From patchwork Thu Jul 16 14:25:25 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chun-Yi Lee <joeyli.kernel@gmail.com>
X-Patchwork-Id: 6807481
X-Patchwork-Delegate: rjw@sisk.pl
Return-Path: <linux-pm-owner@kernel.org>
X-Original-To: patchwork-linux-pm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 4062C9F3A0
	for <patchwork-linux-pm@patchwork.kernel.org>;
	Thu, 16 Jul 2015 14:29:03 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 6723E2070C
	for <patchwork-linux-pm@patchwork.kernel.org>;
	Thu, 16 Jul 2015 14:29:02 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 36B1D20720
	for <patchwork-linux-pm@patchwork.kernel.org>;
	Thu, 16 Jul 2015 14:29:01 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1756018AbbGPO2t (ORCPT
	<rfc822;patchwork-linux-pm@patchwork.kernel.org>);
	Thu, 16 Jul 2015 10:28:49 -0400
Received: from mail-pd0-f181.google.com ([209.85.192.181]:36845 "EHLO
	mail-pd0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755887AbbGPO1Q (ORCPT
	<rfc822;linux-pm@vger.kernel.org>); Thu, 16 Jul 2015 10:27:16 -0400
Received: by pdjr16 with SMTP id r16so45402028pdj.3;
	Thu, 16 Jul 2015 07:27:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=oWfZ+OG/+KJ9VfEon3Cr5AWERfwkKnauJhPNnbFe/vk=;
	b=ypSI1BpuJWdRY4z4zRwQL6IPxSbLgZmY/c8eaYce3XdB+nR2NSVs7ddU8gR2ZOyfC6
	GSfHamD6s60y5FI2RG03CplguTI9vdddFKPrfgBvL2rV5iqhyL7nCNDOQkBq8IUcwnDC
	a9awpAyzP0nzXukFn5m0Bhlcuck9yJmV4LDlfH/x9n2xcsaV71Zx3HWLgBQ63hx63Iw0
	9PTlXgZTgzWhMwkYmgdqfQGcP+E5le0FQDyHApQFCZzyfalQKa5jqDNJN2+1P03jfvPc
	PTvkbe1kJ13Z+b/M05TiWThJBUQsXXX4+C5APy/aWZw6aOSTCw/LJnabipH1NMnW2kEJ
	Jx5w==
X-Received: by 10.70.88.226 with SMTP id bj2mr19520546pdb.84.1437056835597;
	Thu, 16 Jul 2015 07:27:15 -0700 (PDT)
Received: from linux-rxt1.site.site ([124.11.22.254])
	by smtp.gmail.com with ESMTPSA id
	r4sm8219910pap.8.2015.07.16.07.27.12
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Thu, 16 Jul 2015 07:27:14 -0700 (PDT)
From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
X-Google-Original-From: "Lee, Chun-Yi" <jlee@suse.com>
To: linux-kernel@vger.kernel.org
Cc: linux-efi@vger.kernel.org, linux-pm@vger.kernel.org,
	"Rafael J. Wysocki" <rjw@sisk.pl>,
	Matthew Garrett <matthew.garrett@nebula.com>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Josh Boyer <jwboyer@redhat.com>, Vojtech Pavlik <vojtech@suse.cz>,
	Matt Fleming <matt.fleming@intel.com>, Jiri Kosina <jkosina@suse.cz>,
	"H. Peter Anvin" <hpa@zytor.com>, "Lee, Chun-Yi" <jlee@suse.com>
Subject: [RFC PATCH 11/16] PM / hibernate: Avoid including swsusp key to
	hibernate image
Date: Thu, 16 Jul 2015 22:25:25 +0800
Message-Id: <1437056730-15247-12-git-send-email-jlee@suse.com>
X-Mailer: git-send-email 1.8.4.5
In-Reply-To: <1437056730-15247-1-git-send-email-jlee@suse.com>
References: <1437056730-15247-1-git-send-email-jlee@suse.com>
Sender: linux-pm-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-pm.vger.kernel.org>
X-Mailing-List: linux-pm@vger.kernel.org
X-Spam-Status: No, score=-8.1 required=5.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD,
	T_DKIM_INVALID,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The HMAC key should only resides in kernel memory space but not leak
to outside. To avoid including swsusp key in hibernate snapshot image,
this patch adds the checking block in the code for asking saveable
pages to make sure the key page should not marked as saveable.

Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
---
 arch/x86/power/hibernate_keys.c | 14 ++++++++++++++
 kernel/power/power.h            |  3 +++
 kernel/power/snapshot.c         |  6 ++++++
 3 files changed, 23 insertions(+)

diff --git a/arch/x86/power/hibernate_keys.c b/arch/x86/power/hibernate_keys.c
index 4a68b86..775c6d8 100644
--- a/arch/x86/power/hibernate_keys.c
+++ b/arch/x86/power/hibernate_keys.c
@@ -48,6 +48,20 @@ int get_swsusp_key(u8 **skey)
 	return swsusp_keys->skey_status;
 }
 
+bool swsusp_page_is_keys(struct page *page)
+{
+	bool ret = false;
+
+	if (!swsusp_keys || swsusp_keys->skey_status)
+		return ret;
+
+	ret = (page_to_pfn(page) == page_to_pfn(virt_to_page(swsusp_keys)));
+	if (ret)
+		pr_info("PM: Avoid snapshot the page of swsusp key.\n");
+
+	return ret;
+}
+
 static int __init init_hibernate_keys(void)
 {
 	struct swsusp_keys *keys;
diff --git a/kernel/power/power.h b/kernel/power/power.h
index 25c541e..a09b21d 100644
--- a/kernel/power/power.h
+++ b/kernel/power/power.h
@@ -19,6 +19,9 @@ struct swsusp_info {
 #ifdef CONFIG_HIBERNATE_VERIFICATION
 /* arch/x86/power/hibernate_keys.c */
 extern int get_swsusp_key(u8 **skey);
+extern bool swsusp_page_is_keys(struct page *page);
+#else
+static inline bool swsusp_page_is_keys(struct page *page) { return false; }
 #endif
 
 /* kernel/power/snapshot.c */
diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c
index af60731..c2bce90 100644
--- a/kernel/power/snapshot.c
+++ b/kernel/power/snapshot.c
@@ -1093,6 +1093,9 @@ static struct page *saveable_highmem_page(struct zone *zone, unsigned long pfn)
 
 	BUG_ON(!PageHighMem(page));
 
+	if (swsusp_page_is_keys(page))
+		return NULL;
+
 	if (swsusp_page_is_forbidden(page) ||  swsusp_page_is_free(page) ||
 	    PageReserved(page))
 		return NULL;
@@ -1155,6 +1158,9 @@ static struct page *saveable_page(struct zone *zone, unsigned long pfn)
 
 	BUG_ON(PageHighMem(page));
 
+	if (swsusp_page_is_keys(page))
+		return NULL;
+
 	if (swsusp_page_is_forbidden(page) || swsusp_page_is_free(page))
 		return NULL;