/B6SW4d471v+IBz1BgJNED014= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=none; spf=pass (imf10.hostedemail.com: domain of joey.gouly@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=joey.gouly@arm.com; dmarc=pass (policy=none) header.from=arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 173A4143D; Fri, 27 Oct 2023 11:10:15 -0700 (PDT) Received: from e124191.cambridge.arm.com (e124191.cambridge.arm.com [10.1.197.45]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 48ED73F64C; Fri, 27 Oct 2023 11:09:31 -0700 (PDT) From: Joey Gouly To: linux-arm-kernel@lists.infradead.org Cc: akpm@linux-foundation.org, aneesh.kumar@linux.ibm.com, broonie@kernel.org, catalin.marinas@arm.com, dave.hansen@linux.intel.com, joey.gouly@arm.com, maz@kernel.org, oliver.upton@linux.dev, shuah@kernel.org, will@kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, James Morse , Suzuki K Poulose , Zenghui Yu Subject: [PATCH v2 12/24] arm64: handle PKEY/POE faults Date: Fri, 27 Oct 2023 19:08:38 +0100 Message-Id: <20231027180850.1068089-13-joey.gouly@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231027180850.1068089-1-joey.gouly@arm.com> References: <20231027180850.1068089-1-joey.gouly@arm.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 3FBAAC001C X-Rspam-User: X-Stat-Signature: zqug9g6eh1dm15mm9uu6opts5tmbsc67 X-Rspamd-Server: rspam03 X-HE-Tag: 1698430174-203109 X-HE-Meta: U2FsdGVkX1/IWXXyP8bqmo9j1GDy5ew04rrdZrndVhwdCJePmPOLSlgEOsXE0Z+sEBixH3QjUM8rDVfMKvtx57QP2ZyTpTGce/1Gv4MQy3D21tLP7r6FyzLdPwAlis3maiSWW9SYT9QDWKSUgeeFcEi1LqGYZjoesBYhxxzGg1BH5N1zEtVydaG6KQRg75FgGhgIUCULFyfRC8IXnkAOjYBCnNBkAxfAOK2gWu2BgUlVFUPefwfE4bA9WVVsXV7EPtnD3vzbD/tfhSkI7RlVlWBDxQ0O730hErxo3x0mjSO8ZijXrwKRGdifgmhMSLasUzhLm7u0DbLh0QgVqrgp7MqbITGVdgw7arCQH4JvdbF9e+N1vmFDGdoxY65LT6WlLXk5ifrEVZkb2r+XNsTQDc9xnrbEasSLGKeqvcD7upa6mASMjNFrhedeoDvGMDDIqKewDHoD3Cjsf1L3+7ml6SMpfZoGSZMZJtZ1hS9PKtrxlx+7MolwDQiSKy2dsBtdl7VNmtw6PaPC7NgGrvAsIx1GxaGw7MUL3pmoFC1XG3WtSzdT2FaPo3hhDQo1MtX2Cagmm67N2j/L1MVQATvaD767aC6/dFxsjwEp9052uojJUh04DPZz5QyjTJLIHz9SJwXIHfZt3JDA1iqJ9vRffx/pohqKnTKXYDbfHOcnNthWPXsA1HXW7ZGzzdGLPrrp+dG3sn+x67o1z/A/v+5OSdC6pJQVJ7I/34h5EoZ1Tckje5sPKnJK/ZBEKqMz04c4odrHxh39v8GOaPhSSNEe4XJQGJ9TweRa6ZkvGeRFhkjqPuxRWEsNLakeLHmQaM50kLWKQ5KeSVGvBWyIkmVKcfhHoik9ebWxLYklXVxJrYy8HuNo2eWwTJXK1/DCoJFrBO+VYsRtDS9vmkNQ1sqHFIQ2TjAMCmexaDokbAOO7do6aYQHRwZ4nvJCA2XFRoRWLu9Oe7e9Tl8ljTOqMoU /6Aqffjd D33DzxUFEBq0J/ZpPgwbQ6rSqdTk+RKYJCxIQM3+tOQjfHIM3Ji6HL4SBLUUw9OrA543PVWbP425rB/aBIo+ezXrSkEbRDlzyx+P6NHVBbIyq/AB92oJ721DHqIf3CDHhEaqlpnnXOqQNU07koX6P6IOHTLQLBeGR29frTwrDwvKhnFFUUTtdozwzblwSFHacnv5fY9QSwUqijWdYvFVIHLCcIbLA3bGgUHjQ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: If a memory fault occurs that is due to an overlay/pkey fault, report that to userspace with a SEGV_PKUERR. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon --- arch/arm64/include/asm/traps.h | 1 + arch/arm64/kernel/traps.c | 12 ++++++++-- arch/arm64/mm/fault.c | 44 +++++++++++++++++++++++++++++++--- 3 files changed, 52 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/traps.h b/arch/arm64/include/asm/traps.h index d66dfb3a72dd..dae51eccfc19 100644 --- a/arch/arm64/include/asm/traps.h +++ b/arch/arm64/include/asm/traps.h @@ -26,6 +26,7 @@ try_emulate_armv8_deprecated(struct pt_regs *regs, u32 insn) void force_signal_inject(int signal, int code, unsigned long address, unsigned long err); void arm64_notify_segfault(unsigned long addr); void arm64_force_sig_fault(int signo, int code, unsigned long far, const char *str); +void arm64_force_sig_fault_pkey(int signo, int code, unsigned long far, const char *str, int pkey); void arm64_force_sig_mceerr(int code, unsigned long far, short lsb, const char *str); void arm64_force_sig_ptrace_errno_trap(int errno, unsigned long far, const char *str); diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c index 8b70759cdbb9..b68682c284a2 100644 --- a/arch/arm64/kernel/traps.c +++ b/arch/arm64/kernel/traps.c @@ -263,16 +263,24 @@ static void arm64_show_signal(int signo, const char *str) __show_regs(regs); } -void arm64_force_sig_fault(int signo, int code, unsigned long far, - const char *str) +void arm64_force_sig_fault_pkey(int signo, int code, unsigned long far, + const char *str, int pkey) { arm64_show_signal(signo, str); if (signo == SIGKILL) force_sig(SIGKILL); + else if (code == SEGV_PKUERR) + force_sig_pkuerr((void __user *)far, pkey); else force_sig_fault(signo, code, (void __user *)far); } +void arm64_force_sig_fault(int signo, int code, unsigned long far, + const char *str) +{ + arm64_force_sig_fault_pkey(signo, code, far, str, 0); +} + void arm64_force_sig_mceerr(int code, unsigned long far, short lsb, const char *str) { diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 2e5d1e238af9..655dd80f0ec0 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -497,6 +498,23 @@ static void do_bad_area(unsigned long far, unsigned long esr, #define VM_FAULT_BADMAP ((__force vm_fault_t)0x010000) #define VM_FAULT_BADACCESS ((__force vm_fault_t)0x020000) +static bool fault_from_pkey(unsigned long esr, struct vm_area_struct *vma, + unsigned int mm_flags) +{ + unsigned long iss2 = ESR_ELx_ISS2(esr); + + if (!arch_pkeys_enabled()) + return false; + + if (iss2 & ESR_ELx_Overlay) + return true; + + return !arch_vma_access_permitted(vma, + mm_flags & FAULT_FLAG_WRITE, + mm_flags & FAULT_FLAG_INSTRUCTION, + mm_flags & FAULT_FLAG_REMOTE); +} + static vm_fault_t __do_page_fault(struct mm_struct *mm, struct vm_area_struct *vma, unsigned long addr, unsigned int mm_flags, unsigned long vm_flags, @@ -688,9 +706,29 @@ static int __kprobes do_page_fault(unsigned long far, unsigned long esr, * Something tried to access memory that isn't in our memory * map. */ - arm64_force_sig_fault(SIGSEGV, - fault == VM_FAULT_BADACCESS ? SEGV_ACCERR : SEGV_MAPERR, - far, inf->name); + int fault_kind; + /* + * The pkey value that we return to userspace can be different + * from the pkey that caused the fault. + * + * 1. T1 : mprotect_key(foo, PAGE_SIZE, pkey=4); + * 2. T1 : set AMR to deny access to pkey=4, touches, page + * 3. T1 : faults... + * 4. T2: mprotect_key(foo, PAGE_SIZE, pkey=5); + * 5. T1 : enters fault handler, takes mmap_lock, etc... + * 6. T1 : reaches here, sees vma_pkey(vma)=5, when we really + * faulted on a pte with its pkey=4. + */ + int pkey = vma_pkey(vma); + + if (fault_from_pkey(esr, vma, mm_flags)) + fault_kind = SEGV_PKUERR; + else + fault_kind = fault == VM_FAULT_BADACCESS ? SEGV_ACCERR : SEGV_MAPERR; + + arm64_force_sig_fault_pkey(SIGSEGV, + fault_kind, + far, inf->name, pkey); } return 0;