Sorry please ignore this series. It was a duplication mistake.
I aborted the send midway, but a few escaped into the cyber.

RP

On Mon, Jan 22, 2018 at 10:26:29AM -0800, Ram Pai wrote:
> Memory protection keys enable applications to protect its
> address space from inadvertent access from or corruption
> by itself.
> 
> These patches along with the pte-bit freeing patch series
> enables the protection key feature on powerpc; 4k and 64k
> hashpage kernels.
> 
> Will send the documentation and selftest patches separately
> 
> All patches can be found at --
> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_rampai_memorykeys.git&d=DwIBAg&c=jf_iaSHvJObTbx-siA1ZOg&r=m-UrKChQVkZtnPpjbF6YY99NbT8FBByQ-E-ygV8luxw&m=Swwnka5M5weiMNnxmx35NOJUSSC3s8iQYEH4hsrCNSw&s=h7BFHYo7gWvagk3xbtcifI_3xFOO1CyWzfOtLBjWLcQ&e=
>  memkey.v10
> 
> 
> The overall idea:
> -----------------
>  A process allocates a key and associates it with
>  an address range within its address space.
>  The process then can dynamically set read/write 
>  permissions on the key without involving the 
>  kernel. Any code that violates the permissions
>  of the address space; as defined by its associated
>  key, will receive a segmentation fault.
> 
> This patch series enables the feature on PPC64 HPTE
> platform.
> 
> ISA3.0 section 5.7.13 describes the detailed
> specifications.
> 
> 
> Highlevel view of the design:
> ---------------------------
> When an application associates a key with a address
> address range, program the key in the Linux PTE.
> When the MMU detects a page fault, allocate a hash
> page and program the key into HPTE. And finally
> when the MMU detects a key violation; due to
> invalid application access, invoke the registered
> signal handler and provide the violated key number.
> 
> 
> Testing:
> -------
> This patch series has passed all the protection key
> tests available in the selftest directory.The
> tests are updated to work on both x86 and powerpc.
> The selftests have passed on x86 and powerpc hardware.
> 
> History:
> -------
> version v10:
>       (1) key-fault in page-fault handler
>               is handled as normal fault
>               and not as a bad fault.
>       (2) changed device tree scanning to 
>               unflattened device tree.
>       (3) fixed a bug in the logic that detected
>               the total number of available pkeys.
>       (4) dropped two patches. (i) sysfs interface
>               (ii) sys_pkey_modif() syscall
> 
> version v9:
>       (1) used jump-labels to optimize code
>               -- Balbir
>       (2) fixed a register initialization bug noted
>               by Balbir
>       (3) fixed inappropriate use of paca to pass
>               siginfo and keys to signal handler
>       (4) Cleanup of comment style not to be right 
>               justified -- mpe
>       (5) restructured the patches to depend on the
>               availability of VM_PKEY_BIT4 in
>               include/linux/mm.h
>       (6) Incorporated comments from Dave Hansen
>               towards changes to selftest and got
>               them tested on x86.
> 
> version v8:
>       (1) Contents of the AMR register withdrawn from
>       the siginfo structure. Applications can always
>       read the AMR register.
>       (2) AMR/IAMR/UAMOR are now available through 
>               ptrace system call. -- thanks to Thiago
>       (3) code changes to handle legacy power cpus
>       that do not support execute-disable.
>       (4) incorporates many code improvement
>               suggestions.
> 
> version v7:
>       (1) refers to device tree property to enable
>               protection keys.
>       (2) adds 4K PTE support.
>       (3) fixes a couple of bugs noticed by Thiago
>       (4) decouples this patch series from arch-
>        independent code. This patch series can
>        now stand by itself, with one kludge
>       patch(2).
> version v7:
>       (1) refers to device tree property to enable
>               protection keys.
>       (2) adds 4K PTE support.
>       (3) fixes a couple of bugs noticed by Thiago
>       (4) decouples this patch series from arch-
>        independent code. This patch series can
>        now stand by itself, with one kludge
>        patch(2).
> 
> version v6:
>       (1) selftest changes are broken down into 20
>               incremental patches.
>       (2) A separate key allocation mask that
>               includes PKEY_DISABLE_EXECUTE is 
>               added for powerpc
>       (3) pkey feature is enabled for 64K HPT case
>               only. RPT and 4k HPT is disabled.
>       (4) Documentation is updated to better 
>               capture the semantics.
>       (5) introduced arch_pkeys_enabled() to find
>               if an arch enables pkeys. Correspond-
>               ing change the logic that displays
>               key value in smaps.
>       (6) code rearranged in many places based on
>               comments from Dave Hansen, Balbir,
>               Anshuman.       
>       (7) fixed one bug where a bogus key could be
>               associated successfully in
>               pkey_mprotect().
> 
> version v5:
>       (1) reverted back to the old design -- store
>        the key in the pte, instead of bypassing
>        it. The v4 design slowed down the hash
>        page path.
>       (2) detects key violation when kernel is told
>               to access user pages.
>       (3) further refined the patches into smaller
>               consumable units
>       (4) page faults handlers captures the fault-
>               ing key 
>        from the pte instead of the vma. This
>        closes a race between where the key 
>        update in the vma and a key fault caused
>        by the key programmed in the pte.
>       (5) a key created with access-denied should
>        also set it up to deny write. Fixed it.
>       (6) protection-key number is displayed in
>               smaps the x86 way.
> 
> version v4:
>       (1) patches no more depend on the pte bits
>               to program the hpte
>                       -- comment by Balbir
>       (2) documentation updates
>       (3) fixed a bug in the selftest.
>       (4) unlike x86, powerpc lets signal handler
>               change key permission bits; the
>               change will persist across signal
>               handler boundaries. Earlier we
>               allowed the signal handler to
>               modify a field in the siginfo
>               structure which would than be used
>               by the kernel to program the key
>               protection register (AMR)
>                -- resolves a issue raised by Ben.
>               "Calls to sys_swapcontext with a
>               made-up context will end up with a
>               crap AMR if done by code who didn't
>               know about that register".
>       (5) these changes enable protection keys on
>               4k-page kernel aswell.
> 
> version v3:
>       (1) split the patches into smaller consumable
>               patches.
>       (2) added the ability to disable execute
>               permission on a key at creation.
>       (3) rename calc_pte_to_hpte_pkey_bits() to
>       pte_to_hpte_pkey_bits()
>               -- suggested by Anshuman
>       (4) some code optimization and clarity in
>               do_page_fault()
>       (5) A bug fix while invalidating a hpte slot
>               in __hash_page_4K()
>               -- noticed by Aneesh
>       
> 
> version v2:
>       (1) documentation and selftest added.
>       (2) fixed a bug in 4k hpte backed 64k pte
>               where page invalidation was not
>               done correctly, and initialization
>               of second-part-of-the-pte was not
>               done correctly if the pte was not
>               yet Hashed with a hpte.
>               --      Reported by Aneesh.
>       (3) Fixed ABI breakage caused in siginfo
>               structure.
>               -- Reported by Anshuman.
>       
> 
> version v1: Initial version
> 
> 
> Ram Pai (26):
>   mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS
>     is enabled
>   mm, powerpc, x86: introduce an additional vma bit for powerpc pkey
>   powerpc: initial pkey plumbing
>   powerpc: track allocation status of all pkeys
>   powerpc: helper function to read,write AMR,IAMR,UAMOR registers
>   powerpc: helper functions to initialize AMR, IAMR and UAMOR registers
>   powerpc: cleanup AMR, IAMR when a key is allocated or freed
>   powerpc: implementation for arch_set_user_pkey_access()
>   powerpc: ability to create execute-disabled pkeys
>   powerpc: store and restore the pkey state across context switches
>   powerpc: introduce execute-only pkey
>   powerpc: ability to associate pkey to a vma
>   powerpc: implementation for arch_override_mprotect_pkey()
>   powerpc: map vma key-protection bits to pte key bits.
>   powerpc: Program HPTE key protection bits
>   powerpc: helper to validate key-access permissions of a pte
>   powerpc: check key protection for user page access
>   powerpc: implementation for arch_vma_access_permitted()
>   powerpc: Handle exceptions caused by pkey violation
>   powerpc: introduce get_mm_addr_key() helper
>   powerpc: Deliver SEGV signal on pkey violation
>   powerpc: Enable pkey subsystem
>   powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
>   powerpc: sys_pkey_mprotect() system call
>   mm, x86 : introduce arch_pkeys_enabled()
>   mm: display pkey in smaps if arch_pkeys_enabled() is true
> 
> Thiago Jung Bauermann (1):
>   powerpc/ptrace: Add memory protection key regset
> 
>  arch/powerpc/Kconfig                          |   15 +
>  arch/powerpc/include/asm/book3s/64/mmu-hash.h |    5 +
>  arch/powerpc/include/asm/book3s/64/mmu.h      |   10 +
>  arch/powerpc/include/asm/book3s/64/pgtable.h  |   48 +++-
>  arch/powerpc/include/asm/bug.h                |    1 +
>  arch/powerpc/include/asm/cputable.h           |   16 +-
>  arch/powerpc/include/asm/mman.h               |   13 +-
>  arch/powerpc/include/asm/mmu.h                |    9 +
>  arch/powerpc/include/asm/mmu_context.h        |   22 ++
>  arch/powerpc/include/asm/pkeys.h              |  229 ++++++++++++
>  arch/powerpc/include/asm/processor.h          |    5 +
>  arch/powerpc/include/asm/reg.h                |    1 -
>  arch/powerpc/include/asm/systbl.h             |    3 +
>  arch/powerpc/include/asm/unistd.h             |    6 +-
>  arch/powerpc/include/uapi/asm/elf.h           |    1 +
>  arch/powerpc/include/uapi/asm/mman.h          |    6 +
>  arch/powerpc/include/uapi/asm/unistd.h        |    3 +
>  arch/powerpc/kernel/exceptions-64s.S          |    2 +-
>  arch/powerpc/kernel/process.c                 |    7 +
>  arch/powerpc/kernel/ptrace.c                  |   66 ++++
>  arch/powerpc/kernel/traps.c                   |   19 +-
>  arch/powerpc/mm/Makefile                      |    1 +
>  arch/powerpc/mm/fault.c                       |   49 +++-
>  arch/powerpc/mm/hash_utils_64.c               |   26 ++
>  arch/powerpc/mm/mmu_context_book3s64.c        |    2 +
>  arch/powerpc/mm/pkeys.c                       |  469 
> +++++++++++++++++++++++++
>  arch/x86/include/asm/pkeys.h                  |    1 +
>  arch/x86/kernel/fpu/xstate.c                  |    5 +
>  arch/x86/kernel/setup.c                       |    8 -
>  fs/proc/task_mmu.c                            |   16 +-
>  include/linux/mm.h                            |   12 +-
>  include/linux/pkeys.h                         |    5 +
>  include/uapi/linux/elf.h                      |    1 +
>  33 files changed, 1040 insertions(+), 42 deletions(-)
>  create mode 100644 arch/powerpc/include/asm/pkeys.h
>  create mode 100644 arch/powerpc/mm/pkeys.c

-- 
Ram Pai

--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to