| Message ID | 20200217083223.2011-3-zong.li@sifive.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Support strict kernel memory permissions for security | expand |
On Mon, 17 Feb 2020 00:32:17 PST (-0800), zong.li@sifive.com wrote: > Add set_direct_map_*() functions for setting the direct map alias for > the page to its default permissions and to an invalid state that cannot > be cached in a TLB. (See d253ca0c ("x86/mm/cpa: Add set_direct_map_*() > functions")) Add a similar implementation for RISC-V. > > Signed-off-by: Zong Li <zong.li@sifive.com> > --- > arch/riscv/Kconfig | 1 + > arch/riscv/include/asm/set_memory.h | 3 +++ > arch/riscv/mm/pageattr.c | 24 ++++++++++++++++++++++++ > 3 files changed, 28 insertions(+) > > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig > index 76ed36543b3a..07bf1a7c0dd2 100644 > --- a/arch/riscv/Kconfig > +++ b/arch/riscv/Kconfig > @@ -60,6 +60,7 @@ config RISCV > select HAVE_EBPF_JIT if 64BIT > select EDAC_SUPPORT > select ARCH_HAS_GIGANTIC_PAGE > + select ARCH_HAS_SET_DIRECT_MAP > select ARCH_HAS_SET_MEMORY > select ARCH_WANT_HUGE_PMD_SHARE if 64BIT > select SPARSEMEM_STATIC if 32BIT > diff --git a/arch/riscv/include/asm/set_memory.h b/arch/riscv/include/asm/set_memory.h > index 936f08063566..a9783a878dca 100644 > --- a/arch/riscv/include/asm/set_memory.h > +++ b/arch/riscv/include/asm/set_memory.h > @@ -14,4 +14,7 @@ int set_memory_rw(unsigned long addr, int numpages); > int set_memory_x(unsigned long addr, int numpages); > int set_memory_nx(unsigned long addr, int numpages); > > +int set_direct_map_invalid_noflush(struct page *page); > +int set_direct_map_default_noflush(struct page *page); > + > #endif /* _ASM_RISCV_SET_MEMORY_H */ > diff --git a/arch/riscv/mm/pageattr.c b/arch/riscv/mm/pageattr.c > index fcd59ef2835b..7be6cd67e2ef 100644 > --- a/arch/riscv/mm/pageattr.c > +++ b/arch/riscv/mm/pageattr.c > @@ -148,3 +148,27 @@ int set_memory_nx(unsigned long addr, int numpages) > { > return __set_memory(addr, numpages, __pgprot(0), __pgprot(_PAGE_EXEC)); > } > + > +int set_direct_map_invalid_noflush(struct page *page) > +{ > + unsigned long start = (unsigned long)page_address(page); > + unsigned long end = start + PAGE_SIZE; > + struct pageattr_masks masks = { > + .set_mask = __pgprot(0), > + .clear_mask = __pgprot(_PAGE_PRESENT) > + }; > + > + return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks); > +} > + > +int set_direct_map_default_noflush(struct page *page) > +{ > + unsigned long start = (unsigned long)page_address(page); > + unsigned long end = start + PAGE_SIZE; > + struct pageattr_masks masks = { > + .set_mask = PAGE_KERNEL, > + .clear_mask = __pgprot(0) > + }; > + > + return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks); > +} Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index 76ed36543b3a..07bf1a7c0dd2 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -60,6 +60,7 @@ config RISCV select HAVE_EBPF_JIT if 64BIT select EDAC_SUPPORT select ARCH_HAS_GIGANTIC_PAGE + select ARCH_HAS_SET_DIRECT_MAP select ARCH_HAS_SET_MEMORY select ARCH_WANT_HUGE_PMD_SHARE if 64BIT select SPARSEMEM_STATIC if 32BIT diff --git a/arch/riscv/include/asm/set_memory.h b/arch/riscv/include/asm/set_memory.h index 936f08063566..a9783a878dca 100644 --- a/arch/riscv/include/asm/set_memory.h +++ b/arch/riscv/include/asm/set_memory.h @@ -14,4 +14,7 @@ int set_memory_rw(unsigned long addr, int numpages); int set_memory_x(unsigned long addr, int numpages); int set_memory_nx(unsigned long addr, int numpages); +int set_direct_map_invalid_noflush(struct page *page); +int set_direct_map_default_noflush(struct page *page); + #endif /* _ASM_RISCV_SET_MEMORY_H */ diff --git a/arch/riscv/mm/pageattr.c b/arch/riscv/mm/pageattr.c index fcd59ef2835b..7be6cd67e2ef 100644 --- a/arch/riscv/mm/pageattr.c +++ b/arch/riscv/mm/pageattr.c @@ -148,3 +148,27 @@ int set_memory_nx(unsigned long addr, int numpages) { return __set_memory(addr, numpages, __pgprot(0), __pgprot(_PAGE_EXEC)); } + +int set_direct_map_invalid_noflush(struct page *page) +{ + unsigned long start = (unsigned long)page_address(page); + unsigned long end = start + PAGE_SIZE; + struct pageattr_masks masks = { + .set_mask = __pgprot(0), + .clear_mask = __pgprot(_PAGE_PRESENT) + }; + + return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks); +} + +int set_direct_map_default_noflush(struct page *page) +{ + unsigned long start = (unsigned long)page_address(page); + unsigned long end = start + PAGE_SIZE; + struct pageattr_masks masks = { + .set_mask = PAGE_KERNEL, + .clear_mask = __pgprot(0) + }; + + return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks); +}
Add set_direct_map_*() functions for setting the direct map alias for the page to its default permissions and to an invalid state that cannot be cached in a TLB. (See d253ca0c ("x86/mm/cpa: Add set_direct_map_*() functions")) Add a similar implementation for RISC-V. Signed-off-by: Zong Li <zong.li@sifive.com> --- arch/riscv/Kconfig | 1 + arch/riscv/include/asm/set_memory.h | 3 +++ arch/riscv/mm/pageattr.c | 24 ++++++++++++++++++++++++ 3 files changed, 28 insertions(+)